. .

Analysis and Assessment for the Development and Operation of a Sub PKI for Smart Metering

Due to the guidelines laid out in the German Energy Act, the Federal Office for Information Security (BSI) has defined the requirements on functionality, interoperability, security and inspection of intelligent measurement systems in its technical guideline TR 03109. According to this, local energy suppliers must operate a communication infrastructure secured through encryption, requiring all participants (smart meters, smart meter gateways, gateway administration and external market players) to identify each other by verifying the certified keys before secure communication can take place. This is the so-called public key infrastructure (PKI).

Public Key Infrastructure for Energy Suppliers: We Can Find the Right Solution!

The development and operation of a PKI is subject to very strict regulations which are certified and must be recertified by authorized companies on a regular basis. These regulations apply to both constructional requirements and requirements concerning communication technology, as well as to the processes that are to be established. PKI service providers have the necessary knowledge in this area, which may need to be acquired when companies establish and operate their own infrastructure.

The costs for hardware, software, licenses, infrastructure and implementation quickly reach about  one million euros for an implementation time of approximately 12 months. If the implementation is outsourced as a service, the client uses the certified infrastructure of the service provider, who invoices the setup costs once and bills for each certificate. Depending on the number of certificates, outsourcing can be more cost effective.

achelos carries out an accurate analysis and consults energy suppliers in their decision between establishing and operating their own Sub PKI for smart metering and outsourcing.