DCC Live and the DCC User Mandate Update
On 8th November 2016, the Department for Business, Energy and Industrial Strategy (BEIS) published its direction for the DCC to go live for Release 1.2 (R1.2) in the Central and South Regions.
This letter resulted in the designation of SEC Version 5.0, which designated and re-designated a number of SEC Schedules and Appendices. The letter particularly on the Technical Specifications, policies and procedures to support the functionality of DCC Services. Remaining provisions of SEC Section H: DCC Services were also activated.
On 25th November 2016, BEIS issued a further direction letter to formally conclude the full scope of DCC Live for R1.2, which cancelled transitional variations to enable the DCC services to go live in the North Region, and enable the User Roles of Registered Supplier Agents and Other Users.
As part of the DCC Live communication, BEIS have also confirmed the dates by which categories of licensees must become DCC Users (as defined in the relevant standard licence condition of the supply licences):
- The Large Supplier mandate has been confirmed as 25th May 2017 (DCC Live + 6 months); and
- The Small Supplier mandate has been confirmed as 25th November 2017 (DCC Live + 12 months).
For more information on DCC Live, please visit the Latest News for Central and South Regions and the Latest News for the North Region here.
Panel Information Policy Updated and Published
The SEC Panel approved the Panel Information Policy at their meeting on 11th November 2016. The document, which is required by the SEC, provides an agreed set of rules for classifying, labelling, handling and storing Party Data received by the SEC Panel (and its Sub-Committees and Working Groups, SECAS and SECCo). Parties wishing to provide confidential data to any of these entities should familiarise themselves with the document and mark their data in accordance with the policy. For those interested in how their confidential data will be kept secure, a set of agreed principles which the Panel have agreed to adhere to are also provided.
The scope of the policy document has been expanded to include other information which may be of use to SEC Parties, such as the document classifications available to the Panel and the DCC. Those who are in receipt of protectively marked data can refer to these sections for information and guidance.
Further information can be found on our website here.
User CIO Engagement Sessions
As part of the User Entry Process, all Parties are required to undertake a Security Assessment and a Privacy Assessment (for the Other User Role) with the User Competent Independent Organisation (CIO).
SECAS is offering Small Supplier SEC Parties the opportunity to receive guidance and support regarding the process by facilitating engagement sessions with the User CIO so that any concerns or questions can be raised and discussed. The engagement sessions have been organised starting from early December 2016. These will be held as a one to one meeting, either face to face, or via teleconference (for each individual organisation you will be allowed up to 3 representatives).
If you are interested in scheduling an engagement session, please email the SECAS Helpdesk (email@example.com) with the preferred date and time.
|Friday, 2nd December 2016 || 10am - 11am, 12pm - 1pm, 2pm - 3pm, 4pm - 5pm|
|Monday, 5th December 2016 ||10am - 11am, 12pm - 1pm, 2pm - 3pm, 4pm - 5pm|
|Thursday, 8th December 2016|| 10am - 11am, 12pm - 1pm, 2pm - 3pm, 4pm - 5pm|
The SEC Panel held its latest meeting on 11th November 2016. The key topics discussed can be found in the Meeting Headlines (here), with the more detailed discussions and outcomes available in the Final Minutes, here.
Two ex-committee meetings were also held on 3rd and 25th November as part of the DCC Live decision making process.
At the ordinary meeting, the Panel were updated that the User CIO and SECAS were holding discussions on a number of areas that require consideration in relation to undertaking security assessments of SEC Parties. A thought piece is being developed and will be considered at the meeting in December 2016.
The Panel were also presented with an update on Release Management to facilitate discussions on the enduring release activities, including the Panel’s leadership role and the frequency of releases.
The next Panel meeting will be held on 9th December 2016.
SEC Modification Proposal Update Following November 2016 Panel Meeting
SEC Panel approved two new modifications for refinement
At the SEC Panel meeting, the Panel agreed for SECMP0023 "Correct Units of Measure for Uncontrolled Gas Flow Rate" and SECMP0024 "Enduring Approach to Communication Hub Firmware Management" to progress to the Refinement Process stage of the SEC Modification Process.
If you would like to be involved in the refinement of SECMP0023 and/or SECMP0024, or if you would just like to provide comments, please contact us on 020 7090 7755 or email us at firstname.lastname@example.org. When doing, please also let us know the relevant expertise or experience you have regarding these modifications.
The Panel also agreed that SECMP0016 “Consideration of “Maximum Credit” value in credit cover calculation” should proceed to Modification Report Consultation. The consultation was issued to industry on Wednesday 16th November 2016.
SEC Change Board approved two modifications for implementation
The Change Board approved SECMP0020 “Removing confidential classification of unique IDs in Schedule 5” and SECMP022 “Expanding SMKI PMA membership and removing Alternate restrictions”. SECAS expects both modifications to be implemented on 14th December 2016, subject to any referrals in accordance with SEC Section D9.4.The Modification Register has further information on the status of all modifications.
