Requirements Catalog: End-to-End Security for Smart Metering

This catalog describes the minimum requirements for end-to-end secured Smart Metering in Austria. These requirements apply to manufacturers during tender processes for the Smart Meter, (Hybrid) Gateway, Central System, and their communication links. The application of end-to-end security is in accordance with the recommended measures of the risk analysis presented by E-Control Austria (ECA) on 27 February 2014 [1] for the information systems of the electricity industry. 

The term Smart Metering is not to be confused with the term Smart Grid; the security of control and telecommunication systems for electrical transmission and distribution, for example, is not part of this list of requirements. The underlying end-to-end security architecture for Smart Metering is described in Chapter B. 

The measures in this catalog are based on the current state of the art in ICT security, i.e., security of the information and communication technology. The objectives of ICT security are to ensure the authenticity and integrity of information in digital data traffic1, as well as to keep confidential data secret. The terms secure, secured, and security should be understood in this catalog within the context of ICT security. Other interpretations, such as security and safety in terms of operational safety or accident prevention, are explicitly marked. 

This document describes the requirements of the grid operators for manufacturers and suppliers in the tender process for equipment and systems that are used in Smart Metering with end-to-end security.