• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    APPARATUS, METHOD AND SYSTEM FOR MANAGEMENT OF PUBLIC SERVICES DEVICE. The present invention relates to methods, systems and apparatus, including computer programs encoded in a computer storage medium, for managing utility device operations. In one aspect, a utility apparatus includes a processing apparatus that manages the data processing tasks for the utility apparatus. The utility apparatus also includes a communication apparatus, coupled to the processing apparatus, which is configured to transmit and receive data over a network. A metrology apparatus is coupled to the processing apparatus, the metrology apparatus being configured to measure and provide measurement data including at least one measurement of the utilities used. A networking apparatus is also coupled to the processing apparatus, the networking apparatus being configured to coordinate communications between devices belonging to a home area network. A utility identification module interface has an interface that detachably receives a utility identification module.
    公开号:BR112013007261B1
    申请号:R112013007261-0
    申请日:2011-09-08
    公开日:2021-05-25
    发明作者:Emmanuel Monnerie;Jeffrey B. Shudark;Ruben Salazar;Stephen J. Chasko
    申请人:Landls-Rgyr Innc)Vat1Ons, Inc.;
    IPC主号:
    专利说明:

    CROSS REFERENCE TO RELATED ORDERS
    [0001] This application claims priority to U.S. Serial Order No. 12/891,915, filed September 28, 2010, the contents of which are incorporated by reference in their entirety. FUNDAMENTALS
    [0002] The present disclosure relates to the security, identification and maintenance of the final utility endpoint.
    [0003] Utility meters have become integral elements of distributed data networks. For example, utility meters and other utility devices may include transceivers that allow the devices to provide usage data (eg, data that specifies power usage or water usage), network status data (eg, data specifying characteristics of network operation) and other network data for a utility operator. Transceivers associated with these devices also allow the devices to receive configuration data that can be used to maintain proper device configuration and/or control data that can be used to (remotely) change a meter's operating mode (eg , remote service disconnect).
    [0004] Utility meters are also used to manage home area networks (HANs). For example, a utility meter can be configured to communicate with “smart” devices that communicate according to a specified communications standard (eg ZigBee Smart Energy). In turn, the utility meter can store configuration network data and/or device identifiers that are needed to coordinate communication between “smart” devices.
    [0005] Due to the fact that utility meters have become integral elements of distributed data networks, it is important that these utility meters are implemented with security functions that protect utility meters and data networks from attack . Additionally, it is also important to reduce the amount of time a utility meter is out of service following, for example, meter replacement and/or a power outage. SUMMARY
    [0006] In general, an innovative aspect of the subject matter described in this specification can be incorporated in an apparatus that includes a processing apparatus that manages data processing tasks for the utility apparatus; a communication apparatus coupled to the processing apparatus, the communication apparatus configured to transmit and receive data over a network; a metrology apparatus coupled to the processing apparatus, the metrology apparatus configured to measure and provide measurement data including at least one measurement of utilized utilities; a network apparatus coupled to the processing apparatus, the network apparatus configured to coordinate communication between devices belonging to a home area network; and a utility identification module interface coupled to the processing apparatus, the utility identification module having an interface detachably receiving a utility identification module, wherein the utility identification module includes by the minus a processor and a data store that stores configuration data that configures the processing apparatus for communication with the communication apparatus, the metrology apparatus and the network apparatus. Other modalities of this aspect include corresponding systems, methods, and computer programs.
    [0007] These and other modalities may each optionally include one or more of the following functions. The apparatus may include a removable utilities identification module which stores configuration data that is respectively associated with the communication apparatus, the metrology apparatus and the network apparatus. The configuration data that is associated with the communication device can specify at least one encryption key with which data transmitted to a utility network management device is encrypted. The configuration data that is associated with the metrology apparatus can specify at least one security key that is required for communication with the metrology apparatus.
    [0008] The configuration data that is associated with the network apparatus can specify at least one network security key that is required for communication over the home area network or a neighborhood area network. The configuration data also specifies: devices that belong to the home area network; communication settings associated with the home area network, where communication settings specify pairs of devices that are communicating with each other; and security features of devices that belong to the home area network.
    [0009] The home area network can be a ZigBee network in which devices communicate according to a ZigBee communications protocol. Each of the respective configuration data can be stored and partitioned according to the apparatus to which the configuration data correspond. The utility identification module can be a secure hardware component.
    [0010] In general, another aspect of the matter described in this descriptive report can be incorporated into methods that include the actions of determining, through a utility processing apparatus of a utility apparatus, that the utility processing apparatus requires configuration data to interface with at least one of the metrology apparatus associated with the utility processing apparatus and a network apparatus that is associated with the utility processing apparatus; detect, through the utilities processing apparatus, a removable utilities identification module that is in communication with the utilities processing apparatus, the utilities identification module that stores configuration data required by the utility processing apparatus. utilities to interact with at least one of the metrology apparatus and the network apparatus; receiving, via the utility processing apparatus and the utility identification module, the configuration data; and interacting, via the utility processing apparatus, with at least one of the metrology apparatus and the network apparatus using the configuration data. Other modalities of this aspect include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded in the computer storage devices.
    [0011] These and other modalities may each optionally include one or more of the following functions. Receiving the configuration data may include receiving, through the removable utilities identification module, encryption data that specifies an encryption key that is used to transmit reporting data to a network management device that manages a utility network to which the utility apparatus belongs; and receiving, via the removable utilities identification module, routing data specifying one or more network devices that belong to the same network mesh as the utility apparatus and that are in communication with the utility apparatus. Methods may additionally include transmitting measurement data that is encrypted with the encryption key to a selected network device specified by the routing data.
    [0012] Receiving routing data may further include receiving geographic data specifying a geographic location of the utility apparatus; and receiving destination data that specifies a network identifier associated with the network management apparatus.
    [0013] The methods may further include receiving, through another apparatus, an authentication challenge requesting a response to the challenge; and provide an answer to the authentication challenge. The methods may further include determining, through the other apparatus, that the response to the authorization challenge is a valid response, where a valid response is a response that authenticates the utility apparatus as being in an unadulterated state. The methods may further include determining, through the other apparatus, that the valid response was received outside of a response time threshold; and providing, by the other apparatus, tampering data to the network management apparatus informing the receipt of the valid response outside the response time limit.
    [0014] The methods may further include determining, through the other apparatus, that the response to the authorization challenge is an invalid response, where an invalid response is a response that fails to authenticate the utility apparatus as being in a non-status state. adulterated; and providing, by the other apparatus, tampering data to the network management apparatus informing the receipt of the invalid response. Receiving the configuration data may include receiving, via the utility apparatus, processing apparatus and the utility identification module, home area network data associated with a home area network that is associated with a geographic location of the apparatus. of public services. Receiving the home area network data may include receiving, via the utility identification module, a set of device identifiers for devices that belong to the home area network, a set of security keys that are used for communication over the home area network, and security settings for devices that belong to the home area network.
    [0015] The methods can additionally include a communication coordination between devices belonging to the home area network. Receiving home area network data may include receiving, via the utility identification module, a network security key for the home area network. Coordination of communication between devices belonging to the home area network may include receiving, from a new device, a request to join the home area network; and providing the network key to the new device in response to the request.
    [0016] Communication coordination between devices that belong to the home area network may include communications coordination between devices that are in communication through the home area network in accordance with a ZigBee communications standard. Receiving the configuration data may further include receiving, via the utilities processing apparatus and the utilities identification module, a security key that is required for communication with the metrology apparatus that is associated with the utilities apparatus. .
    [0017] The methods may further include obtaining the measurement data, wherein the measurement data comprises at least one measurement of used utilities; and generating a communication packet that includes the measurement data, wherein the communication packet is encrypted using the encryption data.
    [0018] In general, another aspect of the matter described in this specification can be incorporated into a system that includes a first endpoint in a utility network, the first endpoint having a utility identification module interface that detachably receives a first utility identification module, wherein the first utility identification module stores data that is associated with a particular utility account, and wherein the first endpoint is configured to measure usage of the utility, associating the measurement with the data specified by the utility identification module that has been detachably received by the first endpoint, and transmitting the measurements over a utility network; a second endpoint in the utility network, the second endpoint having a utility identification module interface detachably receiving a second utility identification module, wherein the second utility identification module stores data that is associated with the same particular utility account as the first utility identification module, the second endpoint is located in a different geographic location than the first endpoint, the second endpoint configured to measure usage of the utility, associates the measurement with the data specified by the second utility identification module, and transmits the measurements through the utility network; a network management appliance in communication with the first endpoint and the second endpoint, the network management appliance configured to receive the measurements from the first endpoint and the second endpoint and associate the measurements to the same account of particular utilities based on the measurements that are respectively associated with the data specified by the first utilities identification module and the second utilities identification module. Other embodiments of this aspect include corresponding systems, apparatus and computer programs configured to perform the actions of the methods encoded in the computer storage devices.
    [0019] The particular modalities of the subject described in this descriptive report may be implemented so as to realize one or more of the following advantages. Utility meters can be configured more quickly using a removable utilities identification module that stores configuration data for the meter rather than getting the configuration data through a utility network. The meter security is enhanced by using encryption and/or challenge/response techniques to restrict access to the metrology device, communication devices, and/or home network device that are implemented on the meter. Meter exchange (ie, meter replacement) processes are simplified because the data required by a newly installed meter (or other utility device) is available from a utility module that has been removed from the previously installed meter. Data that identifies a meter as a Trust Center for a home area network can then be fixed components of the meter. Periodically determining a utility meter's tampered status reduces the likelihood of unauthorized access and fraudulent activity.
    [0020] Details of one or more modalities of the subject described in this descriptive report are presented in the attached drawings and in the description below. Other functions, aspects and advantages of the subject will be apparent from the description, drawings and claims. BRIEF DESCRIPTION OF THE DRAWINGS
    [0021] Figure 1 is an example of an environment in which the utility identification module can be implemented.
    [0022] Figure 2 is a block diagram of an endpoint that includes a utility identification module interface.
    [0023] Figure 3 is a flowchart of an example process for configuring a utility meter.
    [0024] Figure 4 is a flowchart of an example process for determining a tampered state of a utility meter.
    [0025] Like designations and reference numbers in the various drawings indicate like elements. DETAILED DESCRIPTION
    [0026] Utility meters are configured to receive a removable utilities identification module that securely stores the configuration data that is required for the utility meter to provide metering data (for example, data that specifies power usage) and coordinate communications over a home area network ("HAN") and/or a neighborhood area network ("NAN"). As described below, configuration data may include, for example, encryption key, passwords, network identifier, HAN and/or NAN communication settings, initial routing settings, security settings for devices that belong to the home area network , and other data (eg user account data) that is used by the meter to provide metering data and coordinate communications over a HAN and/or a NAN. Utility identification modules are configured to provide configuration data in response to verification that configuration data is being provided to a device (or user) that is authorized to receive the data. For example, the utility identification module can be configured to implement challenge response techniques, use various encryption techniques, or otherwise require the device requesting the configuration data to verify that it is authorized to receive the configuration data. Additionally, a tampered state for each endpoint that includes a utility identification module can be determined by using challenge/response techniques that are initiated, for example, by other endpoints that are located close to the endpoint. or a network management appliance.
