Plan to test a smart meter against the ENCS security requirements.
ENCS has developed a set of security requirement for smart meters and data concentrators. The requirements are based on a risk assessment and a security architecture for the smart metering infrastructure. The security requirements can be used directly in the procurement process.
This document provides a standardized test plan to evaluate the smart meters against the security requirements. By standardizing the test plan, the test results can be shared between grid operators. The vendor of the smart meter can order a security test according to the test plan. If the smart meter passes the tests, the vendor can use the test report to show compliance in all tenders that use the security requirements. This reduces the cost of testing and can give grid operators assurance in advance that there are smart meters meeting the requirements.
For a smart meter that uses the DLMS communication protocol, most security measures will be implemented through this protocol. They can therefore be effectively tested by an independent test lab with the tools needed to test DLMS. The lab should perform the following five test steps:
- A review of security of the vendor development processes;
- A technical review of the security design and implementation;
- Functional tests of the security requirements implemented through DLMS;
- Robustness testing of the network stacks;
- A test of the physical tamper detection measures.