PRISM STS6 PRODUCT SUITE

Download Prism TSM250 Datasheet Brochure
Download Prism TSM500i Datasheet Brochure

Overview

From 1993 to 2018, the applicable IEC specification for the first generation of Standard Transfer Specification (STS), which is known as STS edition 1, was IEC60255-41 Edition 1 and later Edition 2 which included currency tokens for smart metering and time of use tariffs.

In 2016, STS Association (STSA) released a new Key Management Specification, STS600-8, (developed by Prism) which incorporated a host of new security and functional features based on lessons learned from the first 25 years of STS operations.

IEC62055-41 Edition 3 specification captured the enhancements as specified in STS600-8 and was published in 2018. The STS Association refers to this generation as STS Edition 2 as it is the second major release of STS standards and associated technology upgrades since the standard was launched.

The STSA deployed a new Key Management Centre in May 2016 which supports all the new features as defined in STS Edition 2.

Prism has prefixed their STS Edition 2 security module firmware with “STS6”, named after the key management specification. The STS6 security modules have been certified to the highest international level possible with no compromises, namely PCI-HSM version 3, to protect our customers and their vending keys. Prism is the first HSM manufacturer globally to achieve this level of security, which emphasizes the company’s commitment to providing the best security that money can buy.

The security modules not only provide secure key storage, encryption and decryption but they also enforce the security attributes listed below:

New Security Features and Benefits

Key Expiry:

The Supply Group Code (SGC) owner has the ability to provide an expiry date to a vending key, which protects against any compromise of the key beyond the expiry date. This achieves a significant reduction of risk associated with vending, such as theft of a vending system or security module. Furthermore, it allows for the Vendor’s contract for a fixed period to correspond with the expiry date of the key.

Key Refresh:

The vending key needs to be refreshed periodically, configurable from 30 days to 365 days. The SGC owner can control this via the Key Management Centre (KMC). This is a feature to limit risk to a shorter period than the key expiry period, so as to minimize risk in the event of theft or non-performance of a vendor (in the cases where a vendor vends on contract to the Utility). The key can continue being refreshed by the vendor without any intervention or approval required by the SGC owner up until the end of the key expiry period. Should the owner of the SGC wish to make amendments to the attributes, he may do so via the KMC, and they take effect at the next key refresh.

Vending Key Limits:

The vending key has configurable Unit and Currency Limits (for currency tokens) which can be applied to a vending key, and are applicable for the duration of the refresh period. When a key is refreshed, the limits are once again set to the limits applied to the vending key.

DKGA04 and Misty-1:

These are significantly stronger algorithms than used in edition 1 and are used for protecting meters and vending keys. They use up to 192-bit encryption.

Secure Transfer of Keys from KMC:

The STS600 Key Management Centre supports a secure method of transferring keys to the security modules. The security architecture shared between the security modules, and Key Management System allows for personalisation of the security modules at the trusted centre of the security module manufacturer, hence eliminating the need for modules to be transported to and from the KMC as per the original process. Vending keys are transported in a key file with greater encryption security than was implemented in previous key files.

TID Rollover support:

The STS6 firmware supports TID Rollover. TID (Time Identifier) is a design feature of the STS protocol which increments in one-minute intervals from a defined base date, using a 20 digit counter. The first base date was set as 01 January 1993 and will reach its maximum value in 2024, after which it will roll over to zero. To prevent the replay of old tokens, the meters need to be key changed to a new key revision number (KRN). This process is referred to as ‘TID Rollover’ and occurs every 30 years.

Warranty and Support:

The STS6 license model ensures that the security modules are supported, and the warranty is extended by 12 months on the renewal of a license.

Frequently Asked Questions

Q: How do I upgrade to an STS6 vending system?

A: The simplest method is to buy an already certified Prism STS6 Vending system.

  • PrismVend is a low cost but comprehensive vending system. PrismVend
  • The Utility Vending System (UVS) is an enterprise vending system, typically for hosting and integration with sales and distribution platforms. (Link to UVS)
  • The next easiest method is to use the Prism PrismVend, which is an STS certified vending engine designed specifically for integration into customised vending systems. PrismVend
  • Prism also hosts PrimsToken as a Saas (Software as a Service) solution for foreign utilities that do not want to be bothered with the logistics and costs of owning, supporting, transporting and maintaining Hardware security modules. PrismVend
Q: After upgrading the vending system, can the upgraded vending system vend to the old meters that are still on the old key, i.e. before a key change token is put into the meter?

A:  Yes it can.

  • Each meter is configured with a KRN number. Old meters use KRN=1. You can continue vending to them using the Vk on KRN=1. The key change token changes the meters KRN from 1 to 2, thereafter tokens for that meter use Vk on KRN=2.
  • It’s the same concept as doing a key change token to a new SGC. The only difference, in this case, is that the SGC number remains the same but the KRN number is bumped up from 1 to 2.
Q: Can you query the transaction license balance via the API?

A: Yes, the API supports this feature.

  • It is recommended that the feature is built into vending systems.
  • If there are remaining transactions at the end of the period, you will not lose them. They will be reissued when you renew the license with at least a minimum order.
  • If you run out before the period, then you can top up with a new license.
  • If you eventually do a lot of transactions, then you can consider the unlimited annual transaction license.
  • Note: your warranty extends automatically when you renew the license.
Q: Where do I get the forms for my Supply Group Code?