The next Modifications’ Question Hour will be held at 11am on Monday 5th December 2016.
Further information and the teleconference details can be found here.
SMKI Policy Management Authority (SMKI PMA) Update
The SMKI PMA met on Tuesday 8th November 2016 and continue to meet on a monthly basis.
The DCC are scheduled to walk the committee through a number of scenarios associated with the SMKI Recovery Procedure. The desktop exercise is due to take place in January 2017 and will assist the SMKI PMA with possible future scenarios relating to a SMKI Recovery Event.
SECAS are producing a confidential supporting document for the SMKI Recovery Key Guidance. This document will assist the SMKI PMA with their role in relation to using the SMKI Recovery Key Guidance. It is envisaged that further development of the document will take place following the SMKI Recovery Desktop Exercise in January 2017.
The next SMKI PMA meeting is scheduled for Tuesday 13th December 2016.
The TABASC met on 17th November 2016, and continued to develop a risk based approach to review the effectiveness of the End-to-End Technical Architecture, the effectiveness of the Business Architecture and the effectiveness of the HAN requirements, as required by the SEC. The TABASC discussed and agreed a proposed set of risks that will inform the development of a questionnaire and the following stages of the review.
The TABASC were provided with the monthly update on the Business Architecture Document (BAD) Project, which focussed on the activities undertaken in October 2016. The group requested further information to be included within the update going forwards, namely a dashboard update and high level risks.
Following TABASC’s request, SECAS undertook a lessons learnt exercise in relation to the initial stage of the BAD Project, and the group discussed what improvements could be made from a project management perspective.
The next TABASC meeting is scheduled for 15th December 2016.
TABASC Member Election
Following the conclusion of the scheduled TABASC member elections and the resignation of two TABASC members, the following candidates have been selected by their Party Categories to undertake a TABASC member role:
|Large Suppliers|| Ashley Pocock (re-elected) |
| Rochelle Harrison (re-elected) |
| Emslie Law |
| Stephen Lovell|
| Small Suppliers||Kirk hawksworth |
| Andy Knowles (re-elected)|
| Gas Networks|| Leigh Page (re-elected) |
| Other SEC Parties|| Tim Boyle (re-elected) |
| Elias Hanna|
Testing Advisory Group (TAG) Update
The TAG met on 31st October 2916 and on 1st, 21st and 22nd November 2016, with the focus of the meetings being on establishing a recommendation for the Release 1.2 test phases to the Panel as part of the DCC Live decision making process.
The first two meetings on the 31st October and 1st November 2016 were concerned with reviewing the progress of Systems Integration Testing (SIT) and Interface testing (IT) in the Central and South (C&S) Regions. TAG reviewed elements of SIT for C&S and provided comments on the testing undertaken thus far as well as on the independent SIT Auditors report. TAG also recommended that IT for the C&S regions be approved.
The two later TAG meetings focused mainly on the SIT and IT for the North Region and the remaining elements of SIT for the C&S Region. TAG reviewed the documentation provided by the DCC and fed back a recommendation to the SEC Panel for consideration at their 24th November 2016 meeting. TAG made a few observations on the testing, however recommended it for approval in the Northern Region.
TAG members continue to attend weekly update calls hosted by the DCC to talk through the latest testing reports. The most recent updates have focused on the closing stages of Release 1.2 in the North Region and the progress in Release 1.3 System Integration Testing.
The next TAG meeting is yet to be confirmed.
Security Sub-Committee (SSC)
The eighteenth, nineteenth and twentieth meetings for the SSC took place on 13th, 14th and 23rd November 2016. The group continued to discuss updates to the Security Controls Framework (SCF) and the agreed interpretations documents.
The SSC continued to work on a joint industry cyber security management plan (JICSIMP) and Smart Metering Incident Response Team (SMIRT), and have confirmed that a desktop exercise will take place to test the effectiveness of these two groups. The SSC continue to review the Security Assessment reports for Parties going through the Security Assessment process, providing the SEC Panel with a recommendation of an assurance status for the purpose of the User Entry Process.
The next SSC meetings will be held on Wednesday 13th and 14th December 2016.
User Entry Process
As per SEC Section H, all SEC Parties must complete the User Entry Process in order to become a DCC User and make use of the DCC Services. The SEC includes a range of pre-conditions and testing requirements for becoming a DCC User. At a high level, each SEC Party is required to:
SECAS have published a page on the SEC website dedicated to the User Entry Process with guidance material. There, you can also find an Evidence Form, for either SEC Parties to fill in with SECAS assistance, or for SEC Parties to fill in and return if they are content that they have all of the necessary evidence available.
Once all requirements have been met, SECAS will send the evidence form to the SEC Party for confirmation, before sending it to a SEC Panel meeting for information. After this, SECAS would then email the Party and the DCC to confirm the Party is now a User (within the User Roles that they have completed User Entry Process for).
For further information on any of the above, please do not hesitate to contact the SECAS helpdesk.