    [0027] Figure 1 is an example environment 100 in which the utility identification module can be implemented. Network environment 100 includes a utilities network 101 in which a plurality of endpoints 102 are coupled (e.g., communicatively coupled) to a collector 104. Endpoints 102 can be any device that includes a transmitter , receiver, or transceiver capable of communicating over the utility network 101. For example, the endpoints 102 may be utility meters (or other utility devices such as switches, transformers, or capacitor banks), computing devices, or other devices that transmit data on the utility network 101. Endpoints 102 or other network components that are implemented in and/or are enabled to communicate over a specified network are referred to as belonging to the network.
    [0028] The following description refers to endpoints 102 as power meters that belong to a power distribution network. However, the following description is applicable to other types of endpoint 102 that belong to utility networks or other networks. For example, the following description is applicable for gas meters and water meters that are installed in gas and water distribution networks respectively.
    [0029] Endpoints 102 monitor and report various operational characteristics of the service network 101, which includes measurements of utility utilization. For example, when endpoints 102 are implemented as power meters in a power distribution network, endpoints 102 report utility measurements used by providing metering data that specify measurements of total power consumption, of the power consumption for a specified period of time, peak power consumption, instantaneous voltage, peak voltage, minimum voltage, and other measurements related to power consumption and power management (eg, load information). The measurement data may also include situation data that specifies a power meter situation (for example, operating in a normal operating mode, emergency power mode, or other state such as a recovery state following a power outage ). In gas distribution and water distribution networks, meters can measure similar characteristics that are related to gas and water use (eg total flow and pressure).
    [0030] In some implementations, symbols 106 that include measurement data representing utility utilization measurements (e.g., data representing power consumption measurements and/or status data) are continuously or intermittently transmitted through of the utility network 101. Each symbol 106 may include data from a single endpoint or data from multiple endpoints. For example, symbol 106a may include endpoint data 102a only, while symbol 106b may include endpoint data 102a as well as endpoint data 102c.
    [0031] Endpoints 102 transmit symbols 106 through communication channels. Communication channels are portions of the spectrum through which data is transmitted. The central frequency and bandwidth of each communication channel can depend on the communication systems in which they are implemented.
    [0032] In some implementations, the communication channels for utility meters (for example, power, gas and/or water meters) are channels of a wireless network mesh. In these implementations, each of the endpoints 102 transmits data over a specified radio frequency channel. Each of the endpoints 102 in a mesh network is also configured to receive data from other endpoints 102 and relay that data towards a destination (e.g., a collector 104 or network management apparatus 108) via the communication channels. For example, each of the endpoints 102a - 102e is communicatively coupled to at least one other endpoint 102 in the utility network 101, and each endpoint 102 can transmit data to, and/or receive data from, others. endpoints 102 to which endpoint 102 is coupled.
    [0033] Each of the endpoints 102 can transmit symbols 106 through the network 101 using routing data. Routing data specifies one or more network devices that belong to the same network fabric as a private endpoint and are in direct communication with the particular endpoint. In some implementations, endpoints 102 maintain routing data using a routing table that specifies a list of endpoints 102 and other network devices that endpoint 102 can communicate with. For example, endpoint 102a is communicatively coupled to endpoints 102b and 102c. In this example, endpoint 102a may maintain a routing table that includes references (e.g., serial numbers or other endpoint identifiers) that are associated with endpoints 102b and 102c. When node 102a is ready to transmit symbol 106a over utility network 101, node 102a can access its routing table to select a node 102 that is to receive symbol 106a. In turn, the node may encode and/or append data to the symbol that specifies the node 102 that is to receive the symbol 106a. Endpoints 102 can encrypt symbols 106 that are transmitted over the utility network 101 to prevent access by third parties.
    [0034] Endpoints 102 can also be implemented in a power line communication network (PLC) that dynamically allocates an available bandwidth according to an orthogonal frequency division multiple access spectrum assignment (OFDMA) technique ) or another channel assignment technique (for example, Time Division Multiple Access, Code Division Multiple Access, and other Frequency Division Multiple Access techniques). In these implementations, endpoints transmit data using the same conductors (for example, power lines) through which power is transmitted. Endpoints 102 that are implemented in a PLC network can also maintain a routing table to specify network elements that should receive data transmitted by endpoints 102 and can also use encryption techniques to secure the data being transmitted.
    [0035] In Figure 1, endpoints 102a to 102e transmit symbols 106 through the communication channels to collector 104. Collector 104 is a data processing apparatus that receives symbols 106 from endpoints 102a to 102e and transmits data representing symbols 106 to a network management apparatus 108 over a data network 110. For example, the collector 104 may be a router, a server, or other data processing apparatus configured to receive the symbols 106 and or retransmit symbols 106 over data network 110, or create new data packets that include data from symbols 106 (e.g., consolidated packets that include data from two or more symbols 106) and transmit those new data packets over the network. of data 110. While only one collector 104 is shown, the utility network 101 can include many different collectors 104 that can each communicate with many thousands of external points. remedy 102.
    [0036] The data network 110 can be an extended area network (WAN), a local area network (LAN), the Internet, or any other communication network. Data networks 110 can be implemented as a wired or wireless network. Wired networks can include any means of restricted networks that include, but are not limited to, implemented networks that use metallic wire conductors, fiber optic materials, or waveguides. Wireless networks include all free space propagation networks, which include, but are not limited to, deployed networks that use free space optical networks and radio waves.
    [0037] In some implementations, the data network 110 couples the collector 104 to the network management apparatus 108. The network management apparatus 108 is a data processing apparatus that monitors and/or controls the utility network 101 The network management apparatus 108 can control different characteristics of the utility network 101 based on data received from the endpoints 102 that are installed in the service network 101.
    [0038] For example, in a power distribution network, the network management apparatus 108 may receive data indicating that power usage is significantly higher in a particular portion of a power network than in other portions of the network. of power. Based on this data, the network management apparatus 108 can allocate additional resources for that particular portion of the network (i.e., load balance) or provide data to a user device 106 that specifies that there is increased power usage in the particular portion of the network. power network.
    [0039] The network management apparatus 108 can provide symbol data 106 to a user device 112 which can be accessed, for example, by a network operator, maintenance workers and/or customers. For example, data identifying the increased power usage described above may be provided to a user device 112 accessible by the network operator, which may, in turn, determine an appropriate action with respect to the increased usage. Additionally, data identifying a time of use measurement and/or a peak demand measurement may also be provided to the user device 112. Similarly, if there has been a power outage, the network management apparatus 112 may provide data for 112 user devices that are accessible by customers to provide information regarding the existence of the fall and potentially provide information estimating the duration of the fall.
    [0040] Environment 100 also includes a home area network 114. A home area network is a network through which residential and/or commercial "smart devices" communicate. Home area network 114 includes "smart devices" 116a through 116d that are configured to communicate with other smart devices that belong to home area network 114. Smart devices may include computers, printers, lighting systems, heating and cooling systems. , security systems, as well as sensors and other devices. For example, devices 116a and 116c can be sensors (eg, motion detectors, acoustic sensors, temperature sensors, or other sensors) that are installed in a home (or business) that detect, for example, environmental conditions in the home. In turn, these sensors can transmit data representing environmental conditions through the home area network 114. A lighting system 116b and/or cooling system 116d can receive the data, and in response to receiving the data, adjust the settings (for example, turning off lights and/or adjusting thermostat settings) of those systems. For example, if the data specifies that motion was detected in the home, the lighting system might turn on the lights in a location where motion was detected.
    [0041] To facilitate communications between the different smart devices 116 that are installed in the home area network 114, each of the smart devices 116 can transmit and receive data according to a specified communication protocol. For example, each of the devices 116a to 116d of Fig. 1 can transmit data in accordance with the ZigBee compatible protocol, so that other devices of home area network 114 that are configured to communicate over home area network 114 can receive the data. data and act in response to receipt of the data.
    [0042] An endpoint 102a can belong to the utilities network 101, a neighborhood area network (not shown), and the home area network 114. Therefore, the endpoint 102a can transmit data over the network. utilities 101, the neighborhood area network, as well as the home area network 114 (for example, in accordance with ZigBee or other specified communications protocols). For example, as described above, endpoint 102a can measure utilities that have been used at a location in which endpoint 102a is installed, and transmit symbols 106 that report measurements of utilities used over the utilities network. 101. Additionally, endpoint 102a may be a coordinator for home area network 114 (or NAN) and facilitate communications over home area network 114 (or over NAN).
    [0043] A coordinator of a home area network is a data processing apparatus that manages communications across the home area network. The coordinator of a home area network stores home area network data associated with the home area network such as a network key for the network, a set of device identifiers, security settings (eg required communications encrypted or not encrypted), and security keys (ie, encryption keys and/or passwords) for devices belonging to the home area network, passwords and other information that is required to facilitate communications over a home area network. Due to the fact that the coordinator can store configuration data associated with each of the devices (eg devices 116a to 116d) that belong to the home area network, the coordinator can operate as a trusted group that receives a request for a key. that is required to communicate with a particular smart device, verify that the requestor is authorized to communicate with the particular smart device, and provide the security key to the requestor in response to the verification. Additionally, the coordinator may limit access to passwords or other credentials that are required to communicate, access, and/or otherwise interact with smart devices 116a to 116d.
    [0044] An area network coordinator is a data processing apparatus that manages communications over the neighborhood area network. The NAN coordinator may store neighborhood area network data associated with the NAN such as a network key for the network, a set of device identifiers that specify which endpoints (or other communications devices) are authorized to communicate over the network. NAN, security settings for NAN, network passwords, and security keys for NAN.
    [0045] It is desired that configuration data (for example, data specifying security keys and other security-related data such as encryption techniques and communication settings) be stored in a secure location so that access to this data be limited to devices that have been determined to be authorized to access the data. For example, endpoints 102 can use cryptographic techniques and other security technologies (eg, certificate authentication techniques) to securely store configuration data in an endpoint's data store.
    [0046] It is also desirable that configuration data be readily available to facilitate communications over the home area network 114. For example, suppose that devices 116a and 116b are trying to communicate with each other over the home area network 114 and/or that endpoint 102a is a power meter that is required to provide a measurement of power usage every 10 minutes. Suppose also that endpoint 102a was recently installed (for example, to replace another endpoint 102 that was home area network coordinator 114), and that endpoint 102a downloads the required configuration data to communicating via the utility network 101 and the home area network 114 of the management apparatus 108.
