EV-101-2019: Security risk assessment for EV charging infrastructure

Assessment of the security risks for a typical EV charging infrastructure.

As part of the energy transition, there has been a large growth of electric vehicles on the streets. By June 2018, already one million electric cars were registered in Europe and almost a quarter of cars is expected to be electric in 2030.

The electric vehicle (EV) charging infrastructure is being expanded to keep up with this growth. Millions of charging stations will be placed throughout Europe. Many will be remotely controlled by Charge Point Operators (CPO).

These charging stations need to be protected against cyber-attacks. The electrical load that is controlled remotely by the CPOs, will soon be large enough to affect the stability of the European grid. If the power on a high number of charging stations would be switched off at the same time, this could lead to significant power outages.

ENCS has developed a security architecture for the EV charging infrastructure. The goal of this risk assessment is to show how the measures in this architecture sufficiently mitigate the security risks.


EV-401-2019: Security test plan for EV charging stations

Plan to test an EV charging station against the ElaadNL and ENCS security requirements.

ElaadNL and ENCS have developed a set of security requirements for procuring electric vehicle (EV) charging stations . The requirements are based on a risk assessment and a security architecture for the whole EV charging infrastructure. The security requirements can be used directly in the procurement process.

This document provides a standardized test plan to evaluate the charging stations against the security requirements. By standardizing the test plan, the test results can be shared between charge point operators. The vendor of the charging station can order a security test according to the test plan. If the charging station passes the tests, the vendor can use the test report to show compliance in all tenders that use the security requirements. This reduces the cost of testing and can give charge point operators assurance in advance that there are charging stations meeting the requirements.

The test plan consists of three phases:

  1. Functional tests and a vulnerability assessment by the vendor, usually performed during development;
  2. A review of development processes and security design and OCPP security conformance testing by an external lab;
  3. A penetration test by an external lab.

EV-390-2019: Market survey for electric vehicle charging

Results of a market survey on the security of electric vehicle charging stations held in November 2019.

ENCS has produced a set of security requirements that charge point operators can use for procuring secure charging stations. To verify that these requirements are feasible in the current market, ENCS has conducted a survey among charging stations vendors, asking if they can implement the most advanced requirements.


SM-402-2020: Security test plan for data concentrators (draft)

Plan to test a data concentrator against the ENCS security requirements.

ENCS has developed a set of security requirements for procuring smart meters and data concentrators. The requirements are based on a risk assessment and a security architecture for the whole smart metering system. The security requirements can be used directly in the procurement process.

This document provides a standardized test plan to evaluate the data concentrator against the security requirements. By standardizing the test plan, the test results can be shared between grid operators. The vendor of the data concentrator can order a security test according to the test plan. If the grid operator passes the tests, the vendor can use the test report to show compliance in all tenders that use the security requirements. This reduces the cost of testing and can give grid operators assurance in advance that there are data concentrator meeting the requirements.

The test plan consists of three phases:

  1. Functional tests and a vulnerability assessment by the vendor, usually performed during development;
  2. A review of development processes and security design and OCPP security conformance testing by an external lab;
  3. A penetration test by an external lab.

Draft version 0.3 for review.


SM-401-2020: Security test plan for smart meters (draft)

Plan to test a smart meter against the ENCS security requirements.

ENCS has developed a set of security requirement for smart meters and data concentrators. The requirements are based on a risk assessment and a security architecture for the smart metering infrastructure. The security requirements can be used directly in the procurement process.

This document provides a standardized test plan to evaluate the smart meters against the security requirements. By standardizing the test plan, the test results can be shared between grid operators. The vendor of the smart meter can order a security test according to the test plan. If the smart meter passes the tests, the vendor can use the test report to show compliance in all tenders that use the security requirements. This reduces the cost of testing and can give grid operators assurance in advance that there are smart meters meeting the requirements.

