There are various security-related topics throughout VOLTTRON’s documentation. This is a quick roadmap for finding security documentation.
VIP was built with security in mind from the ground up. VIP uses encrypted channels and enforces agent authentication by default for all network communication. VIP’s authorization mechanism allows system administrators to limit agent capabilities with fine granularity.
Even with these security mechanisms built into VOLTTRON, it is important for system administrators to harden VOLTTRON’s underlying OS.
The VOLTTRON team has engaged with PNNL’s Secure Software Central team to create a threat profile document. You can read about the threat assessment findings and how the VOLTTRON team is addressing them here: SSC Threat Profile
Additional documentation related to VIP authentication and authorization is available here:
- Key Stores
- Known Hosts File
- Agent Isolation Mode
- Disabling Authentication in VOLTTRON