Abstract: A communication device detects whether anomalous events occur with respect to at least one node in a utility network. The communication device has recorded therein threshold operating information and situational operating information. The threshold operating information includes data indicative of configured acceptable operating parameters of nodes in the network based on respective locational information of the nodes. The situational information includes data indicative of configured operation data expected to be received from nodes in the network during a predetermined time period, based on a condition and/or event occurring during the time period. The communication device receives operation data from nodes in the network, and determines whether the operation data from a node constitutes an anomalous event based on a comparison of the received operation data with (i) the threshold operating information defined for the node and (ii) the situational information.

Abstract: A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command.

Abstract: A method for removing credentials from a smart grid device includes: receiving, by a receiving device, a removal request, wherein the removal request includes a device identifier associated with a smart grid device and is signed by an entity associated with a set of security credentials stored in a memory of the smart grid device, the set of security credentials restricting access to one or more components or operations of the smart grid device; extracting, by a processing device, the device identifier included in the received removal request; generating, by the processing device, a permit configured to remove the set of credentials from the smart grid device, wherein the generated permit includes the extracted device identifier; and transmitting, by a transmitting device, the generated permit to the smart grid device for removal of the set of credentials from the memory of the smart grid device.

Abstract: A communication device detects whether anomalous events occur with respect to at least one node in a utility network. The communication device has recorded therein threshold operating information and situational operating information. The threshold operating information includes data indicative of configured acceptable operating parameters of nodes in the network based on respective locational information of the nodes. The situational information includes data indicative of configured operation data expected to be received from nodes in the network during a predetermined time period, based on a condition and/or event occurring during the time period. The communication device receives operation data from nodes in the network, and determines whether the operation data from a node constitutes an anomalous event based on a comparison of the received operation data with (i) the threshold operating information defined for the node and (ii) the situational information.

Abstract: A method for removing credentials from a smart grid device includes: receiving, by a receiving device, a removal request, wherein the removal request includes a device identifier associated with a smart grid device and is signed by an entity associated with a set of security credentials stored in a memory of the smart grid device, the set of security credentials restricting access to one or more components or operations of the smart grid device; extracting, by a processing device, the device identifier included in the received removal request; generating, by the processing device, a permit configured to remove the set of credentials from the smart grid device, wherein the generated permit includes the extracted device identifier; and transmitting, by a transmitting device, the generated permit to the smart grid device for removal of the set of credentials from the memory of the smart grid device.

Abstract: A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command.

Abstract: A communication device detects whether anomalous events occur with respect to at least one node in a utility network. The communication device has recorded therein threshold operating information and situational operating information. The threshold operating information includes data indicative of configured acceptable operating parameters of nodes in the network based on respective locational information of the nodes. The situational information includes data indicative of configured operation data expected to be received from nodes in the network during a predetermined time period, based on a condition and/or event occurring during the time period. The communication device receives operation data from nodes in the network, and determines whether the operation data from a node constitutes an anomalous event based on a comparison of the received operation data with (i) the threshold operating information defined for the node and (ii) the situational information.

Abstract: A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command.

Abstract: A method for removing credentials from a smart grid device includes: receiving, by a receiving device, a removal request, wherein the removal request includes a device identifier associated with a smart grid device and is signed by an entity associated with a set of security credentials stored in a memory of the smart grid device, the set of security credentials restricting access to one or more components or operations of the smart grid device; extracting, by a processing device, the device identifier included in the received removal request; generating, by the processing device, a permit configured to remove the set of credentials from the smart grid device, wherein the generated permit includes the extracted device identifier; and transmitting, by a transmitting device, the generated permit to the smart grid device for removal of the set of credentials from the memory of the smart grid device.

Abstract: Devices and methods for securely upgrading devices, such as field upgradeable units, are disclosed. In response to receiving an update object, a device may determine whether a predefined location of memory includes a predetermined value. Based on the value in the predefined location, the device may store the received update object in a verification portion of the memory. After verifying the authenticity of the update object, the device may copy the update object from the verification portion of the memory to an inactive portion. The inactive portion of the memory can be swapped with an active portion of the memory, such that the inactive portion becomes active.

