Introduction to the SEC Seminar - 16th October 2017
Business Architecture Document and Model Published
Technical Architecture and Business Architecture Sub Committee (TABASC) member nominations open
Introduction to the SEC Seminar - 16th October 2017
On Monday 16th October 2017, SECAS will be running an Introduction to the Smart Energy Code Seminar, aimed at newly acceded SEC Parties and people new to smart metering in GB.
Attendees will gain an introductory understanding of the following topics:
- The Smart Metering Implementation Programme (SMIP);
- The DCC;
- SEC Governance and Sub-Committees;
- The DCC User Entry Process (UEP);and
- The Modification Process.
A representative from BEIS will be present and attendees will have opportunities to ask questions and engage with them, along with the SECAS team.
Space is limited, so booking is essential, with two places available per SEC Party. Preference will be given to those who have not previously attended a seminar.
If you wish to attend please RSVP to email@example.com as soon as possible.
Business Architecture Document and Business Architecture Model published
In order to fulfil the Technical Architecture and Business Architecture Sub-Committee (TABASC) obligations as set out under SEC Section F1.4, the Business Architecture Document (BAD) has been developed which describes the Business Architecture for GB smart metering.
The Business Architecture is designed to enable Parties to use the Services and/or to enable Parties, Energy Consumers and those acting on behalf of Energy Consumers to access the functionality described in the Technical Specifications.
Following the SEC Panel’s approval, the BAD is now available on the SEC Website. The BAD is accompanied by the Business Architecture Model (BAM), which will shortly be available on the same page.
Technical Architecture and Business Architecture Sub Committee (TABASC) Nominations Open
The 29th November 2017 signals the end of the term for a number of members of the TABASC.
As a result, SECAS have issued a call for TABASC nominations for:
- four Large Supplier seats (three are up for re-nomination and a fourth seat is up for nomination due to a recent resignation);
- one Small Supplier seat;
- one Electricity Networks seat; and
- one Other SEC Party seat.
If you would like to nominate an individual please read the Invitation for TABASC Nominations and complete and return the form to firstname.lastname@example.org by Monday, 9th October 2017.
The SEC Panel held its latest meeting on 15th September 2017. The key topics and decisions discussed can be found in the Meeting Headlines here. The final minutes can be found here.This meeting marked the final meeting for several Panel Members whose terms have come to and end. The Panel Chair expressed thanks and gratitude to the outgoing Panel Members, recognising their contribution and commitment to the Panel. The newly elected members took office on 23rd September 2017, and will attend their first meeting in October 2017.
During the meeting, key items discussed include:
- The Panel were presented with a confidential proposal for the scope of the DCC’s first annual Service Organisational Control (SOC) 2 assessment. This assessment is required to be complete by November 2017. The Panel were also provided with a recommendation from the Security Sub-Committee to inform their decision. The Panel approved the SOC2 Assessment Scope in accordance with SEC Section G.
- The Panel approved the DCC’s proposal for the maintenance window for uplifting the Release 1.4 (R1.4) functionality into testing environments. The DCC proposed that Maintenance will take place from 20:00 on 7th October 2017 to 16:00 on 8th October 2017. The DCC agreed to provide a further proposal at the October 2017 Panel meeting requesting approval of the maintenance required for the uplift into the production environment.
- The Panel were made aware of issues that the DCC have been encountering with Certified Product List (CPL) submissions. Specifically, a number of discrepancies have been identified between CPL submissions and the content listed on their associated assurance certificates. The Panel agreed that by 1st December 2017, all CPL submission content and relevant support certificate evidence must match exactly, as per the requirement of SEC Section F.
The next Panel Meeting will be held on 13th October 2017.
SEC Modification Proposal Update Following September 2017 Panel Meeting
SECAS presented one Initial Modification Report (IMR) to the Panel at their September 2017 meeting:
The Panel agreed for SECMP0042 to proceed into the Refinement Process.
If you would like to be involved in the refinement of SECMP0042, please contact SECAS on 020 7090 7755 or email SEC.Change@gemserv.com
Change Board Vote
At its meeting on 23rd August 2017, the SEC Change Board voted on four Modification Proposals. Members voted on the following three Path 2 Authority Determination modifications and recommended that:
SECAS have issued the Final Modification Reports (FMR) for SECMP0004, SECMP0006 and SECMP0008 to the Authority for determination.
The Change Board also voted on the following Path 3 Self Governance modification and decided to:
Following the Change Board’s unanimous vote to approve, SECMP0036 was implemented on 14th September 2017 (in SEC Version 5.10).
The next Modifications’ Question Hour will be held at 11 am on Monday, 9th October 2017. Further information, including the relevant teleconference details, can be found here.
Smart Metering Key Infrastructure (SMKI) Policy Management Authority (PMA)
The SMKI PMA meeting took place on Tuesday, 19th September 2017 and the following topics were discussed:
- SMKI and Repository Testing (SRT) Approach Document: The DCC updated the SMKI PMA on the changes within the SRT Approach Document required for the Recovery functionality to be implemented in early 2018. the amended version will be submitted to panel for approval in October 2017
- SMKI Recovery Key Guidance Update: At the last SMKI PMA meeting, the Sub-Committee agreed to changes to the SMKI Recovery Key Guidance Document and on 7th August 2017, the document was issued for consultation. The SEC Parties, the DCC, the Authority and Secretary of State had until 1st September 2017 to submit their comments. SECAS collated the feedback received and presented the comments to the SMKI PMA at the September 2017 meeting. The SMKI PMA approved the amended SMKI Recovery Key Guidance.