SECAS is continuing to develop, update, and publish guidance material. In November 2016, SECAS:
If you would like SECAS to write additional specific guidance material, or have any other questions, please contact the SECAS helpdesk or the Party Support Analyst for your Party category, who will be able to provide support. The contacts can be found here.
- Published new content guides and updated SEC Section Guidance to reflect changes that were introduced to the SEC on 8th November 2016 at the designation of SEC Version 5.0;
- Updated the Developing SEC sections and SEC Glossary to reflect the release of DCC1.2; and
- Updated and re-published the User Entry Process guidance.
Early Rollout Obligation
BEIS released a consultation letter on 16th November 2016 regarding the Early Rollout Obligation (ERO) which ran until the 23rd November 2016. The ERO currently requires qualifying Large Suppliers to install and enrol with the DCC SMETS2 smart metering systems to 1500, or 0.025% of their customer base, by six months after the date at which the DCC goes live. BEIS proposed to modify the relevant licence conditions to remove the ERO.
Due to evidence of large supplier procurements of SMETS2 meters, BEIS’ assessment is that the ERO has been effective, and has largely achieved its intent. Further information regarding this proposal can be found in the consultation letter here.
BEIS and Ofgem on A Smart, Flexible Energy System
On 10th November 2016, BEIS and Ofgem published a joint call for evidence paper, on how Ofgem and the government can create the right environment for consumers to benefit from a smarter, more flexible energy system at its fullest potential.
BEIS and Ofgem are seeking the views of the energy industry players, including new entrants to see how the energy system could become smarter and more flexible. Reponses for this call for evidence must be submitted by the 12th January 2017 and sent to BEIS and/or Ofgem. The open consultation is available on the BEIS website.
DCC Operational Performance Regime: Final Proposals
On the 17th November 2016, Ofgem published a consultation on the DCC Operational Performance Regime (OPR): Final Proposal. This document outlines:
- Ofgem’s final proposal for the OPR that will populate Schedule 4 of the Smart Meter Communication Licence;
- Ofgem’s final proposal on additional reporting that is required from the DCC to provide greater transparency of the quality of service provided; and
- Ofgem’s final proposal for how and when to implement the OPR.
The purpose of this consultation is to seek views from stakeholders on the final proposal for the OPR. The consultation is available on the Ofgem Website and the consultation closes 12th January 2017.
DCC Initial Enrolment Project Feasibility Draft Report – November 2016
On 11th November 2016, the DCC issued a consultation to carry out a feasibility study for the enrolment of SMETS1 meters in the DCC system. The infrastructure for existing SMETS1 meters has been developed independently and consequently these may not always compatible with another suppliers’ system. This means SMETS1 metres could lose functionality or require replacement when consumers switch Supplier.
The document sets out the DCC analysis regarding the options for the enrolment of SMETS1 meters into DCC infrastructure. On 23rd November 2016, BEIS released its conclusions on aspects of its 22nd September 2016 consultation that included provisions to enable the DCC to request information on Parties’ SMETS1 contracts for communication, which will assist the DCC assess the feasibility of taking those contracts on. The legal text enabling the Government policy decision on this matter is likely to come into force in early 2017.
The deadline for responses to the DCC consultation is 20th January 2017. Please send your responses to DCC at email@example.com.
Upcoming SEC Calendar Dates
The following meetings coming up over the next month are accessible via the Meeting Calendar on the SEC Website.
Meetings and Events
| 9th December 2016||SEC Panel Meeting 39|
|SECCo Board Meeting 39 |
| 13th December 2016 ||SMKI PMA 30 |
| SSC Meeting 21|
| 14th December 2016||SSC Meeting 22 |
| 15th December 2016||TABASC Meeting 13 |
| 21st December 2016||SEC Change Board 09 |
The dates for the upcoming Modification Working Group meetings can also be found in the Calendar link provided above.
SEC Parties and AccessionsThe table below shows the current status of SEC Parties and Panel Members.
| || |
| Current SEC Parties|| 205|
| Accession of new Parties to the SEC since last Newsletter || 5|
| Parties withdrawing from the SEC || 1|
| Expulsion of Parties from the SEC|| 0|
| Changes to SEC Panel Member employment status || 0|
A list of SEC Parties can be accessed on the SEC Website via the link provided.
SECAS Small Supplier Engagement Days
On the 4th and 25th of November 2016, SECAS hosted two Small Supplier Engagement Days. The Engagement Days focussed heavily on the DCC User Entry Process, with a spotlight presentation from the User CIO regarding Security and Privacy Assessments.
There was high interest with over 25 attendees for both days. Positive feedback was well received with attendees finding the Q&A sessions particularly helpful.
The engagements days are run as part of our Party Support Analyst service. If any Parties have any specific questions or queries, they can contact the Party Support Analyst for their Party Category, whose details can be found on our website.
We are on Twitter and LinkedIn. SECAS are using social media to provide links and other information organisations may find useful. Follow us to stay up to date with developments with the SEC.
2016 SECCo Ltd. All Rights Reserved.