# Security and Zero Trust Security is not a feature bolted on — it's the precondition for being allowed into an LNG plant at all. ## Posture - **Zero Trust** architecture spanning **Purdue Levels L0–L4**. - **Outbound-only** edge connectivity (HTTPS 443); **no inbound ports** into the OT network. - **Read-only** ingestion — no write path to controls, ever. - **Human-in-the-loop**: no autonomous actuation. ## Controls - **OAuth2 + JWT** authentication. - **RBAC**: Operator / Engineer / Manager roles. - **API keys** for data ingestion. - **TLS 1.2+**, **WSS** for live streams, encryption at rest, isolated subnets. ## Roadmap - **mTLS**, automatic key rotation. - **SOC 2 Type I** and **ISO 27001** readiness → certification. ## Why it matters The security model and the [[Renacore/Architecture and Infrastructure]] are the same argument viewed from two sides: outbound-only + read-only is simultaneously the fastest install and the easiest security sign-off. It's how a March-2025 startup gets a foot inside a tier-1 operator. Connects to the broader [[Security MoC]] and the OT-safety framing in [[Fire and Gas Detection MOC]]. ## Related - [[Renacore MOC]] - [[Renacore/Architecture and Infrastructure]] - [[Renacore/Physics-First Quality and Governance]] - [[Security MoC]]