Factory provisioning is the process of configuring and registering an EV charger (or other connected device) during manufacturing so it is ready for secure deployment and backend onboarding when it arrives on site. It typically includes loading firmware, setting unique device identities, installing certificates, applying baseline configuration, and recording traceability data.
What Is Factory Provisioning?
Factory provisioning prepares devices before shipment so commissioning is faster and more consistent.
– Install the correct firmware and configuration profile
– Assign unique identifiers (serial number, device ID, connector IDs)
– Provision security credentials (certificates, keys, passwords)
– Configure connectivity defaults (SIM/eSIM/APN, Ethernet settings where applicable)
– Register the device in a backend system (CPMS) or a staging environment
– Capture manufacturing traceability (hardware revision, BOM, calibration records)
In EV charging, good provisioning reduces site work from “build and debug” to “connect and validate.”
Why Factory Provisioning Matters for EV Charging
– Speeds up deployment and reduces on-site commissioning time
– Improves consistency across large rollouts (same baseline, fewer installer variations)
– Strengthens cybersecurity by controlling credential generation and key handling
– Reduces configuration-related faults that cause downtime and support tickets
– Supports auditability: clear mapping between physical units and backend records
– Enables “zero-touch” or low-touch onboarding for installers and operators
Typical Elements of Factory Provisioning
Firmware and Software Baseline
– Load approved firmware version and validate integrity (signed firmware where used)
– Apply feature flags and configuration templates per product variant
– Set default operating limits (max current, phases, thermal limits)
– Configure logs, diagnostics settings, and time synchronization behavior
Device Identity and Certificates
– Create and assign a unique device identity used by the CPMS
– Install device certificates for secure communication (TLS, potentially mutual TLS)
– Provision keys securely and lock down access to prevent extraction
– Configure certificate renewal or enrollment pathways (project-dependent)
Communication and Network Defaults
– Configure Ethernet behavior and fallback rules where applicable
– Provision cellular parameters (SIM ICCID mapping, APN settings, roaming restrictions)
– Set DNS, NTP, and backend endpoints for staging or production
– Validate connectivity in a controlled factory network environment
CPMS Registration and Metadata
– Pre-register charger data in the CPMS: model, serial, connector count, firmware version
– Assign site groups, tariffs placeholders, or operator accounts (if applicable)
– Configure OCPP credentials and endpoint settings (staging vs production URLs)
– Align connector IDs with labeling and commissioning documentation
Quality and Traceability Records
– Link provisioning to manufacturing records (hardware revision, test results, FAT outcomes)
– Store configuration snapshots for later support and warranty investigations
– Record meter IDs, calibration seals, and metrology documents where required
– Generate a “device passport” record for internal systems
Factory Provisioning vs Field Provisioning
– Factory provisioning: creates a secure, standardized baseline before shipment
– Field provisioning: final site-specific configuration (site name, tariffs, load limits, network/firewall constraints)
A strong approach uses factory provisioning for the baseline and field provisioning only for parameters that must be set locally.
Best Practices
– Use automated provisioning pipelines with version control and approvals
– Separate staging vs production credentials to reduce risk during testing
– Enforce secure key handling and access control (least privilege, audit logs)
– Standardize naming conventions for charger IDs and connector IDs
– Validate provisioning with a defined test: “powers up + connects + reports status + accepts remote commands”
– Maintain rollback and recovery processes if provisioning fails (re-image, safe mode)
Common Mistakes to Avoid
– Shared credentials across devices (security risk and hard to manage)
– Inconsistent connector IDs between device labels and CPMS configuration
– Shipping devices with outdated firmware or mixed configuration versions
– Not recording provisioning metadata, making future support and audits difficult
– Hardcoding backend endpoints without environment control (staging vs production)
– Provisioning without verifying connectivity and OCPP handshake behavior
Limitations to Consider
– Some parameters cannot be finalized until site installation (power limits, load management CT mapping, local network)
– Certificate lifecycle management adds operational complexity and needs clear ownership
– Over-provisioning can reduce flexibility if operators require different CPMS or roaming setups
– Factory networks differ from real sites; final validation still requires commissioning tests
Related Glossary Terms
Device Provisioning
Device Certificate Enrollment
Certificate Management
Encrypted Firmware
Secure Update Pipeline
OCPP
Electrical Commissioning
Factory Acceptance Test (FAT)