    [0047] In this example, the endpoint 102 may not have the ability to transmit symbols 106 over the utility network 101 or coordinate communications over the home area network until the configuration data download from the network management apparatus 108 is complete. Therefore, measurement data (e.g., specifying power utilization measurements) will not be provided to the network management apparatus 108 and communications over the home area network 114 will not occur until the download of the configuration data is complete. Additionally, if home area network data (i.e., configuration data for the home area network) is not available from the network management apparatus 108, communications through the home area network 114 may be further delayed until endpoint 102a is provided with home area network data (for example, until home area network is manually reconfigured).
    [0048] For example, when a new utility meter is installed to replace a previously installed utility meter, configuring the utility meter generally requires that configuration data be downloaded, and some level of manual meter configuration of public services. Therefore, when a new utility meter is installed, the utility meter may not be able to communicate through the utility network, the NAN, or the HAN, for a relatively long period of time.
    [0049] To reduce the time during which measurement data and/or communications over the home area network are unavailable, a removable utilities identification module 116 is used to store configuration data for an endpoint 102. Removable utility identification module 116 is a data processing apparatus that stores data in a secure manner. For example, UIM can be a secure hardware device that stores data that is used to facilitate the secure transfer of data across the communications network. The UIM can also securely store data that is used to prevent unauthorized access to a metrology device and/or a HAN/NAN device. UIM can be installed in a secure location (for example, within an endpoint) or with security devices (for example, locking mechanisms) that prevent unauthorized access to the UIM. Additionally, some or all of the data stored in UIM may be encrypted or otherwise protected from being accessed by unauthorized devices.
    [0050] Storing the configuration data in a removable utilities identification module 116 makes the configuration data of a particular endpoint available to be transferred to a new endpoint without requiring the new endpoint to download the data from configuring a network management apparatus 108, and without requiring reconfiguration of the new endpoint as the home area network coordinator 114.
    [0051] For example, when the private endpoint is removed, the removable utilities identification module 116 is removed from the private endpoint by an authorized technician 122 and placed on the new endpoint. Once the new endpoint is activated (eg powered on), the new endpoint will have access to the configuration data that is stored in the utility identification module 116. Therefore, the new endpoint will be able to communicate over the utility network 101 and coordinate communications over the home area network 114 using the configuration data, while maintaining the security of the configuration data.
    [0052] As described in more detail below, the configuration data that is stored in the utility identification module may include configuration data that is required for the endpoint to interact with at least one of the communication apparatus, an apparatus metrology, and a network device. For example, the utility identification module may store communication settings such as PHY/MAC definitions (eg a list of frequencies over which communications are transmitted), routing data (eg tables of routing that specify endpoint and/or access point addresses such as collector addresses) and encryption keys that are required for communication across the utility network, security keys (eg passwords) that are required to interact with a metrology apparatus that provides measurement data, and/or a network key for a home area network, a set of smart devices that belong to the home area network, and security keys and smart device features. The utility identification module may also store account data that specifies a user account (e.g., account number and/or geographic location of the endpoint) with which the endpoint is associated.
    [0053] The removable utilities identification module 116 can be, for example, an ISO/IEC 7816 smart card that is configured to use cryptographic techniques (eg, AES 256 or a public/private key pair) to secure the data. The utility identification module can have a punching form factor (eg an ID0 form factor) and be placed in a utility identification module interface (eg an electrical interface socket) of a endpoint 102. Alternatively, the utilities identification module may be resident in a larger card 118 and detachably received by a utilities identification module 120 interface of endpoint 102a (e.g., a meter and /or a HAN coordinator) that includes a card slot and electrical contact points that connect to the utility identification module 116. In some implementations, the utility identification module 120 interface may be secured (e.g., inside the endpoint) to limit access to utility identification module 116 (e.g., limit access to authorized technicians or others authorized individuals).
    [0054] The particular utilities identification module 116/utilities identification module interface 120 settings are provided for the purpose of example, but other settings may be used. For example, a contactless smart card can be used as a utility identification module, and a contactless smart card interface can be used as a utility identification module interface. Similarly, the utility identification module can be implemented in a processing apparatus that interfaces with an endpoint USB port 102a.
    [0055] Figure 2 is a block diagram of an endpoint 102 that includes a utility identification module interface 201. Endpoint 102 includes a utility meter processing apparatus 204 that manages processing tasks data performed by endpoint 102, controls communications between components of endpoint 102, and controls communications transmitted and/or received by endpoint 102. As described in more detail below, processing apparatus 204 is also responsible for controlling access to secure data that is stored in the utility identification module. The processing apparatus is coupled to a utility identification module interface 201. The utility identification module interface 201 detachably receives interfaces with, and/or coupled to, a user identification module 202 that stores configuration data that the processing apparatus 204 uses to manage the data processing tasks for the endpoint 102, as described below.
    [0056] The processing apparatus 204 is coupled to a metrology apparatus 206 which is a data processing apparatus that is configured to measure and provide measurement data specifying measurements of the utilities used. As described above the measurement data may include, for example, measurements of total power consumption, power consumption for a specified period of time, peak power consumption, instantaneous voltage, peak voltage, minimum voltage and other measurements related to power consumption and power management (eg load information). The metering data may also include situation data that specifies a power meter situation (for example, operating in a normal operating mode, emergency power mode, or other state such as a recovery state that follows a power outage ).
    [0057] When endpoint 102 is programmed (or requested) to provide measurement data, for example, to a utility operator, processing apparatus 204 requests the measurement data from metrology apparatus 206. In some implementations , the request for the measurement data may require execution of a metrology request (or script) which, in execution, causes the metrology apparatus to provide the requested measurement data. To prevent fraudulent activity (eg meter tampering), the execution of the metrology request can be restricted to authenticated users using, for example, a password or other access restriction techniques (eg challenge/response verification) .
    [0058] Passwords (or other data) required to perform the metrology request (or otherwise access the measurement data) may be stored in the UIM 202, so that the processing apparatus 204 may be required to request the UIM 202 password. Requests for UIM 202 data can also be restricted to authenticated devices (or users). Therefore, the request may include data (for example, an authenticated certificate, a valid response to a security challenge, or a password) which demonstrates that the processing apparatus is authorized to receive the data that is requested. In response to the determination that the processing apparatus 204 is authorized to receive the requested data, the UIM 202 provides the requested data (e.g., measurement data) to the processing apparatus.
    [0059] Once the processing apparatus 204 has received the measurement data from the metrology apparatus 206, the processing apparatus 204 provides the measurement data to a communication apparatus 208 which is coupled to the processing apparatus 204. communication 208 is a data processing apparatus that is configured to transmit and receive data over a network (e.g., a utility network). For example, communication apparatus 208 may receive measurement data provided by processing apparatus 204, generate symbols that include the measurement data, and transmit the symbols through a utility network to which endpoint 102 belongs. The communication apparatus 208 can encrypt the measurement data that is included in the symbols to prevent access to the data by third parties. For example, the communication apparatus 208 may encrypt the measurement data using AES, a public/private key pair, or another encryption technique that uses keys that are stored in the UIM 202.
    [0060] Encryption of measurement data can be performed through the processing apparatus, or using keys provided by the processing apparatus. For example, the communication apparatus 208 may request the processing apparatus to encrypt the measurement data for transmission. Alternatively, the communication apparatus may have the processing apparatus obtain the keys necessary to encrypt the data from the UIM 202, and the communication apparatus 208 may perform encryption using keys provided by the processing apparatus.
    [0061] In some implementations, the encryption and/or transmission of data through the communication device 208 are performed in response to the execution of a metrology application (or script) which, after execution, causes the communication device 208 encrypt and/or transmit data over the utility network. To prevent fraudulent activity (for example, tampering with metering data or fraudulent access to the utility network), the execution of the communication application (or other control or access to the communication device 208) may be restricted to authenticated devices (or users ) using, for example, a password or other access restriction techniques (eg challenge/response verification), similar to those described above.
    [0062] For example, to control the communication apparatus 208, the processing apparatus 204 may be required to provide a password or otherwise verify that the processing apparatus 204 is authorized to control the communication apparatus 208. In some implementations, processing apparatus 204 may also be required to specify transmission characteristics for the data being transmitted. For example, communication apparatus 208 may require processing apparatus 204 to specify encryption technique with which data is encrypted as well as routing information (i.e., an identifier for at least one network component that receives the transmitted data ).
    [0063] As described above, passwords or other data required to enable the processing apparatus 204 to verify that it is authorized to control the communication apparatus 208 may be stored in the UIM 202. The UIM 202 may also store encryption data that specify an encryption key that is used to transmit data to a network management apparatus that manages the utility network to which endpoint 102 belongs. Additionally, the UIM 202 can store routing data that specifies one or more network devices that belong to the same network mesh as the endpoint 102 and are in direct communication with the endpoint 102. The processing apparatus 204 can obtain the data required to make the communication apparatus 208 transmit the measurement data from the UIM 202 in a manner similar to that described above.
    [0064] The processing apparatus 204 is also coupled to a network apparatus 210. The network apparatus 210 is a data processing apparatus that is configured to coordinate communication between devices belonging to a same home area network ( for example, a same ZigBee network) and/or a same neighborhood area network as the network appliance 210. For example, the network appliance 210 can interact with devices (e.g., smart devices 116a to 116d of Figure 1 . ) to determine whether the devices are members of the same home area network as the network apparatus 210, whether a pair of specific devices is allowed to communicate over the home area network, and/or provide data required by devices for communication each other through the home area network. Network apparatus 210 may also interact with devices that belong to the same neighborhood area network as network apparatus 210 and/or determine whether a particular device is authorized to transmit data over the network area network.
    [0065] In some implementations, home area network data (i.e., data that is required to facilitate communications across the home area network) and/or neighborhood area network data (i.e., data that is required for communication over a neighborhood area network) are stored in the UIM 202. For example, the UIM 202 can store data that specifies a network key for a home area network (or NAN), a set of devices that belong to the home area network (or NAN), routing tables that are associated with the home area network (or NAN), pairs of devices that are authorized to communicate with each other, and/or security features of devices that belong to the network. domestic area (or NAN). Other data associated with the home area network (or NAN) can also be stored on the UIM 202.
    [0066] The network apparatus 210 can obtain the home area network data and/or the neighborhood area network data from the UIM 202 (e.g. through the processing apparatus 204) to coordinate communications between the devices in the network. home area and through the neighborhood area network in a manner similar to that described above. For example, in response to a request from one device to communicate with another device, the network apparatus 210 may request the processing apparatus 204 to obtain and provide the necessary data to confirm that the two devices are authorized to communicate, as well as the data needed to facilitate communications between the two devices (for example, security keys associated with the devices).
