Security testing

At ENCS, we provide lab security testing for smart grid components and on-site security testing for complete systems. These tests are carried out on project basis. We define the objective and scope together with you, after which we propose a test approach. With your approval, we then get to work.

Lab testing

At ENCS, we have our own state-of-the-art test lab to evaluate the security of smart grid components. Smart meters, data concentrators, gateways, remote terminal units (RTUs) or electric vehicle charging stations, our security testing will identify all possible flaws and security risks of a device. We test components against security requirements, as this approach provides better assurance that all parts of a component are tested than penetration testing alone. Nevertheless, penetration testing can be included in the test plan based on the risks that need to be mitigated. For the requirement-based tests, we typically test against the requirements used during procurement. This is beneficial to you, as vendors are usually required to fix any deviations from the requirements. Our testers have developed test cases for all ENCS requirements sets, the Oesterreichs Energie requirements catalog (End-to-End security for smart metering), and the Dutch Smart Meter Requirements (DSMR 2.2, DSMR 4, SMR 5, and ESMR 5). For other requirements sets, we develop test cases within the test project.

On-site testing

We provide on-site security testing to verify the security of complete systems. Our testers start by analysing the risks to the system and the architecture the grid operators have chosen to mitigate them. To do so, our people build on the risk assessments and security architectures developed in the ENCS architecture program.

After this initial analysis, we select the best test activities to efficiently probe the strength of the measures against your biggest risks. Our testers have experience with many techniques, including penetration testing, code reviews, vulnerability scanning, technical audits, web application testing, and purple teaming. Of course, our experience with similar systems at other members’ sites comes in handy too during security testing.

Benefits of ENCS

Requirement-based testing

Experts in smart grids

In-depth system knowledge thanks to consultancy

Discover our resources

During our ENCS security programs, we create a variety of documents to help you improve your cyber security, including:

  1. Security requirements
  2. Position papers
  3. Best practices

Are you ready to step up your game? Immerse yourself in our resources.