Designation of SEC 5.4 - 9th February 2017
Small Supplier Security Guidance Published
Introduction to the SEC Seminar 24th March 2017
Designation of SEC 5.4 – 9th February 2017
Following the conclusion of the Parliamentary process pursuant to Section 89 of the Energy Act 2008, and a Secretary of State Direction issued under SEC Section X5, changes have been introduced to the SEC resulting in a new version being designated. The current version of the SEC can be found on the SEC website.
For ease of comparison with the previous version, the tracked changed versions of the SEC Sections and Appendices that have changed can be found in this zip file.
The amendments signed into law by the Minister on 8th February 2017, taking effect on 9th February 2017, implement the remaining conclusions made by the Government on the Consultation on Smart Energy Code and Licence Amendments - September 2016.
The Secretary of State direction designates Schedule 11 and Schedule 9: Smart Metering Equipment Technical Specifications Version 1.2 for the first time. Consequential changes were also made to Sections A and N. In accordance with a SEC Panel consultation undertaken in January 2017, this direction also extends the currently active SEC transitional variation regarding User IDs from 29th June 2017 to 2nd November 2017.
Small Supplier Security Guidance Published
In November 2016, the SEC Panel identified the need for relevant User CIO assessment process guidance materials aimed at Small Suppliers. The guidance intends to make sure that Small Suppliers are ready to meet the DCC User mandate of 25th November 2017. For domestic suppliers, this is an energy supply licence condition.
The guidance covers a range of topics including information on types of Security Assessments, Shared Resources, Costs and Producing Evidence for the User CIO.
It is available on the Security Assessments page; here. Please do not hesitate to get in contact if you have any feedback or any requests for further guidance in this area.
Introduction to the Smart Energy Code for New Parties
On 24th March 2017, SECAS will be running an Introduction to the Smart Energy Code for New Parties. We are inviting all our newly acceded SEC Parties to attend and gain an introductory understanding of what the SEC is, and how they may be affected by it.
The key topics covered on the day will include:
- An introduction to the Smart Metering Implementation Programme – an introduction to the various key elements of the Programme and an update on progress made towards achieving the programme objectives.
- An introduction to the Smart Energy Code – what is the purpose of the Code? What obligations does the Code introduce and who is impacted?
- Engaging with SECAS and the DCC – an introduction to the roles of SECAS and the DCC, and how you can get involved in the governance of the Code, and undertake the DCC User Entry Process.
- What’s next? - What key milestones should your company be ready for? How can you prepare for them and how SECAS can help you?
The day will be structured to ensure everyone has opportunities to ask questions and engage with our SECAS team. An agenda will be circulated to attendees in due course.
Please do let us know at the earliest opportunity if you are interested in attending as space is limited and will fill up quickly. We usually limit attendance to two representatives per company however, we will keep a reserve list for additional attendees.
The SEC Panel held its latest meeting on 10th February 2017. The key topics discussed can be found in the Meeting Headlines here, with the more detailed discussions and outcomes available in the Final Minutes, here.
During the meeting, a number of key items were discussed, including:
- The Panel approved the procurement of a Secure Web Form for the need of Parties and the DCC to securely notify the Security Sub-Committee (SSC) of various events, including when they become aware of any security vulnerabilities. Parties will be made aware once this becomes available.
- SECAS provided the Panel with an update on the ongoing effort to engage with Small Suppliers and ensure they are prepared for the User Mandate of 25th November 2017. A Request For Information (RFI) was sent out on 20th January 2017, for Parties to provide information on the arrangement of the security assessments. It was highlighted that further engagement activities including the Small Supplier User Entry Process engagement sessions will take place with the participation of the DCC.
- There are ongoing discussions in the Release Management space, with BEIS confirming they will not have a role in the Release 1.4 decision making. Panel are currently discussing how releases will be managed going forward.
The next Panel meeting will be held on 10th March 2017.
The SSC continue to split their time against two streams of core work:
- To review SEC Party Full User Security Assessments as each SEC Party goes through the User Security Assessment Process; and
- To discharge their obligations under the SEC and ensure that the End-to-End Security Requirements remain fit-for-purpose.
There were no security assessments reviewed by the SSC in February meaning recommendations were not provided to the SEC Panel for an Assurance Status of a Party. Over the coming year, the SSC will play a pivotal role in ensuring that all SEC Parties subject to the DCC User Mandate are reviewed as part of their wider User Entry Process Requirements.
In terms of wider SSC work, the Sub-Committee has looked at wider security-related matters, such as considering and discussing security risks that could potentially compromise elements of the smart metering landscape. Further Analysis will be made and considered by the SSC in the coming months.
Technical Architecture and Business Architecture Sub-Committee (TABASC)
The TABASC are continuing to focus on a number of key areas, including the development of the Business Architecture Document (BAD). The third drop of content for the BAD will be provided in March 2017 for review by the TABASC and the Technical and Business Expert Community (TBEC).
