WSS security protocol for OCPP 1.6
OCPP 1.6 introduced WebSocket Secure (WSS) as a key security feature for communication between charging stations and central management systems. Here are the main aspects of the WSS security protocol in OCPP 1.6:

▶ Transport Layer Security (TLS)
OCPP 1.6 uses TLS to encrypt communications, preventing eavesdropping and data tampering during transmission. Implementation requires:
- Configuring WebSocket over TLS (WSS) connections
- Using TLS 1.2 or higher with industry-standard encryption algorithms
- Installing server certificates on the gateway to verify identity and establish secure connections
▶ Authentication Mechanisms
OCPP 1.6 defines three security profiles with different levels of authentication:
- Security Profile 1: Password-only client authentication
- Security Profile 2: Server certificate verification for CSMS identity + password for client authentication
- Security Profile 3: Mutual authentication with client certificates
▶ Secure Firmware Updates
The protocol supports encrypted remote firmware updates:
- Firmware update requests are transmitted via TLS
- Integrity and signature verification ensure the firmware’s authenticity
▶ Security Event Logging
OCPP 1.6 supports logging security-related events, such as:
- Authentication failures
- TLS connection establishment or disconnection
▶ Local Authorization List
To enhance system reliability, OCPP 1.6 allows charging stations to use a Local Authorization List for offline authentication.
▶ WebSocket Ping/Pong
OCPP 1.6 utilizes WebSocket Ping and Pong frames to check if remote endpoints are still responsive, similar to heartbeat messages. This feature can be configured using the WebSocketPingInterval key:
- 0: Disables client WebSocket Ping/Pong (client can still reply to Pong)
- 0: Specifies the interval in seconds for client pings
By implementing these security features, OCPP 1.6 provides robust protection for charging infrastructure while meeting industry requirements for communication security. Shenzhen Wisewish Technology’s OCPP protocol 4G gateway supports the WSS security protocol, ensuring the safety of charging stations!