Enhancing DESS Cybersecurity: A Safer Alternative to Full VRM Remote Access

Q&A and troubleshooting DESS
, ,
1

Good morning,

I’d like to raise a concern regarding the cybersecurity of DESS systems, specifically the risk of potential hacker attacks via the internet. If I’ve misunderstood any existing configuration options, I apologize in advance and would appreciate any clarification or guidance.

To ensure robust cybersecurity, I believe DESS systems should be configured with the following principles:

  • Critical system configurations—such as GX settings, MPII configurations, and firmware updates—should be accessible only from the local network, not via the internet.

  • DESS and VRM should not require full remote access to the local system. They primarily exchange non-critical data, such as the target State of Charge (SOC) from the cloud and telemetry information from the GX.

Currently, the GX-Settings-VRM offers three options:

  • Off

  • Read-only

  • Full (required for DESS functionality)

However, the “Full” option enables remote modification of system settings, which poses a significant security risk if the VRM cloud were ever compromised.

Proposal: Add a Fourth Option – “DESS”

I propose introducing a fourth configuration option called “DESS”, which would:

  • Allow only the necessary data exchange between the cloud and the GX for DESS and Telemetry operation.

  • Prevent any remote modification of system settings from outside the local network.

For users who explicitly want full remote configuration capabilities, the “Full” option would remain available. However, for users like myself who prioritize security this new “DESS” option would offer a safer alternative.

Why This Matters

If a hacker gains access to Victrons VRM cloud, systems configured with “Full” access could be remotely altered in ways that may compromise safety or performance. Given that ESS systems are part of our critical home infrastructure, it’s essential to minimize exposure of sensitive settings to the internet.

Would it be possible to consider adding this fourth option to the configuration settings?

image
image1462×378 19.5 KB

4 Likes
2

Fully agree. Just image the scenario of a hackergroup setting “all” setups to immediately go to max SOC in the current world order. Just watch “Die Hard 4”.

1 Like
3

Exactly my thoughts. Or read BlackOut. The core of this story is a software design-bug which existed in real life. Unfortunately, my company contributed to it partly in a negative way. But we learned from it. Least privilege is now always the basic design principle. And VRM needing full access is far from least privilege.

4

How would DESS be different from Read Only?

5

From my understanding, the only “sending” part from the cloud to the GX is the DESS target SOC.

But this could also be a “read” from GX side towards the cloud service and not an active “write” from the cloud service to the GX.

6

I agree. So to keep things simple, I would suggest to keep the current options but not require full access to use DESS. So a DESS user can select any of the three options.

If there is a technical limitation with DESS, I would suggest to introduce a generic category of “necessary Internet connections only” which would cover DESS and any function that requires an internet connection.

Separately, I would suggest a pop-up warning each time a user goes to a more open setting.