    [0067] As described above, the UIM 202 stores configuration data that is used respectively to gain access and/or control the operation of the metrology apparatus 206, the communication apparatus 208 and the network apparatus 210. In some implementations, the UIM 202 can store the configuration data for each of the respective apparatus in separate memory partition portions, where access to each memory partition is restricted using different passwords and/or different restriction techniques. For example, access to a password associated with the metrology apparatus 206 may be granted by the UIM 202 in response to receiving a particular response to a security challenge, while access to a list of devices belonging to the home area network may be granted in response to another response to a different security challenge. Partitioning the data keys in this manner further secures the configuration data associated with each respective component of endpoint 102. For example, partitioning limits access to configuration data to devices (or users) that have provided the data required for access of the particular partition in which the configuration data for a particular component of endpoint 102 is stored.
    [0068] In some situations, the amount of time required to obtain configuration data from the UIM 202 may exceed a response time in which the processing apparatus 204 is required to obtain and/or provide data to one of the metrology apparatus 206 , communication apparatus 208, and/or network apparatus 210. To reduce the time required to obtain the configuration data, the processing apparatus may include a data storage (e.g., Random Access Memory) in which the data particular settings can be stored temporarily. Storing configuration data in a data store of the processing apparatus 204 can reduce the time required for the processing apparatus 204 to obtain the data because the memory access time of the data store can be much less than the time required to obtain the data. data from the UIM 202. Due to the fact that the configuration data is confidential information, the processing apparatus 204 may be required to periodically interact with the UIM 202, another endpoint, and/or a network management apparatus) to verify that endpoint 102 is not in a tampered state, as described in more detail below.
    [0069] The UIM 202 can be configured to perform all the computations and processing necessary to secure the configuration data that is stored in the UIM 202. For example, the UIM 202 can include a random number generator that is used to facilitate the techniques of challenge/response authentication. The UIM 202 may also include a processor that is configured to encrypt the configuration data that is provided to processing apparatus 204. For example, the UIM 202 may include a processor that is configured to implement a private/public key encryption technique , symmetric key cryptography techniques, and/or asymmetric key cryptography techniques. Furthermore, each UIM 202 can be configured to operate with a particular endpoint 102 through a pairing process, and the pairing of UIM 202 and endpoint 102 may require authentication. For example, on a power-up (or periodically), the processing apparatus 204 may receive a request from the UIM 202 and/or a network management apparatus to provide data verifying the proper pairing of the UIM 202 to the endpoint. 102. The data provided can be, for example, a string result of an endpoint serial number, a response to an authentication challenge, or other authentication data.
    [0070] In some implementations, more than one UIM 202 can be associated with a particular user account. For example, one UIM 202 may be designated to be installed at a fixed location (eg, at the address where a particular power meter is installed), while the other UIM may be authorized to be used at a designated set of other points. that are in other locations (that is, in different locations than a location associated with the user account). Both of these UIMs can include data that is associated with the same utility bill (for example, utility bill) and can be configured to measure power usage. Therefore, each of the UIMs can be installed at separate endpoints to obtain power usage measurements at the endpoints, associated with the power usage measurements at each of the endpoints with the same utility bill, and provide the power usage measurements, for example, for a network management appliance, so that the account that the UIMs have been associated with can be loaded for use in the two different locations. For example, one UIM might be required to be installed on an endpoint that is at the address that is associated with the user account, while the second UIM might be allowed to be used in electric vehicles in order to track power consumption when the mobility device is connected to charging stations or other charging locations that are not located at the address associated with the user account.
    [0071] A UIM 202 can be configured to store all the data described above and used as a universal UIM that can be used on any endpoint. Alternatively, only portions of the data described above can be stored in a UIM 202 that can be used on a specified set of endpoints. For example, a particular UIM can be configured to operate exclusively on a NAN device (for example, a utility device that operates on a NAN), so that particular UIM can only include measurement data and data needed to communicate through. from a NAN, but do not include customer account information. In another example, another UIM can be configured to operate exclusively on a HAN device (for example, devices within a home or a meter in the home), so that other UIM can only include data that specifies customer account information and data required for communication over the HAN.
    [0072] Figure 3 is a flowchart of an example process 300 for configuring a utility meter. Process 300 is a process by which a utility meter processing apparatus determines that configuration data is required to interact with specified apparatus, and detects a removable utility identification module that is in communication with the meter processing apparatus. of public services. The utility meter processing apparatus receives the required configuration data from the utility identification module. In turn, the utility meter processing apparatus interacts with the specified apparatus.
    [0073] The process 300 can be performed, for example, by the endpoints 102 of Figure 1. The process can also be implemented as instructions stored in the computer storage medium, so that the execution of instructions through the processing apparatus makes the data processing apparatus perform the operations of process 300.
    [0074] A determination is made in which configuration data is required to interact with at least one of a metrology apparatus, communication apparatus, and a network apparatus (302). In some implementations, the determination may be made by a utility meter processing apparatus of a utility meter. The determination can be made, for example, by determining that the current configuration data does not correspond to the configuration data that is required to interact with the metrology apparatus and/or the network apparatus. For example, the determination can be made such that a password or other data that is required to access, control, or otherwise interact with the network device and/or the metrology device is not included in the current configuration data .
    [0075] A removable utilities identification module is detected (304). In some implementations, the removable utilities identification module is a data processing apparatus, such as a smart card, that is in communication with the utility meter processing apparatus. For example, the removable utility identification module can be a smart card that is electrically connected to a utility meter's utility identification module interface. The utility identification module stores configuration data required by the utility meter processing apparatus by interacting with at least one of the metrology apparatus and a network apparatus. The utility identification module may also store configuration data required by the utility meter processing apparatus by interacting with a communications module that controls the transmission of the data over a utility network to which the utility meter belongs. .
    [0076] In some implementations, the removable utilities identification module is detected during an initialization sequence of a utilities meter. For example, when the utility meter is turned on, the utility meter processing apparatus can determine whether a utility identification module is electrically connected to the utility meter (e.g. installed in an identification module interface services). In other implementations, the utility identification module is detected due to inserting the utility identification module into a facility identification module interface. For example, while a utility meter is turned on, a utility identification module can be inserted into a utility identification module interface, and the insertion of the utility identification module can be detected.
    [0077] Configuration data is received from the removable utilities identification module (306). In some implementations, configuration data is received in response to a request through the utility meter processing apparatus. For example, in response to the determination that configuration data is required and about a removable utilities identification module that has been detected, the processing apparatus may provide a request for the configuration data to the utilities identification module.
    [0078] In some implementations, the request for configuration data includes data that specifies that the processing apparatus is authorized to receive the configuration data. For example, the request may include a password, an authorized certificate, or data that has been encrypted in accordance with a private key that is shared between the processing apparatus and the utility identification module.
    [0079] In other implementations, in response to the request, the utility identification module may respond to the request with a security challenge and request that the processing apparatus provide a valid response in order to receive the requested configuration data. For example, the utility identification module may generate a random number, provide that number to the processing apparatus, and request the processing apparatus to compute and provide a string (or a result of another function) of the random number. If the random number sequence that is provided by the processing apparatus matches the expected random number sequence that was computed by the utility identification module, then the utility identification module will provide the requested configuration data to the processing apparatus. . However, if the random number sequence that is provided by the processing apparatus does not match the expected sequence, the utility identification module will refuse to provide the requested configuration data, and the utility identification module may increment a combat representing a number of potential security breaches and/or potential attacks that have been detected.
    [0080] In some implementations, configuration data for a different device may be stored in different memory partitions. In these implementations, access to the configuration data for each particular device may be limited to devices (or users) that have demonstrated that they are authorized to access the configuration data for the particular device (for example, by providing a one-time password or other unique data required to access the configuration data for the particular device).
    [0081] As described above, configuration data may include passwords, security keys and other data that are required to interact with a network apparatus, a metrology apparatus and/or communication apparatus. The configuration data that is received may also include encryption data that specifies an encryption key that is used to transmit metering data to a network management appliance that manages the utility network to which the utility meter belongs. The configuration data that is received may additionally include routing data that specifies one or more network devices that belong to the same network mesh as the utility meter and that are in direct communication with the utility meter, data that specifies the geographic location of the utility meter that is transmitting data, as well as destination data that specifies a network identifier (for example, an Internet Protocol Address) associated with a network device to which the data is transmitted (by example, network management appliance).
    [0082] Using the encryption key and routing data, the processing apparatus can transmit the measurement data which is encrypted with the encryption key to a network device which is selected from the routing data. For example, the processing device and/or a communication device may encrypt the data using the encryption key and select, from the routing data, an endpoint, router, repeater, or other network device to which the data flows. measurement will be transmitted. Selection can be made, for example, based on a distance of the selected network device from the utility meter transmitting the data, as well as a quality of the transmission path between the utility meter and the network device (eg, based on signal-to-noise ratio, distance, and other factors).
    [0083] At least one of the metrology apparatus and the network apparatus are in interaction (308). Once the processing apparatus receives the configuration data, the processing apparatus can use the configuration data to interact with the network apparatus and/or the metrology apparatus. For example, the processing apparatus can provide home area network data to the network apparatus, thereby facilitating communication between devices in the home area network. Home area network data can include, for example, a set of device identifiers for devices that want to be home area networks, a set of data keys that are used for communication over the home area network, and/or security settings for devices that belong to the home area network.
    [0084] Additionally, the processing apparatus can use the configuration data to receive measurement data from the metrology apparatus. For example, the processing apparatus may provide a password (or other data specifying that the processing apparatus is authorized to receive the measurement data) that has been received in the configuration data to the metrology apparatus and receive the measurement data in response . Furthermore, the processing apparatus can use the configuration data to cause the measurement data to be transmitted over a utility network. For example, processing apparatus may interact with a communication apparatus which is coupled to the processing apparatus to encrypt measurement data and transmit the measurement data to a network management apparatus.
    [0085] Figure 4 is a flowchart of an example process 400 for determining a tampered state of a utility meter. Process 400 is a process by which the first meter provides an authentication challenge to a second meter. The second meter receives the authentication challenge and provides the first meter with an answer to the authentication challenge. The first meter determines whether the response is valid, and optionally whether the response was received within a time threshold. If the response is not valid or the response was not received within the time threshold, the first meter provides tamper data to the network management appliance. If the response is valid and optionally received within the time threshold, the first meter provides another authentication challenge at a later time.