- Replacement Key Custodians Update: The DCC provided an update on Key Custodians informing the SMKI PMA that two Key Custodians had retired. The SMKI PMA approved two SMKI PMA Members as new Key Custodians.
The next meeting will be held on the 17th October 2017.
Security Sub-Committee (SSC)
As the Small Supplier DCC User mandate of 25th November 2017 approaches, the SSC continue to review Small Supplier Initial Full User Security Assessments. The SSC also considered and agreed the scope of the DCC Security SOC2 Assessment and made a recommendation to the SEC Panel to allow the DCC to fulfil SEC obligation G9.3c.
The SSC continues to review and update documentation such as the Security Controls Framework (SCF) and Agreed Interpretations (AIs) in order to ensure that they are as informative and up-to-date as possible.
The SSC meet on the second and fourth Wednesday of every month. Further information about the SSC can be found here.
Technical Architecture and Business Architecture Sub-Committee (TABASC)
The TABASC met on 21st September 2017. The main topics of discussion included:
- The ongoing work on obtaining details on the open DCC Change Requests (the DCC internal change tracking mechanism) and what release the different Change Requests, have been targeted at for resolution.
- Several Modification Proposals to identify whether they are likely to require change to the Technical Code Specifications, the End-to-End Technical Architecture and/or the Business Architecture as part of the TABASC’s ongoing duty to provide support and advice in respect of Modification Proposals.
The next TABASC meeting is scheduled for 19th October 2017.
- Continuing to develop an Operational Risk Register, with a view to review and allocate relevant risks to the Operations Group once it is established. A second risk workshop is due to be held in the coming months.
SECAS continue to develop guidance material for SEC Parties. If you feel your organisation could benefit from more specific and specialised guidance, please contact the SECAS Helpdesk.
In September 2017, the following pieces of SEC Party Guidance were made available on the SEC website:
- Additional Certified Products List Guidance - Certificate Content Alignment - Recently discrepancies have been arising between the device model information included in CPL submission forms and the supporting information included in assurance certificates. This Guidance provides clarification regarding SEC requirements.
- Security Controls Framework Version 1.10 - the Security Sub-Committee recently approved a change to the SCF. This change involved separating out the SCF, specifically Appendix B of the SCF (Part 2), into ‘Design’ (for SEC Parties) and ‘Implementation’ (for DCC Users). This was done to assist both SEC Parties and DCC Users with their respective User Security Assessments moving forward for what the User CIO might expect to see during an assessment. This document provides clarity to DCC Users on the type of security assessments they will be required to take on an annual basis.
Ofgem decision on DCC’s Operational Performance Regime and direction to populate Schedule 4 of the Smart Meter Communication Licence
On 4th September 2017, Ofgem published its decision letter on the DCC’s Operational Performance Regime (OPR) proposals published in June 2017.
Ofgem has decided on the implementation of DCC’s OPR, as well as a set direction to outline changes to Schedule 4 of the Smart Meter Communication Licence to reflect the policy intent outlined in the decision. The OPR will place performance incentives on the DCC’s operations. Schedule 4 includes what the DCC is incentivised to do and how this translates into monetary incentives, the methodology and reporting structure will be set out in the Regulatory Instructions and Guidance (RIGs).
The full letter can be read in detail here.
Domestic Small Suppliers – DCC User Mandate, 25th November 2017
The DCC User Mandate for Domestic Small Suppliers is right around the corner, and all active domestic energy Suppliers should be well underway with the User Entry Process.
To be declared an eligible User, you must complete the User Entry Process Evidence Form and return it to SECAS for verification.
If you have concerns about whether your SEC Party is going to meet the DCC User Mandate, SECAS recommend discussing the matter directly with Ofgem via email@example.com.
For all other queries regarding the User Entry Process and becoming a DCC User, you can contact the SECAS@gemserv.com helpdesk.
Pursuant to SEC Section M6.2, each Party is required to ensure that its Party Details remain up-to-date. This will be particularly important for when you commence the DCC User Entry Process, as the DCC checks these details as part of those procedures, for example, the SMKI Registration Authority Policies and Procedures (SMKI RAPP).
If you have recently had a change in Party Details, please complete the ‘Change in Party Details’ form as found here and send it to the SECAS Helpdesk.
SEC Parties and AccessionsEight new Parties acceded to the SEC in September 2017. The table below shows the current status of SEC Parties. SEC Party Details can be accessed on the SEC Website.
| || |
| Current SEC Parties|| 273|
| Accession of new Parties to the SEC since last Newsletter || 8|
| Parties withdrawing from the SEC || 0|
| Expulsion of Parties from the SEC|| 0|
| Changes to SEC Panel Member employment status || 0|
A list of SEC Parties can be accessed on the SEC Website via the link provided.
Upcoming SEC Calendar Dates
The dates for the regular meetings of the SEC Panel and SEC Sub-Committees are below. More information on these meetings is available via the Meeting Calendar on the SECAS Website. Modification Proposal Working Group meetings, which are scheduled on an ‘as needs’ basis, are also found on the SEC Meeting Calendar.
| Date ||Meetings and Events|
| 3rd October 2017|| TAG Meeting 35|
|11th October 2017||SSC Meeting 40|
|13th October 2017||SEC Panel Meeting 49|
|16th October 2017 ||Introduction to the SEC Seminar |
|17th October 2017||SMKI PMA Meeting 39|
|18th October 2017||Operations Group Meeting 01|
|19th October 2017||TABASC Meeting 23|
|25th October 2017||SSC Meeting 41|
We are on Twitter and LinkedIn. SECAS are using social media to provide links and other information organisations may find useful. Follow us to stay up to date with developments with the SEC.
2017 SECCo Ltd. All Rights Reserved.