OpenADR and Cyber SecurityCheck here for easier access to Digital Certificates for small scale trial and demo deployments. Get Test Certificates for Development and Testing Here Cyber Security is an important component of the Smart Grid. OpenADR works with you to help fulfill our role in ensuring strong Cyber Security in the Smart Grid. In order to fulfill industry security requirements and NIST Cyber Security guidelines, the OpenADR Alliance maintains its own Public Key Infrastructure (PKI). The PKI uses server and client side digital certificates that act as digital keys to ensure only clients and servers communicate with each other and their communication is secure. This means that manufacturers of both OpenADR certified OpenADR Servers (VTN) and OpenADR certified Clients (VEN) need to purchase valid OpenADR-specific digital certificates to authenticate communication links. This provides a strong security mechanism for the transport layer. Common security mechanisms include RSA and ECC algorithms. Another important requirement from the NIST recommendations involves digital certificate management. OpenADR has mechanisms in place that allow the control, authorization, issuance, and revocation of digital certificates in order to maintain control of its PKI and maintain an accounting of the connection between manufacturer <–> client device <–> certificate. The OpenADR Alliance has partnered with two different Registration Authorities (RAs) to provide digital certificates: Eonti (https://eonti.com/openadr) and Kyrio** (https://kyrio.com/openadr/). The following figure provides a high level view of the mechanisms that have been put in place. The digital certificates are governed by the OpenADR Alliance Certificate Policy. NOTE: OpenADR Certification should not be confused with an OpenADR Digital Certificate. OpenADR Certification means that VTNs and VENs have undergone OpenADR testing and conform to the current OpenADR interface specification. Part of this testing also checks whether the systems can handle the minimum security requirements. Passing testing, plus additional paperwork, enables the systems to claim to be OpenADR Certified. A list of certified devices can be found at - https://products.openadr.org/. This certification does not mean that the manufacturers have valid Digital Certificates built into their systems yet. Manufacturers achieving OpenADR Certification need to obtain the Digital Certificates Manufacturers can then embed the digital certificates into their certified products at time of manufacture. Different types of certificates are available to manufacturers depending on their development stage.
OpenADR Certificates can be obtained either from Eonti (https://eonti.com/openadr) or from Kyrio (https://kyrio.com/openadr/) Registration Authority Contact Information:Eonti Inc. Email: [email protected] Kyrio, Inc. Email: [email protected] Any other questions can be addressed to [email protected] ** Kyrio was previously NetworkFX. Therefore you may encounter some references to NetworkFX in the documentation. |