    [0086] The process 400 can be performed, for example, by the endpoints 102 of Figure 1. The process can also be implemented as instructions stored in the computer storage medium so that the execution of instructions through the processing apparatus. data causes the data processing apparatus to perform the operations of process 400.
    [0087] A first meter provides an authentication challenge to a second meter (402). In some implementations, the first gauge provides a random number to the second gauge and asks the second gauge to provide a string result (or a result from another function) that authenticates the second gauge. Other challenge/response techniques can also be used (eg passwords).
    [0088] The second meter receives the authentication challenge (404) and provides a response to the authentication challenge (406). In some implementations, the response can be generated using a response request that resides in a removable utilities identification module that is associated with the second meter. For example, the response request may generate a random number sequence result and provide the result for transmission back to the first meter.
    [0089] The meter first receives the response and determines if the response is valid (408). A valid response is a response that authenticates the second utility meter as being in an unadulterated state. For example, a valid response can be a response that matches the expected response and/or is received within a specified time threshold of an expected time, as described below. In some implementations, a determination of whether the response is a valid response can be made by comparing the response to an expected response that was computed by the first meter. For example, the first meter can generate an expected sequence result using the random number that was provided to be the second meter. When the sequence result is received from the second meter, it is compared with the expected sequence result that was computed by the first meter. If the string result and the expected string result match, the answer is a valid answer. Otherwise the answer is not a valid answer.
    [0090] If the first meter determines that the response is not a valid response, tampering data is provided to the network management apparatus (410). Tamper data is data that specifies that a particular meter has failed an authentication challenge. Tamper data can include, for example, identifiers that respectively identify the meter that provided the authentication challenge and the meter that provided the response, and data that specifies a reason for providing the tamper data. For example, tamper data may specify that a scrambled response result did not match an expected sequence result and/or that the response was received outside a time threshold, as described below.
    [0091] If the first meter determines that the response is a valid response, the first meter may provide another authentication challenge (402), for example, at a later time or on demand (that is, in response to instructions to initiate a challenge). In some implementations, the first meter can determine if the valid response was received within a threshold response time (412). Threshold response time is an amount of time around an expected response time during which a valid response authenticates the second meter to be in an unadulterated state. For example, the threshold response time can be defined as 10% of an average amount (or other statistical measurement) of time between transmitting the challenge and receiving the response. In this example, a valid response received at a time that is within +/- 10% of the average time authenticates the meter as being in an unadulterated state. However, if a valid response is received outside the +/- 10% average time, the valid response does not authenticate the meter as being in an unadulterated state.
    [0092] When a valid response is received within the response time threshold, the first meter can provide another authentication challenge (402), for example, at a later time or on demand. When the valid response is received outside the response time limit, tampering data can be provided to the network management appliance as described above.
    [0093] In some implementations, process 400 or similar processes can be used to verify the integrity of software or unalterable software that is installed on an endpoint. For example, in response to a challenge (or periodically) a UIM that has been installed on an endpoint can generate an unchanging software/software signature (for example, a string result using data associated with the unchanging software and a number random provided) and compare the signature to a current valid signature. If the signature does not match the current valid signature the tampering data can be provided to a network management appliance or a tamper counter (that is, a counter representing a number of potential security attacks on the endpoint) can be incremented.
    [0094] Subject modalities and operations described in these specifications may be implemented in digital electronic circuit, or in computer software, unalterable software (firmware), or hardware, including the structures disclosed in these specifications and their structural equivalents, or in combinations one or more of them. Modalities of the subject matter described in this specification may be implemented as one or more computer programs, i.e., one or more computer program instruction modules, encoded in a computer storage medium for execution by, or to control the operation of, data processing apparatus. Alternatively or additionally, program instructions may be encoded in an artificially generated propagated signal, for example, an electrical, optical, or electromagnetic signal generator, which are generated to encode information for transmission to receiver apparatus suitable for execution by an apparatus. of data processing. A computer storage medium can be, or be included in, a computer readable device, a computer readable storage substrate, a serial or random access memory array or device, or a combination of one or more of them. Furthermore, while a computer storage medium is not a propagated signal, a computer storage medium can be a source or destination of computer program instructions encoded in an artificially generated propagated signal. The computer storage medium may also be, or be included in, one or more separate physical components or media (for example, multiple CDs, discs, or other storage devices).
    [0095] The operations described in this specification can be implemented as operations performed by a data processing apparatus in data storage on one or more computer-readable storage devices or received from other sources.
    [0096] The term "data processing apparatus" encompasses all types of apparatus, devices and machines for data processing, including, as an example, a programmable processor, a computer, a system on a chip or in multiples, or combinations of the aforementioned. The apparatus may include special purpose logic circuitry, for example, an FPGA (programmable field gate array) or an ASIC (application-specific integrated circuits). The apparatus may also include, in addition to hardware, code that creates an execution environment for the computer program in question, e.g., code that constitutes an unalterable software processor (firmware), a protocol stack, a computer system. database management, an operating system, a cross-platform runtime environment, a virtual machine, or a combination of one or more of them. The appliance and execution environment can realize many different computing model infrastructures, such as web services, distributed computing and grid computing infrastructures.
    [0097] A computer program (also known as a program, software, software application, script, or code) may be written in any form of programming language, including compiled or interpreted languages, declarative or procedural languages, and may be arranged in any form, including as a stand-alone program or as a module, component, subroutine, object, or other unit suitable for use in a computing environment. A computer program can, but need not, match a file on a file system. A program can be stored in a portion of a file that holds other programs or data (for example, one or more scripts stored in a markup language document), in a single file dedicated to the program in question, or in multiple coordinated files (for example, files that store one or more modules, subprograms, or pieces of code). A computer program can be arranged to run on one computer or on multiple computers that are located in one location or distributed over multiple locations and interconnected by a communication network.
    [0098] The processes and logic flows described in this descriptive report can be performed by one or more programmable processors that run one or more computer programs to perform the actions of operating on input data and generating output. Logic processes and flows can also be realized by, and devices can also be implemented as, special purpose logic circuit, eg an FPGA (Programmable Field Gate Array) or an ASIC (application specific integrated circuits).
    [0099] Processors suitable for executing a computer program include, by way of example, both general and special purpose microprocessors, and any one or more processors of any type of digital computer. Generally, a processor will receive instructions and data from read-only memory or random access memory or both. The essential elements of a computer are a processor for performing actions according to instructions and one or more memory devices for storing instructions and data. Generally, a computer will also include, or be operatively coupled to receive data from or transfer data to, or both, one or more mass storage devices to store the data, for example, magnetic, magnetic-optical disks, or optical discs. However, a computer does not need to have such devices.
    [00100] Devices suitable for storing computer program instructions and data include all forms of non-volatile memory, media, and memory devices, including, for example, semiconductor memory devices, e.g., EPROM, EEPROM, and memory devices. flash memory; magnetic disks, for example internal hard disks or removable disks; magnetic-optical discs; and CD-ROM and DVD-ROM discs. Processor and memory can be supplemented by, or incorporated into, special-purpose logic circuitry.
    [00101] Although this descriptive report contains many specific implementation details, these are not to be interpreted as limitations on the scope of any invention or what can be claimed, but as descriptions of functions specific to the particular embodiments of particular inventions. Some functions that are described in this descriptive report in the context of separate modalities can also be implemented combined into a single modality. Conversely, multiple functions that are described in the context of a single modality can also be implemented in multiple modalities separately or in any suitable subcombination. Furthermore, although functions may be described above as acting in certain combinations and even initially claimed in that way, one or more functions of a claimed combination may in some cases be imposed from the combination, and the claimed combination may be directed to a subcombination or variation of a subcombination.
    [00102] Similarly, although operations are depicted in the drawings in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve the desired results. In certain circumstances, multitasking and parallel processing can be advantageous. Furthermore, the separation of various system components in the modalities described above is not to be understood as requiring such separation in all modalities, and it is to be understood that the described program components and systems can generally be integrated together in a software product single or bundled into multiple software products.
    [00103] Therefore, the particular modalities of the matter have been described. Other modalities are within the scope of the claims that follow. In some cases, the actions recited in the claims may be performed in a different order and still achieve desirable results. Furthermore, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve the desired results. In certain implementations, multitasking and parallel processing can be advantageous.
    权利要求:
    Claims (21)
    [0001]
    1. Utility apparatus (102) comprising: processing apparatus (204) which manages data processing tasks for the utility apparatus (102); a communications apparatus (208) coupled to the processing apparatus (204), the communications apparatus (208) being configured to transmit and receive data over a network (101); a metrology apparatus (206) coupled to the processing apparatus (204), the metrology apparatus (206) being configured to measure and provide measurement data including at least one measurement of utilized utilities; a network apparatus (210) coupled to the processing apparatus (204), the network apparatus (210) being configured to coordinate communications between devices belonging to a home area network (114); and a utility identification module interface (201) coupled to the processing apparatus (204), the utility identification module interface (201) detachably receiving a utility identification module (116, 202) utilities, wherein the utility identification module (116, 202) includes at least a processor and a data store that stores configuration data that configures the processing apparatus (204) to communicate with the communications apparatus. (208), the metrology apparatus (206) and the network apparatus (210) characterized in that the utility apparatus (102) belongs to a mesh network (101) of utilities comprising a plurality of utility apparatus. utilities (102), each of the plurality of utilities apparatus (102) is communicatively coupled to at least one other utility apparatus (102) in the mesh network (101) of utilities in a manner. o transmit data to, and/or receive data from, another utility apparatus (102) to which the utility apparatus (102) is coupled and relays that data to a collector (104) and/or a network management apparatus ( 108).
    [0002]
    2. Utility apparatus (102) according to claim 1, characterized in that the utility identification module interface (201) is configured to detachably receive the utility identification module (116, 202) in order to enable the utility identification module to transfer configuration data from a particular utility apparatus (102) to a newly installed utility network apparatus (210), facilitating a utility apparatus (102) to be exchanged with another within the mesh network (101) of utilities.
    [0003]
    3. Utilities apparatus (102) according to claim 2, characterized in that the configuration data which is associated with the communications apparatus (208) specifies at least one encryption key with which the data transmitted to a utility network management appliance are encrypted.
    [0004]
    4. Utilities apparatus (102) according to claim 2, characterized in that the configuration data that is associated with the metrology apparatus (206) specifies at least one security key required to communicate with the metering apparatus. metrology (206).
    [0005]
    5. Utilities apparatus (102) according to claim 2, characterized in that the configuration data that is associated with the network apparatus (210) specifies at least one network security key that is required to communicate through the home area network (114) or a neighborhood area network.
    [0006]
    6. Utilities apparatus (102) according to any of claims 1 to 5, characterized in that the configuration data additionally specifies: devices (116a to d) that belong to the home area network (114); communication configurations associated with the home area network (114) wherein the communication configurations specify pairs of devices (116a to d) that are in communication with each other; and security features of devices (116a to d) belonging to the home area network (114).
