HRB1684301-12

Device security capabilities

This section describes the security capabilities available with your device.

Information confidentiality

These security capabilities help protect the confidentiality of information through secure protocols that help prevent unauthorized users from reading information in transit.

Physical security

These security capabilities together with perimeter security help prevent unauthorized access to revenue-related parameters and settings or leave clear evidence that the device has been physically tampered with:

  • Physical revenue-lock switch on the meter is used to help prevent unauthorized access to the meter, parameter values and settings.

  • Meter lock status indicators are used to determine if the meter is revenue locked, i.e. LED lock status indicator on device and revenue lock icon on the display.

  • Multiple anti-tamper sealing points are used to help prevent access and leaves evidence of tampering.

See “Revenue locking” for details about physically locking and sealing the device.

Configuration

These security capabilities support the analysis of security events, help protect the device from unauthorized alteration and records configuration changes and user account events:

  • Internal time synchronization.

  • Meter configuration event logging.

  • Timestamps, including date and time, match the meter clock.

  • Internal FTP site to store files in the meter’s flash memory, such as: webpages, COMTRADE records and firmware files.

User accounts

These security capabilities help enforce authorizations assigned to users, segregation of duties and least privilege:

  • User authentication is used to identify and authenticate software processes and devices managing accounts.

  • Least privilege configurable in multiple dimensions: read, peak demand reset, time sync, test mode, meter configuration and security communications configuration.

  • User account lockout with 5 unsuccessful login attempts.

  • Administrators can override user authorizations by deleting their account.

Hardening

These security capabilities help prohibit and restrict the use of unnecessary functions, protocols and/or services:

  • Least functionality can be applied to prohibit and restrict the use of unnecessary functions, protocols and/or services.

  • Port numbers can be changed from default values to lower the predictability of port use.

  • Terminating user account sessions in webages.

QR code for this page

Was this helpful?