Secure network bootstrap of devices in an automatic meter reading network
First Claim
1. A method of a provisioning an electronic device in an automatic meter reading network, comprising:
- generating a derived security key and a challenge data of a challenge-response pair of the device management server, the derived security key based on a secret key embedded in the electronic device and the provided security key of a device management server of the automatic meter reading network;
generating a response data through processing a reply data of the metering device reacting to the challenge data; and
communicating the response data to the device management server to authenticate the electronic device.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and/or a system of a secure network bootstrap of devices in an automatic meter reading network is disclosed. A method of a network interface card in an automatic meter reading network includes generating a derived security key based on a secret key embedded in a network interface card and a provided security key of a device management server of the automatic meter reading network. The method also includes communicating the derived security key and a challenge data of a challenge-response pair of the device management server to a metering device and generating a response data through processing a reply data of the metering device reacting to the challenge data. In addition, the method includes communicating the response data to the device management server to authenticate the network interface card and/or the metering device.
90 Citations
22 Claims
-
1. A method of a provisioning an electronic device in an automatic meter reading network, comprising:
-
generating a derived security key and a challenge data of a challenge-response pair of the device management server, the derived security key based on a secret key embedded in the electronic device and the provided security key of a device management server of the automatic meter reading network;
generating a response data through processing a reply data of the metering device reacting to the challenge data; and
communicating the response data to the device management server to authenticate the electronic device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of an automatic meter reading (AMR) network, comprising:
-
communicating a provided security key and a challenge data of at least one challenge-response pair to the metering device to authenticate the metering device; and
determining any tampering of the metering device through analyzing a response data of the metering device. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. An electronic meter for use in a utility meter network;
- comprising;
a commodity meter capable of metering at least one commodity;
a network interface card capable of interfacing with a communications network, the network interface card communicatively coupled to the commodity meter;
memory for storing a secret key of a secret key pair; and
a processor capable of processing requests to generate a security key, wherein the processor generates a derived security key, the derived security key based on a secret key of the secret key pair and a provided security key, and wherein the network interface card sends the derived security key to a device management server over a communications network. - View Dependent Claims (16, 17, 18, 19, 20, 21)
- comprising;
-
22. A method of provisioning a network interface card associated with a utility meter for use in a utility network, comprising:
-
embedding a symmetric key in a memory device of the network interface card for use in a utility network;
embedding a device data file in the memory device of the network interface card for use in a utility network;
recording the embedding of the symmetric key and device data file for later transmission to a device management server, wherein transmission of the embedding of the symmetric key and device data file for later transmission to a device management server allows for authentication of the network interface card;
A procedure and format for generating Device Ship files along with symmetric key to be shared between the manufacturer and the customer;
A procedure and format for conducting Device installation in the field with the help of a device management System and a device Installation tool;
A procedure and format for executing secure network bootstrap of the metering device and the NIC (referred to as the “
Device”
);
A procedure and format for executing secure shutdown prepare commit, for cases wherein the device has to reboot due to planned or accidental shutdowns after incidents of tampering, etc., so that the device is reauthenticated and reinstalled before it reenters the network in a secure manner; and
A procedure to protect the device against tampering, where tampering may involve any of the following but not limited to them;
(a) electronic and/or physical alterations of the metering device by unauthorized electronic means;
(b) insertion of the non-approved physical or electronic components in the metering device;
(c) alteration of data measured and/or stored in the metering device;
(d) unauthorized external tapping/connection into the data sources in the metering device.
-
Specification