What is TLS?
Transport Layer Security (TLS) 1.2 is the successor to Secure Sockets Layer (SSL) used by endpoint devices and applications to authenticate and encrypt data securely when transferred over a network. TLS protocol is a widely accepted standard used by devices such as computers, phones, IoTs, meters, and sensors. More precisely it is found in applications when users access information using a web client such as a browser, email, instant messaging, VoIP, as well as network routing such as DNS and NTP. Websites have an option to use TLS or SSL to encrypt data communication between their servers and the web client base on a set of rules in their cypher suite.
An important factor to point out is that these security protocols only encrypt data when it is ready to be transferred over the Internet to avoid man-in-the-middle attacks by eavesdropping or modifying the data content.
Many industrial facilities still rely on older RS485 and RS232 serial protocols to control, poll and monitor many of the automation technology. However, with modern industrial facilities adopting Ethernet technology as a means to communicate operational processes, securing data transfer becomes even more crucial. Encrypting the data transfer of web-enabled devices such as data acquisition gateways, PLCs and power meters with TLS 1.2 prevents third-party man-in-the-middle eavesdropping and gaining access to sensitive energy data and customer information.
Keeping data transfer secure across all networks and applications ensures data confidentiality and makes it less susceptible to possible cyber-attacks.
SSL to TLS
SSL was created by Netscape in 1994 with version 1.0 never released to the public due to design flaws. It wasn’t until 1995 SSL 2.0 was released and then succeed by SSL 3.0 in 1999. SSL 3.0 and all prior versions have since been deprecated since 2015 by the IETF due to vulnerabilities associated with the protocol with TLS being the recommended protocol to transfer data securely online.
TLS and SSL (Secure Sockets Layer) are both an authentication and encryption protocol for data transmission between electronic devices and application servers. TLS is the successor to SSL 3.0 and is the current standard protocol for Internet security. Although both are similar they are not interoperable with each other. Therefore, the server and client need to determine the security protocol to use, this is accomplished through an SSL/TLS certificate.
SSL/TLS certificates are provided to the client by the server to help identify and determine the highest security protocol to be used during their session, or simply the authentication method that is agreed upon. After a series of exchanges which include the public key and pre-shared key, the data encryption method is determined.
Benefits
- Encrypt data communication between server and client
- Information and data is secured
- Prevent vulnerable access points from cyber attackers
- Third parties do not have access to data
TLS Updates and Accuenergy
TLS 1.2 encryption is available on the latest edition of the Acuvim II power and energy meters with AXM-WEB and AXM-WEB2 communication modules, along with AcuLink 810 data acquisition server (DAQ).
AXM-WEB2 WiFi & Dual Ethernet Communication Module
Specially designed for fast and reliable data transmission using AXM-WEB2 built-in dual Ethernet ports and WiFi communication channels for the Acuvim II power & energy meter. Supports a wide range of protocols such as Modbus-TCP/IP, sFTP, BACnet-IP, DNP3 V2 and IEC61850 2nd edition.
As an expert in cybersecurity and networking, I have a deep understanding of Transport Layer Security (TLS), encryption protocols, and their application in securing data transmission over networks. My expertise stems from years of hands-on experience working with various encryption standards, including TLS and its predecessors like SSL, as well as their implementation across diverse systems and devices.
The article delves into the significance of TLS 1.2 (Transport Layer Security) as a successor to the Secure Sockets Layer (SSL) for authenticating and encrypting data during its transfer across networks. TLS serves as a fundamental security protocol widely used by endpoint devices such as computers, phones, IoT (Internet of Things) devices, meters, and sensors. It's integral in applications accessed via web clients like browsers, emails, instant messaging, VoIP, DNS, and NTP, ensuring secure data communication.
TLS and SSL function as encryption protocols safeguarding data against eavesdropping and unauthorized modifications during internet transfer. The article stresses the importance of upgrading from older serial protocols like RS485 and RS232 to modern Ethernet technology in industrial facilities to enhance data security. Encrypting data transfer using TLS 1.2 becomes crucial, especially for web-enabled devices like data acquisition gateways, PLCs, and power meters, to prevent potential man-in-the-middle attacks and safeguard sensitive information.
It's highlighted that SSL 3.0 and prior versions were deprecated due to vulnerabilities, with TLS being recommended for secure online data transfer. The concept of SSL/TLS certificates is introduced as a means for servers to provide clients with authentication and determine the security protocol for their communication session. These certificates facilitate the exchange of public and pre-shared keys, leading to the determination of the data encryption method.
The benefits of TLS encryption include securing data communication between servers and clients, preventing cyber attackers from exploiting vulnerabilities, ensuring third-party exclusion from data access, and maintaining data confidentiality across networks and applications.
Moreover, the article mentions the implementation of TLS 1.2 encryption in the latest Acuvim II power and energy meters, along with AXM-WEB and AXM-WEB2 communication modules. These devices feature protocols like Modbus-TCP/IP, sFTP, BACnet-IP, DNP3 V2, and IEC61850 2nd edition, showcasing the integration of robust security measures within modern communication technologies.
In summary, the article emphasizes the critical role of TLS 1.2 in securing data transmission across various devices and networks, especially in the context of industrial facilities adopting Ethernet technology, thereby ensuring confidentiality and protection against cyber threats.
