Security requirements for procuring smart meters (draft, version 2.5)

This document specifies security requirements that grid operators can use when procuring new smart meters. The requirements can be used directly in tender documents. They cover the technical security features that the smart meter should have, and the measures vendors should take to ensure the correct implementation of these features.

The document is an update of the Security requirements for procuring smart meters and data concentrators. The smart meter requirements have been put in a separate document. This is a draft version 2.5 published to collect feedback from grid operators and vendors.


Security requirements for procuring data concentrators (draft, version 2.5)

This document specifies security requirements that grid operators can use when procuring new data concentrators for smart metering. The requirements can be used directly in tender documents. They cover the technical security features that the data concentrator should have, and the measures vendors should take to ensure the correct implementation of these features.

The document is an update of the Security requirements for procuring smart meters and data concentrators. The data concentrator requirements have been put in a separate document. This is a draft version 2.5 published to collect feedback from grid operators and vendors.


Security architecture for smart metering (draft, version 0.2)

This document describes a security architecture for smart metering systems specifying the technical security measures grid operators can implement. The architecture can act as a blueprint for system integrators and the departments maintaining the system. The architecture is intended to be used together with an information security management system (ISMS) based on ISO 27001:2013 or similar.


Security requirements for procuring EV charging stations (draft version 1.9.3)

This document specifies security requirements that charge point operators can use when procuring charging stations. The requirements can be used directly in tender documents. They cover the technical security features that the charging station should have, and the measures vendors should take to ensure the correct implementation of these features.

The document is an update of the EV Charging Systems Security Requirements from 2016. This is a draft version published to collect feedback from grid operators and vendors.

ENCS is creating this document in collaboration with ElaadNL.


Security architecture for EV charging infrastructure (draft version 0.2)

This document describes a security architecture for electric vehicle charging infrastructure specifying the technical security measures charge poin operators can implement. The architecture can act as a blueprint for system integrators and the departments maintaining the system. The architecture is intended to be used together with an information security management system (ISMS) based on ISO 27001:2013 or similar.

ENCS is creating this document in collaboration with ElaadNL.


Security requirements for procuring DA RTUs (draft, version 1.4)

This document specifies security requirements that grid operators can use when procuring new distribution automation (DA) remote terminal units (RTUs). The requirements can be used directly in tender documents. They cover the technical security features that the RTU should have, and the measures vendors should take to ensure the correct implementation of these features.

The document is an update of the Distribution Automation RTU Security Requirements from 2016. This is a draft version 1.4 published to collect feedback from grid operators and vendors.


Security architecture for DA systems (draft, version 0.2)

This document describes a security architecture for DA systems specifying the technical security measures grid operators can implement. The architecture can act as a blueprint for system integrators and the departments maintaining the system. The architecture is intended to be used together with an information security management system (ISMS) based on ISO 27001:2013 or similar.


Security roadmap for substation automation

Many grid operators are considering new use cases for substation automation, such as direct IEC 61850 communication between the control center and IEDs, remote configuration of IEDs, and collecting disturbance data directly from IEDs. These use cases do not fit in the security architecture developed in the ENCS member project on substation automation. A key measure in this architecture is that IEDs cannot be accessed directly from central systems. This document describes the new security functions that would be needed in IEDs to allow direct access and keep them secure in future use cases.


Security requirements for procuring HMI software

This document defines procurement requirements for application software for substation HMIs, based on IEC 62443. It selects the requirements based on the security architecture and risk assessment from the ENCS member project. Where needed it further specifies and clarifies these requirements, and provides guidance on how they should be evaluated.


Security requirements for procuring IEDs

This document defines procurement requirements for IEDs based on IEC 62443. It selects the requirements based on the security architecture and risk assessment from the ENCS member project. Where needed it further specifies and clarifies these requirements, and provides guidance on how they should be evaluated.