Everyone would agree that corporate networks, including utility networks such as OpenWay^® by Itron, need to be secure.

Aside from security experts, though, few people can define how to make networks secure beyond requiring a password to access the network and maybe encrypting messages sent on the network. In fact, there are as many aspects to security as there are ways to compromise a network.

• Authentication ensures that only authorized persons or agents can perform certain actions or view information. This can be done through requiring proper credentials that must be checked before a command or request can proceed. In some ways, authentication protects against all categories of attacks.
  
• Confidentiality ensures that sensitive information is not exposed to the wrong person or system. This protects against disclosure. Confidentiality can extend to data, such as personal identification or financial records. Confidentiality can also extend to system commands. Knowing where commands have gone to, or are going to go, on the network can give attackers advantage.
  
• Non-repudiation ensures that processes in the communications system perform according to the rules. It refers to the assurance that the person or agent who claims to have created, modified or transmitted data is, in fact, that person or agent, and is unable to deny responsibility for the data’s content or transmission. Common methods are providing the sender of data with proof of delivery and the recipient of data with proof of the sender’s identity. This protects against disruption. Non-repudiation can apply to any sort of transmission or interaction across a network.
  
• Authorization ensures that only authorized persons or agents perform certain actions or view information. This protects against deception. Authorization often takes the form of granting permissions to people or agents. Systems may have graduated levels of permission depending on user population and need for security.
  
• Availability ensures that data, commands and communications are usable when desired. This protects against disruption.
  
• Integrity ensures that actions can be traced to actions. This protects against deception. Logging, tracking, and auditing actions are common forms of maintaining data integrity, and helps improve the system against future attacks. Replay prevention is a form of confirming the integrity of command s. It ensures that valid messages are used only at the proper times. Replay prevention protects against capturing and reusing communications at a later time.

Developing Security for OpenWay
Securing the OpenWay architecture does not mean that the system will not be attacked, nor does it mean that the system will be impossible to compromise. It means addressing the most likely attack vectors to both reduce the likelihood of an attack’s success, and to reduce the overall impact of an attack if it were to succeed. By making compromise both very difficult to attain and very limited in its impact, while making the likelihood of getting caught very high, OpenWay becomes impractical to attack, even if it is theoretically possible to do so. This high risk to reward ratio makes OpenWay an unattractive target.