Security requirements for procuring smart meters (draft, version 2.5)

This document specifies security requirements that grid operators can use when procuring new smart meters. The requirements can be used directly in tender documents. They cover the technical security features that the smart meter should have, and the measures vendors should take to ensure the correct implementation of these features.

The document is an update of the Security requirements for procuring smart meters and data concentrators. The smart meter requirements have been put in a separate document. This is a draft version 2.5 published to collect feedback from grid operators and vendors.


Security requirements for procuring data concentrators (draft, version 2.5)

This document specifies security requirements that grid operators can use when procuring new data concentrators for smart metering. The requirements can be used directly in tender documents. They cover the technical security features that the data concentrator should have, and the measures vendors should take to ensure the correct implementation of these features.

The document is an update of the Security requirements for procuring smart meters and data concentrators. The data concentrator requirements have been put in a separate document. This is a draft version 2.5 published to collect feedback from grid operators and vendors.


Security architecture for smart metering (draft, version 0.2)

This document describes a security architecture for smart metering systems specifying the technical security measures grid operators can implement. The architecture can act as a blueprint for system integrators and the departments maintaining the system. The architecture is intended to be used together with an information security management system (ISMS) based on ISO 27001:2013 or similar.


Best Available Techniques Reference Document

Collection of best available techniques


Prime-Alliance security whitepaper

Overview of common security risks to smart metering, and security features in the PRIME protocol and beyond


Security requirements for procuring smart meters and data concentrators

This document contains security requirements for procuring Smart Meters and Data Concentrators. They are intended as a common baseline that in line with more strict requirements or more detailed specifications used in different European countries.
The requirements are formulated in a technology-independent manner. They describe the security measures that need to be taken functionally, and do not make assumptions on communication protocols or technologies. The requirements cover both technical security measures, and process measures that Vendors should take to ensure secure development, production, and delivery of the devices.
The requirements have been written with an eye towards testing. For each requirement, recommendations are given for evaluating if it has been fulfilled. These recommendations are based on experience with testing many meters from different countries.