Abstract: A communication device detects whether anomalous events occur with respect to at least one node in a utility network. The communication device has recorded therein threshold operating information and situational operating information. The threshold operating information includes data indicative of configured acceptable operating parameters of nodes in the network based on respective locational information of the nodes. The situational information includes data indicative of configured operation data expected to be received from nodes in the network during a predetermined time period, based on a condition and/or event occurring during the time period. The communication device receives operation data from nodes in the network, and determines whether the operation data from a node constitutes an anomalous event based on a comparison of the received operation data with (i) the threshold operating information defined for the node and (ii) the situational information.

Abstract: Devices and methods for securely upgrading devices, such as field upgradeable units, are disclosed. In response to receiving an update object, a device may determine whether a predefined location of memory includes a predetermined value. Based on the value in the predefined location, the device may store the received update object in a verification portion of the memory. After verifying the authenticity of the update object, the device may copy the update object from the verification portion of the memory to an inactive portion. The inactive portion of the memory can be swapped with an active portion of the memory, such that the inactive portion becomes active.

Abstract: A communication device detects whether anomalous events occur with respect to at least one node in a utility network. The communication device has recorded therein threshold operating information and situational operating information. The threshold operating information includes data indicative of configured acceptable operating parameters of nodes in the network based on respective locational information of the nodes. The situational information includes data indicative of configured operation data expected to be received from nodes in the network during a predetermined time period, based on a condition and/or event occurring during the time period. The communication device receives operation data from nodes in the network, and determines whether the operation data from a node constitutes an anomalous event based on a comparison of the received operation data with (i) the threshold operating information defined for the node and (ii) the situational information.

Abstract: A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command.

Abstract: A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command.

Abstract: A method includes detecting, by a mobile network interface card (MNIC) using a radio frequency (RF) signal, network devices of a network, generating, by the MNIC, a report identifying a network device of the network devices as detected by the MNIC, and sending, by the MNIC, the report to the network device. The method further includes forwarding, by the network device using the network, the report to a backend, identifying, by the backend, a physical location of the network device, and determining, by the backend, an approximate physical location of the MNIC based on the physical location of the network device.

Abstract: A system and method is presented for broadcasting from a utility node a request for network routing information, receiving at the utility node routing information from neighboring utility nodes in response to the broadcast request, and registering the utility node with an access point that provides ingress and egress to and from the network. A node is selected to function as a proxy gateway for one or more other nodes in the network. A new utility node becomes connected to one or more utility networks by registering with the proxy gateway. The proxy gateway transmits registration requests and registration information from each node to a back office server and/or a Domain Name Server via an access point for which the proxy gateway functions as its proxy.

Abstract: A communication device detects whether anomalous events occur with respect to at least one node in a utility network. The communication device has recorded therein threshold operating information and situational operating information. The threshold operating information includes data indicative of configured acceptable operating parameters of nodes in the network based on respective locational information of the nodes. The situational information includes data indicative of configured operation data expected to be received from nodes in the network during a predetermined time period, based on a condition and/or event occurring during the time period. The communication device receives operation data from nodes in the network, and determines whether the operation data from a node constitutes an anomalous event based on a comparison of the received operation data with (i) the threshold operating information defined for the node and (ii) the situational information.

Abstract: A method for removing credentials from a smart grid device includes: receiving, by a receiving device, a removal request, wherein the removal request includes a device identifier associated with a smart grid device and is signed by an entity associated with a set of security credentials stored in a memory of the smart grid device, the set of security credentials restricting access to one or more components or operations of the smart grid device; extracting, by a processing device, the device identifier included in the received removal request; generating, by the processing device, a permit configured to remove the set of credentials from the smart grid device, wherein the generated permit includes the extracted device identifier; and transmitting, by a transmitting device, the generated permit to the smart grid device for removal of the set of credentials from the memory of the smart grid device.

Abstract: A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command.