Abstract: A network tap device is configured to join a secured network to be monitored through a joining process. The joining process includes communicating with the access point to obtain security keys of the monitored network and communicating with the access point to obtain a network address for the network tap device. After joining the secured network, the network tap device collects the network data on the secured network. Collecting the network data includes detecting network traffic on the monitored network, the network traffic containing encrypted data and unencrypted data, decrypting the encrypted data in the network traffic using the security keys to generate decrypted data, and adding the decrypted data and unencrypted data to the network data. The network tap device further transmits the collected network data to a monitoring workstation via a data transmission network.

Abstract: A network tap device is configured to join a secured network to be monitored through a joining process. The joining process includes communicating with the access point to obtain security keys of the monitored network and communicating with the access point to obtain a network address for the network tap device. After joining the secured network, the network tap device collects the network data on the secured network. Collecting the network data includes detecting network traffic on the monitored network, the network traffic containing encrypted data and unencrypted data, decrypting the encrypted data in the network traffic using the security keys to generate decrypted data, and adding the decrypted data and unencrypted data to the network data. The network tap device further transmits the collected network data to a monitoring workstation via a data transmission network.

Abstract: A method for performing a blockchain operation includes receiving an indication of a number of a plurality of endpoints in a processing network. The method further includes assigning nonce offsets to each endpoint of the plurality of endpoints and assigning communication randomization windows to each endpoint of the plurality of endpoints. The communication randomization windows stagger communication windows of the endpoints to a head-end. Additionally, the method includes sending a message to each of the endpoints indicating an operation to perform and an expected result. Further, the method includes receiving a success indication from a first endpoint of the plurality of endpoints. The success indication including a nonce match value from the nonce offset of the first endpoint. Furthermore, the method includes verifying a nonce match value with the expected result.

Abstract: A method for performing a blockchain operation includes receiving an indication of a number of a plurality of endpoints in a processing network. The method further includes assigning nonce offsets to each endpoint of the plurality of endpoints and assigning communication randomization windows to each endpoint of the plurality of endpoints. The communication randomization windows stagger communication windows of the endpoints to a head-end. Additionally, the method includes sending a message to each of the endpoints indicating an operation to perform and an expected result. Further, the method includes receiving a success indication from a first endpoint of the plurality of endpoints. The success indication including a nonce match value from the nonce offset of the first endpoint. Furthermore, the method includes verifying a nonce match value with the expected result.

Abstract: Systems and methods are disclosed for interleaving communications with a home area network (HAN) and a data network. A gateway device interleaves communications within timeslots of a time slotted channel hopping protocol. A gateway device can be configured to determine, during a first portion of a timeslot, whether the gateway device received a portion of a message from a data network. If the gateway device receives no messages from the data network during the first portion of the timeslot, the gateway device switches to listen for communication from the HAN during a second portion of the timeslot. If the gateway device receives a portion of the message from the HAN, the gateway device continues to receive receives the remainder of the message until one or more trigger conditions that cause the gateway device to listen for communication from the data network.

Abstract: Systems and methods for securing communication within a network endpoint, for example, a meter. The meter may include a communication module and a metrology module where the modules are connected via a communication path that is external to both modules. The modules exchange a pairing key to establish a paired channel of communication. When the communication module receives a communication through a network for establishing a secure channel to the endpoint, the communications module sends some or all of the security data to the metrology module to establish a secure communication from a head-end system through the communication module to the metrology module.

Abstract: Systems and methods are disclosed for interleaving communications with a home area network (HAN) and a data network. A gateway device interleaves communications within timeslots of a time slotted channel hopping protocol. A gateway device can be configured to determine, during a first portion of a timeslot, whether the gateway device received a portion of a message from a data network. If the gateway device receives no messages from the data network during the first portion of the timeslot, the gateway device switches to listen for communication from the HAN during a second portion of the timeslot. If the gateway device receives a portion of the message from the HAN, the gateway device continues to receive receives the remainder of the message until one or more trigger conditions that cause the gateway device to listen for communication from the data network.

Abstract: Systems and methods are disclosed for interleaving communications with a home area network (HAN) and a data network. A gateway device interleaves communications within timeslots of a time slotted channel hopping protocol. A gateway device can be configured to determine, during a first portion of a timeslot, whether the gateway device received a portion of a message from a data network. If the gateway device receives no messages from the data network during the first portion of the timeslot, the gateway device switches to listen for communication from the HAN during a second portion of the timeslot. If the gateway device receives a portion of the message from the HAN, the gateway device continues to receive receives the remainder of the message until one or more trigger conditions that cause the gateway device to listen for communication from the data network.