    [0007]
    7. Utilities apparatus (102) according to any of claims 1 to 6, characterized in that the home area network (114) is a ZigBee network in which the devices (116a ad) communicate in accordance with a ZigBee communications protocol.
    [0008]
    8. Utilities apparatus (102) according to any of claims 1 to 7, characterized in that each of the configuration data which are respectively associated with the communication apparatus (208), the metrology apparatus (206) and the network apparatus (210) are stored and partitioned according to the apparatus to which the configuration data correspond.
    [0009]
    A method for managing data processing tasks of a utility apparatus (102) as defined in any one of claims 1 to 8, comprising the steps of: determining (302) that the utility processing apparatus (204) requires the configuration data to interact with at least one of the metrology apparatus (206) associated with the utility processing apparatus (204) and a network apparatus (210) that is associated with the utility processing apparatus (204) public services; detect (304), through the utility processing apparatus (204) (204), the removable utility identification module (116, 202) that is in communication with the utility processing apparatus (204), being that the utility identification module (116, 202) stores the configuration data required by the utility processing apparatus (204) to interface with at least one of the metrology apparatus (206) and the network apparatus (210 ); receiving (306), via the utility processing apparatus (204) and from the utility identification module (116, 202), the configuration data; and interacting (308), via the utility processing apparatus (204), with at least one of the metrology apparatus and (206) the network apparatus (210) using the configuration data; characterized in that receiving (306) the configuration data comprises: receiving, from the removable utility identification module (116, 202), the encryption data specifying an encryption key that is used to transmit the data reporting to a network management apparatus (108) that manages a utility network (101) to which the utility apparatus (102) belongs; receive, from the removable utilities identification module (202), routing data specifying one or more network devices that belong to the same network mesh (101) as the utilities apparatus (102a ae) and which are in communication with the utility apparatus (102); and transmitting measurement data (106), which is encrypted with the encryption key, to a selected network device specified by the routing data.
    [0010]
    10. Method according to claim 9, characterized in that receiving routing data further comprises: receiving geographic data specifying a geographic location of the utility apparatus (102); and receiving destination data specifying a network identifier associated with the network management apparatus (108).
    [0011]
    11. Method according to claim 9, characterized in that it further comprises: receiving (404), from another device, an authentication challenge that requires a response to the challenge; and providing (406) a response to the authentication challenge.
    [0012]
    12. Method according to claim 11, characterized in that it further comprises determining (408), through the other device, that the response to the authorization challenge is a valid response, wherein a valid response is a response that authenticates the utility apparatus (102) as being in an unadulterated state.
    [0013]
    13. Method according to claim 12, characterized in that it further comprises: determining (412), through the other device, that the valid response was received outside a limit response time; and providing, through the other apparatus, the tampering data to the network management apparatus reporting the receipt of the valid response outside the response time threshold.
    [0014]
    14. Method according to claim 11, characterized in that it further comprises: determining (410), through the other apparatus, that the authorization challenge response is an invalid response, wherein an invalid response is a failing response in authenticating the utility apparatus (102) as being in an unadulterated state; and providing, through the other apparatus, the tampering data to the network management apparatus reporting the receipt of the invalid response.
    [0015]
    15. Method according to claim 9, characterized in that receiving the configuration data comprises receiving, through the utility apparatus (102), the processing apparatus (204) and the utility identification module (202 ), the home area network data associated with a home area network (114) that is associated with a geographic location of the utility apparatus (102a ae).
    [0016]
    16. Method according to claim 15, characterized in that receiving the data from the home area network comprises receiving, from the utility identification module (202), a set of device identifiers for the devices (116a ad) belonging to the home area network (114), a set of security keys which are used for communications over the home area network (114) and the security settings for devices belonging to the home area network ( 114).
    [0017]
    17. Method according to claim 15, characterized in that it further comprises the coordination of communication between devices (116a to e) belonging to the home area network (114).
    [0018]
    18. Method according to claims 16 and 17, characterized in that: receiving data from the home area network comprises receiving, from the public services identification module, a network security key for the area network domestic; and coordinating communications between devices belonging to the home area network comprises: receiving, from a new device, a request to join the home area network; and providing the network key to the new device in response to the request.
    [0019]
    19. Method according to claim 17, characterized in that the communication coordination between the devices that belong to the home area network comprises the communication coordination between the devices that are in communication through the home area network in accordance with a ZigBee communications standard.
    [0020]
    20. Method according to claim 17, characterized in that receiving the configuration data further comprises receiving, through the utility processing apparatus (204) and from the utility identification module, a security key which is required for communications with the metrology apparatus (206) that is associated with the utility apparatus (102).
    [0021]
    21. Method according to claim 20, characterized in that it further comprises: obtaining the measurement data, wherein the measurement data comprises at least one measurement of the public services used; and generating a communication packet that includes the measurement data, wherein the communication packet is encrypted using the encryption data.
    类似技术:
    公开号 | 公开日 | 专利标题
    BR112013007261B1|2021-05-25|appliance and method for utility device management
    US9762392B2|2017-09-12|System and method for trusted provisioning and authentication for networked devices in cloud-based IoT/M2M platforms
    KR101851261B1|2018-04-23|Centralized remote metering system for security based on private block-chained data
    Kim et al.2011|A secure smart-metering protocol over power-line communication
    JP5306405B2|2013-10-02|Information processing apparatus and program
    CN103679062A|2014-03-26|Intelligent electric meter main control chip and security encryption method
    CN102111265A|2011-06-29|Method for encrypting embedded secure access module | of power system acquisition terminal
    EP3326321B1|2021-10-27|Method and apparatus for providing secure communication among constrained devices
    US10516535B2|2019-12-24|Management apparatus, measurement apparatus, service providing apparatus, computer program product, transfer system, and transfer method
    US20210344482A1|2021-11-04|Method of data transfer, a method of controlling use of data and cryptographic device
    US9491172B2|2016-11-08|Method for communication of energy consumption-specific measurement data elements between a smart meter device and a computer system of a utility company and/or operator of a measuring system
    US20130254541A1|2013-09-26|Access control system and a user terminal
    KR100961842B1|2010-06-08|Security authentication system and method for remote measurement based on power line communication
    KR101509079B1|2015-04-07|Smart Card and Dynamic ID Based Electric Vehicle User Authentication Scheme
    KR101344074B1|2013-12-24|Smart grid data transaction scheme for privacy
    KR20200143034A|2020-12-23|Certificate-based security electronic watt hour meter
    KR101135841B1|2012-04-19|A security system and method thereof using automatic meter reading protocol
    TWI472189B|2015-02-01|Network monitoring system and method for managing key
    Fischer et al.2012|Secure identifiers and initial credential bootstrapping for IoT@ Work
    BANOUN et al.2021|IoT-BDMS: securing IoT devices with hyperledger fabric blockchain
    TW202121191A|2021-06-01|Data provisioning device, communication system, and provisioning method
    WO2020239179A1|2020-12-03|Distributed access control
    Höglund et al.2015|Current state of the art in smart metering security
    Blair et al.2013|Security recommendations
    KR100979065B1|2010-08-30|Method for authenticaing device on PLC network
    同族专利:
    公开号 | 公开日
    CA2812906A1|2012-04-12|
    EP2622357A4|2016-11-02|
    AU2011312680A1|2013-04-04|
    BR112013007261A2|2016-06-14|
    US20120078548A1|2012-03-29|
    BR112013007261B8|2021-08-10|
    US8670946B2|2014-03-11|
    NZ609153A|2015-02-27|
    MX2013003158A|2013-05-30|
    EP2622357A1|2013-08-07|
    EP2622357B1|2019-05-22|
    CA2812906C|2019-10-15|
    WO2012047441A1|2012-04-12|
    AU2011312680B2|2016-01-28|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US3351910A|1964-08-05|1967-11-07|Communitron Inc|Apparatus for collecting and recording data|
    US5293424A|1992-10-14|1994-03-08|Bull Hn Information Systems Inc.|Secure memory card|
    US5699276A|1995-12-15|1997-12-16|Roos; Charles E.|Utility meter providing an interface between a digital network and home electronics|
    US5943656A|1997-12-03|1999-08-24|Avista Advantage, Inc.|Methods and systems for computerized bill consolidating, billing and payment authorization, computerized utility bill consolidating, utility billing access and payment and utility provider consolidated billing systems|
    US5930773A|1997-12-17|1999-07-27|Avista Advantage, Inc.|Computerized resource accounting methods and systems, computerized utility management methods and systems, multi-user utility management methods and systems, and energy-consumption-based tracking methods and systems|
    US6591229B1|1998-10-09|2003-07-08|Schlumberger Industries, Sa|Metrology device with programmable smart card|
    US6799272B1|1999-05-26|2004-09-28|Lucent Technologies Inc.|Remote device authentication system|