SECAS is continuing to develop the mechanism for resolving specification defects following the TABASC’s feedback at the February 2017 TABASC meeting. An example defect is being developed to assist in defining defects and to better understand the process.
The TABASC is currently discussing the management of the End-to-End landscape, including an approach to maintaining alignment with international standards. as these approaches are developed Parties will be informed.
SECAS has issued a Request for Participation: Technical and Business Expert Community (TBEC) involvement. The TBEC was established by the TABASC to set up a pool of industry expertise that can be called upon for specific items of work or analysis e.g. the review of the Business Architecture Document. If you would like to nominate yourself (or another) to become a member of the TBEC please contact the SECAS Helpdesk.
The next TABASC meeting is scheduled for 16th March 2017.
SMKI Policy Management Authority (SMKI PMA) Update
The SMKI PMA met on 21st February 2017 and discussed a number of key items, including:
- A proposed amendment to the SMKI Registration Authority Policies and Procedures (SMKI RAPP) Forms to include a new field which identifies the ways in which a SEC Party Name may reflect their Trading Name, and not their Legal Entity Name;
- Being informed of a future SRT Approach Document that will require the Sub-Committees views, in order to help inform the SEC Panel of their decision to approve the latest version (as per SEC Section T5.8); and
- The Scenarios that would be discussed at a two-day SMKI Recovery Workshop being held in March 2017 by the SMKI PMA, SECAS, the DCC, BEIS, and Ofgem.
The SMKI PMA continues to discuss a number of standing agenda items each month, including their Risk Register, future work on their Activity Planner, and any modifications which might require their views.
The next SMKI PMA meeting is scheduled for Tuesday, 21st March 2017.
New content guides and updated SEC Section Guidance have been published to reflect changes that were introduced in SEC V5.4 on 9th February 2017 at the designation of SEC Version 5.4;Security GuidanceThe new Small Supplier Guidance can be found here.
The Smart Metering Early Roll Out Obligation (ERO)
The ERO has been removed on the basis that it has fulfilled its purpose. After completing the parliamentary process, the decision has been brought into legal effect on the 15th February 2017.
DCC Consultation – Post-implementation temporary maintenance schedule review
The DCC proposes to make a request to the SEC Panel that the temporary maintenance schedule is extended for a further six months until August 2017. The DCC considers that this extension is necessary because there has not yet been sufficient usage of the DCC Services in the production environment to give the DCC full confidence that a majority of the potential issues which could arise have been identified and fixed.
In addition to the extension DCC proposes the following:
- Instead of using two maintenance windows of two hours each, DCC proposes to use a single window of no more than six hours in duration; and
- Instead of commencing no earlier than 00:01 and ending no later than 06:00 on the same day, the maintenance window will commence no earlier than 20:00 and end no later than 08:00 the following day.
The DCC considers that the provisions for Planned Maintenance in the SEC are unlikely to provide sufficient flexibility to address all issues arising during this period in the most appropriate manner, and as a consequence, it is necessary to extend the temporary arrangements for an additional six months, and seek industry views on this proposal.You can access the consultation here. The template for responses is here.
Change in SEC Party Details
If your company has changed details since its first accession to the SEC, and you are yet to let SECAS know, you can fill in this form and send it to email@example.com.
If the main contact for your organisation has changed, or if a point of contact has left, you can fill in this form.
It is key that your Party Details are up to date so that the User Entry Process and liaising with the DCC goes as smoothly as possible.
The table below shows the current status of SEC Parties.
SEC Parties and Accessions
| || |
| Current SEC Parties|| 215|
| Accession of new Parties to the SEC since last Newsletter || 4|
| Parties withdrawing from the SEC || 0|
| Expulsion of Parties from the SEC|| 1|
| Changes to SEC Panel Member employment status || 0|
A list of SEC Parties can be accessed on the SEC Website via the link provided.
Upcoming SEC Calendar Dates
The following meetings coming up over the next month are accessible via the Meeting Calendar on the SECAS Website.
| Date (2017)||Meetings and Events|
|6th March 2017||Modifications Question Hour 10|
| 8th March 2017|| SSC Meeting 26|
| 10th March 2017|| SEC Panel Meeting 42|
|16th March 2017|| TABASC Meeting 16|
| 21st March 2017 || SMKI PMA Meeting 333|
|22nd March 2017||SEC Change Board 11|
| 24th March 2017|| Introduction to the SEC 101|
The dates for the next meetings of the modification Working Groups can be found in the Calendar link provided above.
We are on Twitter and LinkedIn. SECAS are using social media to provide links and other information organisations may find useful. Follow us to stay up to date with developments with the SEC.
2016 SECCo Ltd. All Rights Reserved.