There are various security-related topics throughout VOLTTRON’s documentation. This is a quick roadmap for finding security documentation.
A core component of VOLTTRON is its message bus. The security of this message bus is crucial to the entire system. The VOLTTRON Interconnect Protocol provides communication over the message bus.
VIP was built with security in mind from the ground up. VIP uses encrypted channels and enforces agent authentication by default for all network communication. VIP’s authorization mechanism allows system administrators to limit agent capabilities with fine granularity.
Even with these security mechanisms built into VOLTTRON, it is important for system administrators to harden VOLTTRON’s underlying OS.
The VOLTTRON team has engaged with PNNL’s Secure Software Central team to create a threat profile document. You can read about the threat assessment findings and how the VOLTTRON team is addressing them here: SSC Threat Profile
Additional documentation related to VIP authentication and authorization is available here:
- Key Stores
- Known Hosts File
- Running Agents as Unix Users