    US20040088333A1|2002-01-25|2004-05-06|David Sidman|Apparatus method and system for tracking information access|
    FI20010596A0|2001-03-22|2001-03-22|Ssh Comm Security Oyj|Security system for a data communication network|
    US7043643B1|2001-12-06|2006-05-09|Adaptec, Inc.|Method and apparatus for operating a computer in a secure mode|
    WO2004051585A2|2002-11-27|2004-06-17|Rsa Security Inc|Identity authentication system and method|
    US7480369B2|2003-01-31|2009-01-20|Qwest Communications International, Inc.|Network interface device having virtual private network capability|
    US8073925B2|2004-06-16|2011-12-06|Sharp Laboratories Of America, Inc.|Device management system and method|
    US7530113B2|2004-07-29|2009-05-05|Rockwell Automation Technologies, Inc.|Security system and method for an industrial automation system|
    US20060206433A1|2005-03-11|2006-09-14|Elster Electricity, Llc.|Secure and authenticated delivery of data from an automated meter reading system|
    EP1905191B1|2005-07-20|2014-09-03|Verimatrix, Inc.|Network user authentication system and method|
    US7609837B2|2005-09-01|2009-10-27|Sharp Laboratories Of America, Inc.|System and method for automatic setup of a network device with secure network transmission of setup parameters|
    US7801510B2|2006-02-27|2010-09-21|Samsung Electronics Co., Ltd|Authentication method in a mobile broadcast system and system thereof|
    US20090043519A1|2006-08-10|2009-02-12|V2Green, Inc.|Electric Resource Power Meter in a Power Aggregation System for Distributed Electric Resources|
    JP4869050B2|2006-12-11|2012-02-01|キヤノン株式会社|Management apparatus and management method|
    US20080177678A1|2007-01-24|2008-07-24|Paul Di Martini|Method of communicating between a utility and its customer locations|
    US8670946B2|2010-09-28|2014-03-11|Landis+Gyr Innovations, Inc.|Utility device management|US8670946B2|2010-09-28|2014-03-11|Landis+Gyr Innovations, Inc.|Utility device management|
    US9961550B2|2010-11-04|2018-05-01|Itron Networked Solutions, Inc.|Physically secured authorization for utility applications|
    BRPI1006951A2|2010-11-25|2013-05-21|Light Servicos De Eletricidade S A|electronic electric power meter with integrated digital certification mechanism for safe communication|
    US8543344B2|2010-12-21|2013-09-24|Infineon Technologies Austria Ag|Power meter arrangement|
    EP2523139A1|2011-05-10|2012-11-14|Nagravision S.A.|Method for handling privacy data|
    EP2543974B1|2011-07-06|2014-02-26|Nxp B.V.|Metering system having improved security|
    US8667261B2|2011-07-27|2014-03-04|General Electric Company|Systems, methods, and apparatus for utility meter configuration|
    US8719938B2|2012-04-09|2014-05-06|Landis+Gyr Innovations, Inc.|Detecting network intrusion using a decoy cryptographic key|
    US20130297823A1|2012-05-07|2013-11-07|Thomas Herbst|Secure device pairing initiation via wide area network|
    US9088420B2|2012-10-16|2015-07-21|The Boeing Company|System and method for improved geothentication based on a hash function|
    US8880883B2|2013-03-15|2014-11-04|Silver Spring Networks, Inc.|Secure end-to-end permitting system for device operations|
    US9525524B2|2013-05-31|2016-12-20|At&T Intellectual Property I, L.P.|Remote distributed antenna system|
    US9999038B2|2013-05-31|2018-06-12|At&T Intellectual Property I, L.P.|Remote distributed antenna system|
    EP3738775B1|2013-08-30|2021-11-10|Hewlett-Packard Development Company, L.P.|Supply authentication via timing challenge response|
    US9541421B2|2013-10-03|2017-01-10|Landis+Gyr Innovations, Inc.|In-premises management of home area networks|
    US8897697B1|2013-11-06|2014-11-25|At&T Intellectual Property I, Lp|Millimeter-wave surface-wave communications|
    US9425968B2|2013-11-15|2016-08-23|Landis+Gyr Innovations, Inc.|System and method for updating an encryption key across a network|
    US10165130B2|2014-02-13|2018-12-25|Emerge Print Management, Llc|System and method for the passive monitoring and reporting of printer-related data on USB cables|
    US10193979B2|2014-03-17|2019-01-29|General Electric Company|System architecture for wireless metrological devices|
    US20150312656A1|2014-04-28|2015-10-29|Nexgrid, Llc|Extended fluid meter battery life apparatus and methods|
    US9768833B2|2014-09-15|2017-09-19|At&T Intellectual Property I, L.P.|Method and apparatus for sensing a condition in a transmission medium of electromagnetic waves|
    US10063280B2|2014-09-17|2018-08-28|At&T Intellectual Property I, L.P.|Monitoring and mitigating conditions in a communication network|
    US9615269B2|2014-10-02|2017-04-04|At&T Intellectual Property I, L.P.|Method and apparatus that provides fault tolerance in a communication network|
    US9685992B2|2014-10-03|2017-06-20|At&T Intellectual Property I, L.P.|Circuit panel network and methods thereof|
    US9553843B1|2014-10-08|2017-01-24|Google Inc.|Service directory profile for a fabric network|
    US9503189B2|2014-10-10|2016-11-22|At&T Intellectual Property I, L.P.|Method and apparatus for arranging communication sessions in a communication system|
    US9973299B2|2014-10-14|2018-05-15|At&T Intellectual Property I, L.P.|Method and apparatus for adjusting a mode of communication in a communication network|
    US9653770B2|2014-10-21|2017-05-16|At&T Intellectual Property I, L.P.|Guided wave coupler, coupling module and methods for use therewith|
    US9312919B1|2014-10-21|2016-04-12|At&T Intellectual Property I, Lp|Transmission device with impairment compensation and methods for use therewith|
    US9769020B2|2014-10-21|2017-09-19|At&T Intellectual Property I, L.P.|Method and apparatus for responding to events affecting communications in a communication network|
    US9577306B2|2014-10-21|2017-02-21|At&T Intellectual Property I, L.P.|Guided-wave transmission device and methods for use therewith|
    US9780834B2|2014-10-21|2017-10-03|At&T Intellectual Property I, L.P.|Method and apparatus for transmitting electromagnetic waves|
    US9627768B2|2014-10-21|2017-04-18|At&T Intellectual Property I, L.P.|Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith|
    US10243784B2|2014-11-20|2019-03-26|At&T Intellectual Property I, L.P.|System for generating topology information and methods thereof|
    US9800327B2|2014-11-20|2017-10-24|At&T Intellectual Property I, L.P.|Apparatus for controlling operations of a communication device and methods thereof|
    US9544006B2|2014-11-20|2017-01-10|At&T Intellectual Property I, L.P.|Transmission device with mode division multiplexing and methods for use therewith|
    US9954287B2|2014-11-20|2018-04-24|At&T Intellectual Property I, L.P.|Apparatus for converting wireless signals and electromagnetic waves and methods thereof|
    US9742462B2|2014-12-04|2017-08-22|At&T Intellectual Property I, L.P.|Transmission medium and communication interfaces and methods for use therewith|
    US10009067B2|2014-12-04|2018-06-26|At&T Intellectual Property I, L.P.|Method and apparatus for configuring a communication interface|
    US9876570B2|2015-02-20|2018-01-23|At&T Intellectual Property I, Lp|Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith|
    US9749013B2|2015-03-17|2017-08-29|At&T Intellectual Property I, L.P.|Method and apparatus for reducing attenuation of electromagnetic waves guided by a transmission medium|
    KR102314917B1|2015-03-19|2021-10-21|삼성전자주식회사|Method and apparatus for configuring connection between devices in a communication system|
    US10224981B2|2015-04-24|2019-03-05|At&T Intellectual Property I, Lp|Passive electrical coupling device and methods for use therewith|
    US9705561B2|2015-04-24|2017-07-11|At&T Intellectual Property I, L.P.|Directional coupling device and methods for use therewith|
    US9793954B2|2015-04-28|2017-10-17|At&T Intellectual Property I, L.P.|Magnetic coupling device and methods for use therewith|
    US9490869B1|2015-05-14|2016-11-08|At&T Intellectual Property I, L.P.|Transmission medium having multiple cores and methods for use therewith|
    US9748626B2|2015-05-14|2017-08-29|At&T Intellectual Property I, L.P.|Plurality of cables having different cross-sectional shapes which are bundled together to form a transmission medium|
    US9871282B2|2015-05-14|2018-01-16|At&T Intellectual Property I, L.P.|At least one transmission medium having a dielectric surface that is covered at least in part by a second dielectric|
    US10650940B2|2015-05-15|2020-05-12|At&T Intellectual Property I, L.P.|Transmission medium having a conductive material and methods for use therewith|
    US9917341B2|2015-05-27|2018-03-13|At&T Intellectual Property I, L.P.|Apparatus and method for launching electromagnetic waves and for modifying radial dimensions of the propagating electromagnetic waves|
    US9866309B2|2015-06-03|2018-01-09|At&T Intellectual Property I, Lp|Host node device and methods for use therewith|
    US9912381B2|2015-06-03|2018-03-06|At&T Intellectual Property I, Lp|Network termination and methods for use therewith|
    US10812174B2|2015-06-03|2020-10-20|At&T Intellectual Property I, L.P.|Client node device and methods for use therewith|
    US9997819B2|2015-06-09|2018-06-12|At&T Intellectual Property I, L.P.|Transmission medium and method for facilitating propagation of electromagnetic waves via a core|
    US9913139B2|2015-06-09|2018-03-06|At&T Intellectual Property I, L.P.|Signal fingerprinting for authentication of communicating devices|
    US9820146B2|2015-06-12|2017-11-14|At&T Intellectual Property I, L.P.|Method and apparatus for authentication and identity management of communicating devices|
    US9640850B2|2015-06-25|2017-05-02|At&T Intellectual Property I, L.P.|Methods and apparatus for inducing a non-fundamental wave mode on a transmission medium|
    US9865911B2|2015-06-25|2018-01-09|At&T Intellectual Property I, L.P.|Waveguide system for slot radiating first electromagnetic waves that are combined into a non-fundamental wave mode second electromagnetic wave on a transmission medium|
    US9509415B1|2015-06-25|2016-11-29|At&T Intellectual Property I, L.P.|Methods and apparatus for inducing a fundamental wave mode on a transmission medium|
    US9882257B2|2015-07-14|2018-01-30|At&T Intellectual Property I, L.P.|Method and apparatus for launching a wave mode that mitigates interference|
    US9853342B2|2015-07-14|2017-12-26|At&T Intellectual Property I, L.P.|Dielectric transmission medium connector and methods for use therewith|
    US9628116B2|2015-07-14|2017-04-18|At&T Intellectual Property I, L.P.|Apparatus and methods for transmitting wireless signals|
    US10044409B2|2015-07-14|2018-08-07|At&T Intellectual Property I, L.P.|Transmission medium and methods for use therewith|
    US9847566B2|2015-07-14|2017-12-19|At&T Intellectual Property I, L.P.|Method and apparatus for adjusting a field of a signal to mitigate interference|
    US10148016B2|2015-07-14|2018-12-04|At&T Intellectual Property I, L.P.|Apparatus and methods for communicating utilizing an antenna array|
    US10205655B2|2015-07-14|2019-02-12|At&T Intellectual Property I, L.P.|Apparatus and methods for communicating utilizing an antenna array and multiple communication paths|
