Solution
Products & Services
Success
Partners
News & Events
Support
About NES
Resources
Careers
Contact Us
Patagonia Security Platform
We are the Smart Grid Security Experts.

Patagonia Security
Networked Energy Services Corporation

Power grids are part of critical infrastructure. Security is therefore an integral part of the Patagonia smart grid platform. 
The complete lifecycle of the system is designed with security at its core; from device manufacturing to device deployment, from operation to maintenance.

The Patagonia threat model includes state-sponsored adversaries, organized crime syndicates, and other highly skilled and highly focused attackers. Every layer of the Patagonia Platform is designed to prevent malicious intrusions and human mistakes while providing detection capabilities enabling timely and precise incident response.

In Patagonia, a utility does not need to compromise on security in order to meet performance goals. Security has been baked in from the beginning. In addition, the Patagonia hardware platform has the headroom required to easily take advantage of new and improved security technologies as they become ready for use in the future.

Patagonia’s extensive industry leading security features are designed to protect, detect and respond to current and future cybersecurity threats in an efficient and timely manner.

Highlight
Always On
Security is a cornerstone of Patagonia and cannot be removed. This is to minimize the risk of misconfiguration and to mitigate a whole class of attacks that aim to disable or subvert security mechanisms.
Efficient and Reliable
The hardware, software, and the network architecture that brings it all together have been carefully selected and optimized for even the most resource-constrained and unreliable networks and devices. As a result, Patagonia delivers exceptional performance and reliability while maintaining a secure system. 
Professional Security Audits and Research
Patagonia is regularly audited by professional third-party security experts to make sure our solution’s security guarantees are met in theory as well as in practice. NES is also engaged in academia to follow and help advance the state-of-the-art in grid security.
Best Practices
The design and implementation of Patagonia strictly follows modern and proven best practices and recommendations from security experts and renowned organizations such as NIST and ENISA. Key management, selection of cryptographic algorithms, key lengths, security protocols, audit logging, and intrusion detection are just some of the areas where Patagonia relies on decades of security research and proven methods.
Disaster Recovery
Unfortunately, there is no such thing as a perfect threat-prevention system for smart grids in practice. Patagonia is therefore designed to provide the information and tools needed so utilities can thrive in the face of cyberattacks and business crises.
Transparency
Patagonia does not, and will never, use or rely on proprietary protocols or algorithms. The Patagonia security system is secure even if everything about it, except the keys, is known.
End-to-End Security and Privacy
The Patagonia architecture enables efficient and scalable end-to-end protection (encrypted and authenticated) of customer data and meter management. This ensures that customer data originating from a meter is unreadable until it reaches the utility’s central system,and that only the central system is able to reconfigure the meters.
Compartmentalization
Smart meter deployments can contain millions of meters located in potentially hostile environments. In Patagonia, a meter compromise does not lead to the compromise of other meters or nodes in the grid. 
This minimizes the risk of attacks spreading from the millions of edges in a grid and reduces the impact of meter compromises in general.
Device Security
Patagonia meters and data concentrators (DCs) are fully equipped with modern software and hardware tamper-prevention and detection mechanisms. Meter HSMs, encrypted key stores, and physical tamper alarms are just some of the mechanism in place to prevent and detect physical tampering of a meter or a DC. 
Network Security
All network links in Patagonia provide confidentiality (encryption), integrity, mutual authentication, and replay protection. Denial of Service (DoS); and other availability-limiting scenarios, are mitigated as much as the underlying network infrastructure allows for.
Key Management
Keys are automatically updated/renewed on a regular basis with respect to a key life cycle configuration, and can also be revoked and updated manually. This reduces the overall risk of compromised keys.  
Always On
Security is a cornerstone of Patagonia and cannot be removed. This is to minimize the risk of misconfiguration and to mitigate a whole class of attacks that aim to disable or subvert security mechanisms.
Efficient and Reliable
The hardware, software, and the network architecture that brings it all together have been carefully selected and optimized for even the most resource-constrained and unreliable networks and devices. As a result, Patagonia delivers exceptional performance and reliability while maintaining a secure system. 
Professional Security Audits and Research
Patagonia is regularly audited by professional third-party security experts to make sure our solution’s security guarantees are met in theory as well as in practice. NES is also engaged in academia to follow and help advance the state-of-the-art in grid security.
Best Practices
The design and implementation of Patagonia strictly follows modern and proven best practices and recommendations from security experts and renowned organizations such as NIST and ENISA. Key management, selection of cryptographic algorithms, key lengths, security protocols, audit logging, and intrusion detection are just some of the areas where Patagonia relies on decades of security research and proven methods.
Disaster Recovery
Unfortunately, there is no such thing as a perfect threat-prevention system for smart grids in practice. Patagonia is therefore designed to provide the information and tools needed so utilities can thrive in the face of cyberattacks and business crises.
Transparency
Patagonia does not, and will never, use or rely on proprietary protocols or algorithms. The Patagonia security system is secure even if everything about it, except the keys, is known.
End-to-End Security and Privacy
The Patagonia architecture enables efficient and scalable end-to-end protection (encrypted and authenticated) of customer data and meter management. This ensures that customer data originating from a meter is unreadable until it reaches the utility’s central system,and that only the central system is able to reconfigure the meters.
Compartmentalization
Smart meter deployments can contain millions of meters located in potentially hostile environments. In Patagonia, a meter compromise does not lead to the compromise of other meters or nodes in the grid. 
This minimizes the risk of attacks spreading from the millions of edges in a grid and reduces the impact of meter compromises in general.
Device Security
Patagonia meters and data concentrators (DCs) are fully equipped with modern software and hardware tamper-prevention and detection mechanisms. Meter HSMs, encrypted key stores, and physical tamper alarms are just some of the mechanism in place to prevent and detect physical tampering of a meter or a DC. 
Network Security
All network links in Patagonia provide confidentiality (encryption), integrity, mutual authentication, and replay protection. Denial of Service (DoS); and other availability-limiting scenarios, are mitigated as much as the underlying network infrastructure allows for.
Key Management
Keys are automatically updated/renewed on a regular basis with respect to a key life cycle configuration, and can also be revoked and updated manually. This reduces the overall risk of compromised keys.