A: For all general STS related questions and STS documentation, visit the STS website, www.sts.org.za the license.

Q: Is a Hardware Security Module Necessary?

A: Absolutely “Yes”.

  • These may either be purchased, leased or run as a Hosted Service.
  • Hosting of HSM’s with STS vending software support occurs at Prism’s secure Data Centre.
  • Enquire info@prism.co.za with the subject Hosted Vending System.
Q: Why are there licenses for the STS6 firmware?

Q: Why are there licenses for the STS6 firmware?

A: You expect your meters and investment in STS technology to provide returns for many years, and we plan to be operational for many years to support the technology and continue improving security as the industry requires.

  • The licensing model provides an extended warranty of your security modules and ensures that the industry is self-sustained.
  • STS is the only open standard prepaid technology where the core architecture is designed around a secure Key Management Centre and security modules in the vending systems and manufacturing facilities.
  • Security should not be tacked on as an afterthought. The progressive advancement of security modules and STS security requires constant development to maintain the desired and ever-increasing security levels in the industry.
Q: Can I Upgrade my existing Prism Security Modules, and how do I go about it?

A: “Yes” – please refer to the procedure to upgrade STS legacy (Edition 1) security modules to STS6 below. We review Prism hardware that is upgradeable, tips to make Licensing Administration simpler and the hardware that cannot be upgraded.

Firstly, Prism Hardware that is Upgradeable:

1. TSM250 USB (serial numbers 94xxxxxx, firmware STS05Vxx)

  • Return the device to the Prism Westville office in South Africa for a firmware upgrade to STS65V10 and personalisation (keyloading).
  • Once upgraded the label on the device changes,  and a new one is fitted reflecting the firmware version STS65V10.
  • The old key file is NOT reusable, and a new key file must come from KMC.
  • The factory Lead time for this upgrade is two business days (One day in the factory and one day which requires KMC response).
  • The cost for this upgrade is keyloading cost plus annual licensing cost. Prices available on request.

2. TSM500 NSS (FIPS certified, and less than five years old) – Return these devices to the Prism Westville office in South Africa for:

  • Hardware upgrade (replace with new and latest components, e.g. motherboard, secure module, temperature shutdown board, for example)
  • Firmware upgrade (to latest STS64V10).
  • Personalisation (keyloading) – this applies to all FIPS certified HSM’s that are marked/ labelled TSM500 on the front panel.
    • The firmware version confirms the HSM upgrade. Preceding the Edition 2 firmware is “STS6”, e.g. STS64V10.
    • Inspecting the firmware version from TSMweb, or you can contact us (shawno@net1.com or info@prism.co.za) with the HSM serial number, e.g. 89xxxxxx.
    • The factory lead time for this upgrade is typically 4/5 business days depending on the availability of parts.
    • The cost for this upgrade is calculated per HSM, hardware cost, keyloading cost plus annual licensing cost. Prices available on request.

3.TSM500i NSS (PCI-HSM certification)

  1. Return these devices to the Prism Westville office in South Africa for a firmware upgrade to STS64V10 and personalisation (keyloading). Applicable to all PCI certified HSM’s that are marked/labelled TSM500i on the front panel. The ‘i’ indicates the newer series.
  2. The firmware version confirms the HSM upgrade. Preceding the Edition 2 firmware is “STS6”, e.g. STS64V10.
  3. The TSM500i’s are field upgradeable after this first phase; therefore it is not practical to have physical labels. Inspecting the firmware version from TSMweb, or you can contact us (info@prism.co.za) with the HSM serial number, e.g. 89xxxxxx.
  4. Our factory lead time for upgrading is two business days, (one day in our lab and another day for KMC response).
  5. The cost for this upgrade is keyloading plus the annual licensing cost.

Secondly, tips to make licensing Administration simpler:

  • Prism can pro-rata annually based licenses so that they renew in the same month each year.
  • For transaction-based licenses, the API has a call for monitoring the usage. Prism vending software uses a configurable ‘low level’ threshold alarm advising the operator in advance to order a top-up license.
  • The license is a .txt certificate emailed to the client. The file data is copied into a command (identified in the API spec) and loaded into the HSM. Prism vending software provides a window where the operator simply copies and pastes the file content (license string).
  • The following commands manage the licenses: Refer to the API specification STS600-8-6 for details.
    • 3.1 SM?CI-Transaction Counter Increment……………
    • 3.2 SM?CQ-Transaction Counter Query………………..

Thirdly, Prism Hardware that cannot be upgraded:

  • TSM250 USB (with Meter Manufacturing Firmware STS05Mxx)
  • TSM210 USB
  • TSM200 USB
  • TSM410

STS Prepayment Solutions/
Payment (EFT) HSM Solutions

+27 31 267 5500

6 Sookhai Place, Westville,
Kwazulu-Natal,
South Africa

Email

info@prism.co.za

STS Prepayment Solutions/
Payment (EFT) HSM Solutions

+27 31 267 5500

6 Sookai Place, Westville,
Kwazulu Natal,
South Africa

Email

info@prism.co.za