Energy supplies are inherently targeted by attackers and sophisticated cyberattacks. The OpenADR Alliance, among others, is driving forward the urgently needed defensive measures and innovative strategies to protect critical infrastructure - and is primarily based on three supporting pillars.
Communication within the energy industry is a delicate point. Connections between utility companies and end devices, such as private households or medium-sized companies, offer a large area of attack. Because attacks on critical infrastructure have devastating consequences for energy supplies and the civilian population, the OpenADR communications standard is breaking new ground in terms of security. The OpenADR Alliance, the driving force behind the technology, sees three central components.
- Isolated stand-alone systems. OpenADR views all systems involved in communication as independent components. The servers on the energy supplier side (VTN, Virtual Top Note), the energy management system on the customer side (VEN, Virtual End Note) and the connection between the two. The OpenADR standard only transmits information between the two parties in the form of data packets, which are transferred from one device to the other - if, for example, attackers have gained access to the customer's software, they will end up in a dead end with no access granted to the provider's network.
- Unique authentication. VTNs must always know that they are communicating with the correct end device on the customer side - and vice versa. To ensure this, OpenADR issues dedicated and secure certificates for each device using its own Public Key Infrastructure (PKI). To ensure that all functions work as intended, the OpenADR Alliance also tests each system. Communication can only begin when VTNs and VENs have valid and verified certificates.
- Seamless end-to-end encryption. To ensure the highest level of security for communication channels, the OpenADR Alliance works closely with security experts and official committees. The result is secure, encrypted connections based on the TLS (Transport Layer Security) protocol. However, advanced XML signatures also provide a high-security function that allows sent messages to be checked for manipulation and uses asymmetric algorithms.
About OpenADR Alliance
The OpenADR Alliance is a non-profit corporation established to promote the development, adoption and compliance of the Open Automated Demand Response (OpenADR) standard. The organization helps utilities manage the growing pool of distributed energy resources (DER), which includes renewable energy, energy storage, demand-responsive control, and electric vehicle charging