-
Notifications
You must be signed in to change notification settings - Fork 0
Zero Trust Security en
EnerOS Bot edited this page Jul 5, 2026
·
1 revision
中文 | English
Maintained version: v0.51.2 | Last updated: 2026-07-06
EnerOS v0.39.0 introduced a zero-trust architecture, shifting from "perimeter defense" to "never trust, always verify". This page summarizes the trust / ids / audit / compliance security subsystems; for full config see the main repo docs/deployment.md §3.4 + ADR-0007 + docs/compliance/.
┌──────────────────────────────────────────────────┐
│ EnerOS instance │
│ │
│ ┌─────────────┐ ┌─────────────┐ │
│ │ eneros-trust│ │ eneros-ids │ │
│ │ CA / mTLS │ │ baseline / │ │
│ │ cert rotate │ │ IOC / IDS │ │
│ └──────┬──────┘ └──────┬──────┘ │
│ │ │ │
│ ┌──────┴────────────────┴──────┐ │
│ │ eneros-audit │ │
│ │ HMAC chain + WORM storage │ │
│ └──────────────┬───────────────┘ │
│ │ │
│ ┌──────────────┴───────────────┐ │
│ │ eneros-compliance │ │
│ │ NERC CIP / IEC 62443 / │ │
│ │ GDPR / PIPL / CCPA │ │
│ └──────────────────────────────┘ │
└──────────────────────────────────────────────────┘
| Capability | Description |
|---|---|
| Internal CA | Self-signed root cert + intermediate CA, issues all service certificates |
| mTLS mutual auth | Inter-service communication enforces mTLS; clients must present valid cert from internal CA |
| Auto cert rotation | Auto-rotates rotation_days_before_expiry (default 30 days) before expiry |
| Cert revocation | CRL + OCSP online revocation checking |
[zero_trust]
ca_cert_path = "/etc/eneros/tls/ca.crt"
ca_key_path = "/etc/eneros/tls/ca.key"
cert_dir = "/var/lib/eneros/certs"
rotation_days_before_expiry = 30
mtls_required = trueEventBus broker mTLS (requires mtls feature):
eneros-eventbus-broker --tls-cert /etc/eneros/tls/broker.crt \
--tls-key /etc/eneros/tls/broker.key \
--tls-ca /etc/eneros/tls/ca.crt| Capability | Description |
|---|---|
| API behavior baseline | Learns normal call patterns for each API endpoint (frequency / params / source) |
| IOC threat intelligence | Loads IOCs (IP / domain / hash) from JSON file, matches real-time traffic |
| Login lockout | Locks for lockout_duration_secs (default 900s) after lockout_threshold (default 5) consecutive failures |
| Anomaly alert | Detects anomalies, sends to event bus, triggers AIOps correlation analysis |
[threat_detection]
enable_baseline = true
enable_ids = true
lockout_threshold = 5
lockout_duration_secs = 900
intel_file_path = "/etc/eneros/security/ioc.json"| Capability | Description |
|---|---|
| WORM storage | Linux chattr +a sets append-only attribute, tamper-proof; non-Linux only logs warning |
| HMAC-SHA256 chain | Each record's hash includes the previous hash; tampering with history causes subsequent verification to fail |
| Auto rotation | Auto-rotates when single file exceeds max_size_mb (default 512) |
| Retention policy | Default retains retention_days = 365 days |
[audit]
storage_path = "/var/lib/eneros/audit"
max_size_mb = 512
retention_days = 365
hmac_secret = "<32-byte-hex-secret>"| Standard | Scope | Documentation |
|---|---|---|
| NERC CIP | North American power system critical infrastructure protection | docs/compliance/nerc-cip.md |
| IEC 62443-4-1 | Industrial automation system security SDLC | docs/compliance/iec-62443-4-1-sdlc.md |
| IEC 62443-4-2 | Security level SL matrix | docs/compliance/iec-62443-4-2-sl-matrix.md |
| GDPR | EU General Data Protection Regulation | v0.47.0 data subject rights |
| PIPL | China Personal Information Protection Law | v0.47.0 |
| CCPA | California Consumer Privacy Act | v0.47.0 |
| Layer | Tool | Frequency | Trigger |
|---|---|---|---|
| Static analysis | SAST (CodeQL / Semgrep) | Every PR | Critical vulnerability blocks merge |
| Dependency audit | cargo audit |
Every PR + daily cron | RUSTSEC vulnerabilities |
| License check | cargo deny |
Every PR | GPL/AGPL rejected |
- IOC threat intelligence loads from JSON file only; threat intelligence platforms (e.g., MISP) not integrated
- Behavior baseline covers API layer only; event bus traffic not covered
- WORM only Linux
chattr +a; object storage WORM (e.g., S3 Object Lock) not supported - Compliance report generation requires manual trigger; scheduled reports not supported
- ADR-0007 Zero-Trust
- Multi-Tenancy — Multi-tenancy + zero-trust combination
- Security Policy — Vulnerability reporting process
-
Configuration Reference —
[zero_trust]/[threat_detection]/[audit]sections - Main repo docs/deployment.md §3.4 — Zero-trust deployment config
- Main repo docs/compliance/ — Compliance docs
EnerOS Wiki | v0.51.2