For a smart meter that uses the DLMS communication protocol, most security measures will be implemented through this protocol. They can therefore be effectively tested by an independent test lab with the tools needed to test DLMS. The lab should perform the following five test steps:

  • A review of security of the vendor development processes;
  • A technical review of the security design and implementation;
  • Functional tests of the security requirements implemented through DLMS;
  • Robustness testing of the network stacks;
  • A test of the physical tamper detection measures.

Draft version 0.3 for review.


DA-401-2019: Security test plan for distribution automation RTUs

Plan to test an distribution automation RTU against the ENCS security requirements.

ENCS has developed a set of security requirement for procuring distribution automation (DA) remote terminal units (RTUs). When the requirements are used, the need arises to evaluate the RTU against the requirements. This document provides a standardized test plan to do this.

By standardizing the test plan, the test results can be more easily shared between grid operators. The vendor of the RTU can perform security tests according to the test plan and then use the test report to show compliance in all tenders that use the security requirements. This reduces the cost of testing and can give grid operators assurance in advance that there are RTUs meeting the requirements.

The test plan consists of three phases:

  1. Functional tests and a vulnerability assessment by the vendor, usually performed during development;
  2. A review of development processes and security design by the grid operator, usually performed during selection;
  3. A penetration test by an external lab, usually performed after the RTU has been selected.

DA-101-2019: Security risk assessment for distribution automation systems

ENCS has developed a security architecture for distribution automation systems. This risk assessment verifies that the measures proposed in the security architecture are enough to mitigate security risks. The risk assessment can also be used to select alternative measures if grid operators cannot implement some of the measures in the security architecture.


DA-390-2019: Market survey on distribution automation RTU security

Results of a market survey on the security of distribution automation (DA) remote terminal units (RTUs) held in November 2019.

ENCS has produced a set of security requirements that grid operators can use for this purpose. To verify that these requirements are feasible in the current market, ENCS has conducted a survey among RTU vendors, asking if they can implement the most advanced requirements. It also asks vendors about their future roadmap and plans to adjust future requirements.


SM-301-2020: Security requirements for procuring smart meters (draft)

This document provides functional and quality requirements for the security of smart meters, including requirements for secure development processes at the vendor. The requirements cover secure communication between the smart meters and the data concentrators and central system. They do not cover the security of the central systems themselves.

The requirements are meant for procuring new smart meters. Data concentrators are addressed separately. The requirements are not meant for legacy systems, although a selection of them can be used to improve the latter.

This document aims to help grid operators to set procurement requirements. It includes requirements that ENCS has developed for members in Austria, Czech Republic, the Netherlands and Portugal, which have been used in different tenders. They are set up to allow independent testing, and more than 30 smart meters have already been successfully tested against them. By using these requirements in their tender process, grid operators can benefit from their already high maturity level.

The measures are aligned with ISO 27001:2013. They are designed to fit as much as possible into the processes and procedures already in place in the organizations, and to find the needed balance between the assured security level, feasibility by vendors and the operational impact.

Draft version 2.6 for review.


SM-302-2020: Security requirements for procuring data concentrators (draft)

This document provides functional and quality requirements for the security of data concentrators, including requirements for secure development processes at the vendor. The requirements cover secure communication between the smart meters and the data concentrators and central system. They do not cover the security of the central systems themselves.

The requirements are meant for procuring new data concentrators. Smart meters are addressed separately. The requirements are not meant for legacy systems, although a selection of them can be used to improve the latter.

This document aims to help grid operators to set procurement requirements. It includes requirements that ENCS has developed for members in Austria, Czech Republic, the Netherlands and Portugal, which have been used in different tenders. They are set up to allow independent testing, and more than 15 data concentrators have already been successfully tested against them. By using these requirements in their tender process, grid operators can benefit from their already high maturity level.

The measures are aligned with ISO 27001:2013. They are designed to fit as much as possible into the processes and procedures already in place in the organizations, and to find the needed balance between the assured security level, feasibility by vendors and the operational impact.

Draft version 2.6 for review.