Data Security for Energy Management Systems

In the future, energy system components such as heat pumps, combined heat and power plants, photovoltaic installations, and electrical storage facilities will be increasingly connected with each other via communication technology, and it will be possible to control them remotely and individually using management systems. This will allow energy flows to be efficiently and intelligently directed to the right place according to a wide variety of criteria. Fraunhofer IIS has undertaken to develop secure data communication solutions for energy management systems.

We are currently carrying out research into a security concept for energy management systems that uses three different security levels. Based on these different levels, it is possible to customize security mechanisms for the respective requirements of the planned applications. The lowest level is designed for single users in a private installation. Multi-user applications in multi-unit residential dwellings call for higher security requirements, which are covered by the middle level. The highest level is used for security-relevant applications with high data security requirements, such as the German Federal Office for Information Security’s protection profile for smart metering. In such cases, only the app has direct access to the data and there is no interaction between the app and an external web browser. Mobile access to internal resources from an external system requires separate hardware. The applications needed for access are permanently installed on a secure operating system. Any additional web server that may be used runs on a discrete operating system separate from the secure area. Ultimately, this means that data is stored in a system that is as closed as possible, bucking the current trend for actively integrating the cloud in the system.

We offer you a framework that provides all the security mechanisms needed for optimum protection at the app end. Integrated interfaces whose protocol does not support any security mechanisms must each be encapsulated in their own app. The security required is defined in the system concept and then systematically implemented at the programming stage. In addition, we would also be glad to advise you on the creation of your own security solution.