Abstract: Systems and methods for securing communication within a network endpoint, for example, a meter. The meter may include a communication module and a metrology module where the modules are connected via a communication path that is external to both modules. The modules exchange a pairing key to establish a paired channel of communication. When the communication module receives a communication through a network for establishing a secure channel to the endpoint, the communications module sends some or all of the security data to the metrology module to establish a secure communication from a head-end system through the communication module to the metrology module.

Abstract: Systems and methods for securing communication within a network endpoint, for example, a meter. The meter may include a communication module and a metrology module where the modules are connected via a communication path that is external to both modules. The modules exchange a pairing key to establish a paired channel of communication. When the communication module receives a communication through a network for establishing a secure channel to the endpoint, the communications module sends some or all of the security data to the metrology module to establish a secure communication from a head-end system through the communication module to the metrology module.

Abstract: Systems and methods are disclosed for interleaving communications with a home area network (HAN) and a data network. A gateway device interleaves communications within timeslots of a time slotted channel hopping protocol. A gateway device can be configured to determine, during a first portion of a timeslot, whether the gateway device received a portion of a message from a data network. If the gateway device receives no messages from the data network during the first portion of the timeslot, the gateway device switches to listen for communication from the HAN during a second portion of the timeslot. If the gateway device receives a portion of the message from the HAN, the gateway device continues to receive receives the remainder of the message until one or more trigger conditions that cause the gateway device to listen for communication from the data network.

Abstract: Systems and methods are provided for generating subsequent encryption keys by a client device as one of a plurality of client devices across a network. Each client device is provided with the same key generation information and the same key setup information from an authentication server. Each client device maintains and stores its own key generation information and key setup information. Using its own information, each client device generates subsequent encryption keys that are common or the same across devices. These subsequent encryption keys are generated and maintained the same across devices without any further instruction or information from the authentication server or any other client device. Additionally, client devices can recover the current encryption key by synchronizing information with another client device.

Abstract: Systems and methods are provided for generating subsequent encryption keys by a client device as one of a plurality of client devices across a network. Each client device is provided with the same key generation information and the same key setup information from an authentication server. Each client device maintains and stores its own key generation information and key setup information. Using its own information, each client device generates subsequent encryption keys that are common or the same across devices. These subsequent encryption keys are generated and maintained the same across devices without any further instruction or information from the authentication server or any other client device. Additionally, client devices can recover the current encryption key by synchronizing information with another client device.

Abstract: Systems and methods for securing communication within a network endpoint, for example, a meter. The meter may include a communication module and a metrology module where the modules are connected via a communication path that is external to both modules. The modules exchange a pairing key to establish a paired channel of communication. When the communication module receives a communication through a network for establishing a secure channel to the endpoint, the communications module sends some or all of the security data to the metrology module to establish a secure communication from a head-end system through the communication module to the metrology module.

Abstract: Systems and methods for detecting intrusion into a data network are disclosed. Such intrusion can be detected, for example, by providing at least two network devices in a data network. Each of the network devices has a decoy cryptographic key that is used to detect unauthorized data and an authentic cryptographic key that is used to encrypt authorized data. The first network device receives data from the second network device that is encrypted using the decoy cryptographic key. The first network device determines that the data is encrypted using the decoy cryptographic key. The first network device deletes or otherwise discards the data encrypted using the decoy cryptographic key. The first network device can generate an alert message instructing other network devices that the second network device is generating the unauthorized data. The alert message also instructs the other network devices to ignore data originating from the second network device.

Abstract: Systems and methods for detecting intrusion into a data network are disclosed. Such intrusion can be detected, for example, by providing at least two network devices in a data network. Each of the network devices has a decoy cryptographic key that is used to detect unauthorized data and an authentic cryptographic key that is used to encrypt authorized data. The first network device receives data from the second network device that is encrypted using the decoy cryptographic key. The first network device determines that the data is encrypted using the decoy cryptographic key. The first network device deletes or otherwise discards the data encrypted using the decoy cryptographic key. The first network device can generate an alert message instructing other network devices that the second network device is generating the unauthorized data. The alert message also instructs the other network devices to ignore data originating from the second network device.