    US10090606B2|2015-07-15|2018-10-02|At&T Intellectual Property I, L.P.|Antenna system with dielectric array and methods for use therewith|
    US9948333B2|2015-07-23|2018-04-17|At&T Intellectual Property I, L.P.|Method and apparatus for wireless communications to mitigate interference|
    US9749053B2|2015-07-23|2017-08-29|At&T Intellectual Property I, L.P.|Node device, repeater and methods for use therewith|
    US9871283B2|2015-07-23|2018-01-16|At&T Intellectual Property I, Lp|Transmission medium having a dielectric core comprised of plural members connected by a ball and socket configuration|
    US9912027B2|2015-07-23|2018-03-06|At&T Intellectual Property I, L.P.|Method and apparatus for exchanging communication signals|
    US9967173B2|2015-07-31|2018-05-08|At&T Intellectual Property I, L.P.|Method and apparatus for authentication and identity management of communicating devices|
    US9735833B2|2015-07-31|2017-08-15|At&T Intellectual Property I, L.P.|Method and apparatus for communications management in a neighborhood network|
    US9461706B1|2015-07-31|2016-10-04|At&T Intellectual Property I, Lp|Method and apparatus for exchanging communication signals|
    US9904535B2|2015-09-14|2018-02-27|At&T Intellectual Property I, L.P.|Method and apparatus for distributing software|
    US9769128B2|2015-09-28|2017-09-19|At&T Intellectual Property I, L.P.|Method and apparatus for encryption of communications over a network|
    US9729197B2|2015-10-01|2017-08-08|At&T Intellectual Property I, L.P.|Method and apparatus for communicating network management traffic over a network|
    US9876264B2|2015-10-02|2018-01-23|At&T Intellectual Property I, Lp|Communication system, guided wave switch and methods for use therewith|
    US10355367B2|2015-10-16|2019-07-16|At&T Intellectual Property I, L.P.|Antenna structure for exchanging wireless signals|
    US11030595B1|2015-11-16|2021-06-08|Wells Fargo Bank, N.A.|Integrated utility distribution and automated billing|
    US9955239B2|2016-07-15|2018-04-24|Honeywell International Inc.|Configurable secure mobile tool for AMI and AMR metering systems|
    US9860075B1|2016-08-26|2018-01-02|At&T Intellectual Property I, L.P.|Method and communication node for broadband distribution|
    US10811767B2|2016-10-21|2020-10-20|At&T Intellectual Property I, L.P.|System and dielectric antenna with convex dielectric radome|
    US10374316B2|2016-10-21|2019-08-06|At&T Intellectual Property I, L.P.|System and dielectric antenna with non-uniform dielectric|
    US10312567B2|2016-10-26|2019-06-04|At&T Intellectual Property I, L.P.|Launcher with planar strip antenna and methods for use therewith|
    US10340573B2|2016-10-26|2019-07-02|At&T Intellectual Property I, L.P.|Launcher with cylindrical coupling device and methods for use therewith|
    US10224634B2|2016-11-03|2019-03-05|At&T Intellectual Property I, L.P.|Methods and apparatus for adjusting an operational characteristic of an antenna|
    US10498044B2|2016-11-03|2019-12-03|At&T Intellectual Property I, L.P.|Apparatus for configuring a surface of an antenna|
    US10225025B2|2016-11-03|2019-03-05|At&T Intellectual Property I, L.P.|Method and apparatus for detecting a fault in a communication system|
    US10291334B2|2016-11-03|2019-05-14|At&T Intellectual Property I, L.P.|System for detecting a fault in a communication system|
    US10178445B2|2016-11-23|2019-01-08|At&T Intellectual Property I, L.P.|Methods, devices, and systems for load balancing between a plurality of waveguides|
    US10535928B2|2016-11-23|2020-01-14|At&T Intellectual Property I, L.P.|Antenna system and methods for use therewith|
    US10090594B2|2016-11-23|2018-10-02|At&T Intellectual Property I, L.P.|Antenna system having structural configurations for assembly|
    US10340601B2|2016-11-23|2019-07-02|At&T Intellectual Property I, L.P.|Multi-antenna system and methods for use therewith|
    US10340603B2|2016-11-23|2019-07-02|At&T Intellectual Property I, L.P.|Antenna system having shielded structural configurations for assembly|
    US10305190B2|2016-12-01|2019-05-28|At&T Intellectual Property I, L.P.|Reflecting dielectric antenna system and methods for use therewith|
    US10361489B2|2016-12-01|2019-07-23|At&T Intellectual Property I, L.P.|Dielectric dish antenna system and methods for use therewith|
    US9927517B1|2016-12-06|2018-03-27|At&T Intellectual Property I, L.P.|Apparatus and methods for sensing rainfall|
    US10135145B2|2016-12-06|2018-11-20|At&T Intellectual Property I, L.P.|Apparatus and methods for generating an electromagnetic wave along a transmission medium|
    US10382976B2|2016-12-06|2019-08-13|At&T Intellectual Property I, L.P.|Method and apparatus for managing wireless communications based on communication paths and network device positions|
    US10755542B2|2016-12-06|2020-08-25|At&T Intellectual Property I, L.P.|Method and apparatus for surveillance via guided wave communication|
    US10020844B2|2016-12-06|2018-07-10|T&T Intellectual Property I, L.P.|Method and apparatus for broadcast communication via guided waves|
    US10326494B2|2016-12-06|2019-06-18|At&T Intellectual Property I, L.P.|Apparatus for measurement de-embedding and methods for use therewith|
    US10819035B2|2016-12-06|2020-10-27|At&T Intellectual Property I, L.P.|Launcher with helical antenna and methods for use therewith|
    US10637149B2|2016-12-06|2020-04-28|At&T Intellectual Property I, L.P.|Injection molded dielectric antenna and methods for use therewith|
    US10727599B2|2016-12-06|2020-07-28|At&T Intellectual Property I, L.P.|Launcher with slot antenna and methods for use therewith|
    US10694379B2|2016-12-06|2020-06-23|At&T Intellectual Property I, L.P.|Waveguide system with device-based authentication and methods for use therewith|
    US10439675B2|2016-12-06|2019-10-08|At&T Intellectual Property I, L.P.|Method and apparatus for repeating guided wave communication signals|
    US10168695B2|2016-12-07|2019-01-01|At&T Intellectual Property I, L.P.|Method and apparatus for controlling an unmanned aircraft|
    US9893795B1|2016-12-07|2018-02-13|At&T Intellectual Property I, Lp|Method and repeater for broadband distribution|
    US10139820B2|2016-12-07|2018-11-27|At&T Intellectual Property I, L.P.|Method and apparatus for deploying equipment of a communication system|
    US10359749B2|2016-12-07|2019-07-23|At&T Intellectual Property I, L.P.|Method and apparatus for utilities management via guided wave communication|
    US10243270B2|2016-12-07|2019-03-26|At&T Intellectual Property I, L.P.|Beam adaptive multi-feed dielectric antenna system and methods for use therewith|
    US10446936B2|2016-12-07|2019-10-15|At&T Intellectual Property I, L.P.|Multi-feed dielectric antenna system and methods for use therewith|
    US10547348B2|2016-12-07|2020-01-28|At&T Intellectual Property I, L.P.|Method and apparatus for switching transmission mediums in a communication system|
    US10027397B2|2016-12-07|2018-07-17|At&T Intellectual Property I, L.P.|Distributed antenna system and methods for use therewith|
    US10389029B2|2016-12-07|2019-08-20|At&T Intellectual Property I, L.P.|Multi-feed dielectric antenna system with core selection and methods for use therewith|
    US9911020B1|2016-12-08|2018-03-06|At&T Intellectual Property I, L.P.|Method and apparatus for tracking via a radio frequency identification device|
    US10916969B2|2016-12-08|2021-02-09|At&T Intellectual Property I, L.P.|Method and apparatus for providing power using an inductive coupling|
    US10530505B2|2016-12-08|2020-01-07|At&T Intellectual Property I, L.P.|Apparatus and methods for launching electromagnetic waves along a transmission medium|
    US10069535B2|2016-12-08|2018-09-04|At&T Intellectual Property I, L.P.|Apparatus and methods for launching electromagnetic waves having a certain electric field structure|
    US10938108B2|2016-12-08|2021-03-02|At&T Intellectual Property I, L.P.|Frequency selective multi-feed dielectric antenna system and methods for use therewith|
    US10777873B2|2016-12-08|2020-09-15|At&T Intellectual Property I, L.P.|Method and apparatus for mounting network devices|
    US10103422B2|2016-12-08|2018-10-16|At&T Intellectual Property I, L.P.|Method and apparatus for mounting network devices|
    US10326689B2|2016-12-08|2019-06-18|At&T Intellectual Property I, L.P.|Method and system for providing alternative communication paths|
    US10411356B2|2016-12-08|2019-09-10|At&T Intellectual Property I, L.P.|Apparatus and methods for selectively targeting communication devices with an antenna array|
    US10389037B2|2016-12-08|2019-08-20|At&T Intellectual Property I, L.P.|Apparatus and methods for selecting sections of an antenna array and use therewith|
    US10601494B2|2016-12-08|2020-03-24|At&T Intellectual Property I, L.P.|Dual-band communication device and method for use therewith|
    US9998870B1|2016-12-08|2018-06-12|At&T Intellectual Property I, L.P.|Method and apparatus for proximity sensing|
    US10340983B2|2016-12-09|2019-07-02|At&T Intellectual Property I, L.P.|Method and apparatus for surveying remote sites via guided wave communications|
    US9838896B1|2016-12-09|2017-12-05|At&T Intellectual Property I, L.P.|Method and apparatus for assessing network coverage|
    US10264586B2|2016-12-09|2019-04-16|At&T Mobility Ii Llc|Cloud-based packet controller and methods for use therewith|
    US9973940B1|2017-02-27|2018-05-15|At&T Intellectual Property I, L.P.|Apparatus and methods for dynamic impedance matching of a guided wave launcher|
    US10298293B2|2017-03-13|2019-05-21|At&T Intellectual Property I, L.P.|Apparatus of communication utilizing wireless network devices|
    DE102018003061A1|2018-02-03|2019-08-08|Diehl Metering Systems Gmbh|Method for the secure operation of an electronic consumption data module and consumption data module|
    CN110631661A|2018-06-21|2019-12-31|江苏金钰铭电子有限公司|Water meter verification system capable of being remotely monitored and controlled based on Internet|
    US10728633B2|2018-12-19|2020-07-28|Simmonds Precision Products, Inc.|Configurable distributed smart sensor system|
    法律状态:
    2018-12-26| B06F| Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette]|
    2019-07-23| B06U| Preliminary requirement: requests with searches performed by other patent offices: procedure suspended [chapter 6.21 patent gazette]|
    2020-07-07| B06A| Patent application procedure suspended [chapter 6.1 patent gazette]|
    2021-03-09| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|
    2021-05-25| B16A| Patent or certificate of addition of invention granted [chapter 16.1 patent gazette]|Free format text: PRAZO DE VALIDADE: 20 (VINTE) ANOS CONTADOS A PARTIR DE 08/09/2011, OBSERVADAS AS CONDICOES LEGAIS. |
    2021-08-10| B16C| Correction of notification of the grant [chapter 16.3 patent gazette]|Free format text: REF. RPI 2629 DE 25/05/2021 QUANTO AO TITULAR. |
    优先权:
    申请号 | 申请日 | 专利标题
    US12/891,915|2010-09-28|
    US12/891,915|US8670946B2|2010-09-28|2010-09-28|Utility device management|
    PCT/US2011/050845|WO2012047441A1|2010-09-28|2011-09-08|Utility device management|
    [返回顶部]