Security through layers in an intelligent electronic device

What is claimed is: 1. An intelligent electronic device (IED) comprising: a housing; at least one sensor, disposed in the housing and coupled to at least one power line of an electrical power distribution system and configured for measuring at least one power parameter of the at least one power line and generating at least one analog signal indicative of the at least one power parameter; at least one analog to digital converter disposed in the housing and coupled to the at least one sensor configured for receiving the at least one analog signal and converting the at least one analog signal to at least one digital signal; and at least one processing device disposed in the housing and configured to execute a plurality of instructions to implement a general purpose operating system for executing at least two applications, wherein a first application operates on a secure layer of the operating system and a second application operates on an insecure layer of the operating system, wherein each of the applications is independent of the other application and the operating system is configured to functionally isolate the first application from the second application while the first and second applications are executing, wherein the applications executing on the secure layer cannot be accessed externally from the IED. 2. The IED of claim 1 , wherein the first application is a security application and the second application is a web server application. 3. The IED of claim 2 , wherein information is transferred between the layers using at least one of network sockets, files, pipes, shared memory, mail slots, and Inter-Process Communications (IPC) methods. 4. The IED of claim 2 , further comprising a plurality of resources stored in a memory, wherein access to the plurality of resources by the second application is controlled by the first application. 5. The IED of claim 2 , wherein the security application controls at least one of user permissions, user states and user actions. 6. The IED of claim 2 , wherein the security application decrypts at least one other software application to enable the at least one other software application to execute. 7. The IED of claim 6 , wherein the security application validates a certificate associated with the at least one other software application before decrypting the at least one other software application. 8. The IED of claim 6 , wherein the security application validates a software signature associated with the at least one other software application before decrypting the at least one other software application. 9. The IED of claim 2 , further comprising a communication device, the communication device enables the web server application to communicate over a network with at least one external client device. 10. The IED of claim 9 , wherein the web server application is configured to receive a request from the at least one external client device, parses parameters of the request and passes the parameters to the security application to perform an action relating to the request. 11. The IED of claim 10 , further comprising a security state component that stores a list of allowed users, wherein the security application determines if the request is from an allowed user. 12. The IED of claim 10 , wherein the communication device operates under at least one of Ethernet, Distributed Network Protocol (DNP), ModBus and/or IEC61850 protocols. 13. The IED of claim 9 , wherein the communication device is configured as a network communication card disposed in the housing. 14. The IED of claim 13 , wherein the communication device further includes at least one second processing device. 15. The IED of claim 14 , wherein the web server application operates on the at least one second processing device of the communication device. 16. The IED of claim 15 , wherein the security application operates on the at least one second processing device of the communication device. 17. The IED of claim 16 , further comprising a plurality of secure resources stored in a memory disposed in the housing, wherein access to the plurality of secure resources by the second application is controlled by the first application. 18. The IED of claim 17 , wherein the memory is removable. 19. The IED of claim 17 , wherein the IED is one of a Programmable Logic Controller (PLC), a Remote Terminal Unit (RTU), an electric power meter, a revenue meter, a protective relay, a fault recorder, a phase measurement unit, a serial switch and a smart input/output device. 20. The IED of claim 16 , wherein the communication device operates under at least one of Ethernet, Distributed Network Protocol (DNP), ModBus and/or IEC61850 protocols. 21. The IED of claim 2 , further comprising a conversion layer configured to transform data stored on the secure layer into a format usable by the second application of the insecure layer. 22. The IED of claim 2 , wherein the web server application employs multi-factor authentication (MFA) to prevent unauthorized access by at least one external client device. 23. The IED of claim 2 , wherein the web server application is configured to receive a security token to enable access by at least one external client device. 24. The IED of claim 23 , wherein the security token includes a software application that enables authentication and password filling. 25. The IED of claim 1 , wherein the secure layer operates on at least one second processor. 26. The IED of claim 1 , wherein communications between the secure layer and the insecure layer are encrypted. 27. The IED of claim 26 , wherein the communications between the secure layer and the insecure layer are encrypted using a password and/or a unique security key of the IED. 28. The IED of claim 1 , further comprising a plurality of secure resources stored in a memory, wherein access to the plurality of secure resources by the second application is controlled by the first application. 29. The IED of claim 1 , wherein the IED is one of a Programmable Logic Controller (PLC), a Remote Terminal Unit (RTU), an electric power meter, a revenue meter, a protective relay, a fault recorder, a phase measurement unit, a serial switch and a smart input/output device. 30. The IED of claim 1 , wherein the housing is at least one of a socket/S-base housing, a panel meter housing, a switchboard/draw-out housing and/or a A-base housing.