What Device Provisioning Is
Device provisioning is the process of preparing a device (such as an EV charger) to operate in a real deployment by assigning it the correct identity, configuration, network settings, and backend access. Provisioning turns a “factory device” into a site-ready, managed asset that can securely connect to a CPMS and follow the operator’s policies.
Why Device Provisioning Matters
Provisioning is what makes fleet-scale deployments reliable and secure. It ensures:
– Only authorized chargers can connect (device authentication)
– Chargers appear correctly in the CPMS (site, tariff, connectors, location)
– Networking works from day one (SIM/APN, firewall rules, DNS, VPN, etc.)
– Charging policies are applied consistently (access control, limits, schedules)
– Support teams can monitor, update, and troubleshoot devices remotely
– Rollouts scale without manual misconfiguration
What Provisioning Typically Includes
Provisioning usually covers four main areas:
Identity and Security Setup
– Register device ID/serial number in the backend
– Assign unique credentials or perform device certificate enrollment
– Configure trusted CA chain and TLS settings (often mTLS)
– Define which backend endpoint(s) the device is allowed to reach
Network and Connectivity Setup
– Configure Ethernet/Wi-Fi/Cellular parameters
– SIM provisioning: ICCID mapping, APN settings, data plan validation
– Connectivity testing: signal strength, latency, firewall ports, DNS resolution
– Optional: VPN or private APN for enterprise deployments
Charger Configuration
– OCPP version and feature set configuration
– Connector setup: sockets, cable type, max current/power limits
– Meter and tariff settings (where allowed by regulation)
– Load management group parameters (site power cap, priorities)
– Time sync settings (NTP) and logging levels
Backend Mapping and Operations
– Assign charger to the right site, operator, and pricing policy
– Set access rules: RFID whitelist, app users, public/free modes
– Enable monitoring, alerts, and firmware update channel
– Attach asset metadata: installation address, installer, warranty start date
Provisioning Approaches
Different organizations provision devices differently depending on scale and security requirements:
– Factory provisioning: credentials and base config injected during production
– Installer-led provisioning: a commissioning app or portal is used on-site
– Zero-touch provisioning: device auto-enrolls when first powered on, using strong identity controls
– Bulk provisioning: import devices into CPMS via CSV/API before deployment
Best Practices
– Use unique identity per device (certificates or unique credentials)
– Automate provisioning steps via APIs to reduce human error
– Separate environments: test vs production endpoints
– Enforce a standard commissioning checklist (connectivity, OCPP, metering, RCD tests)
– Keep an auditable log of who provisioned what, where, and when
– Plan for the full lifecycle: moves, ownership changes, decommissioning
Common Pitfalls
– “One config fits all” deployments that ignore site electrical constraints
– Provisioning done manually without validation → chargers go live misconfigured
– No certificate renewal process → chargers drop off network after expiry
– Poor connectivity planning (especially in underground garages)
– Missing asset metadata → O&M becomes slow and expensive later
Related Terms for Internal Linking
– Device authentication
– Device certificate enrollment
– Charge Point Management System (CPMS)
– Encrypted communications
– Mutual TLS (mTLS)
– Secure update pipeline
– OTA firmware updates
– Load management