Data Communications Company (DCC) Users are required to Digitally Sign XML format Service Requests and Signed Pre-Commands with a User Role Signing Private Key. That Key must be a separate dedicated Key that must not be used for communication with Devices. The Security Sub-Committee (SSC) is concerned that Keys could be used incorrectly. However, without the means to validate the use of separate Keys, there is no way to monitor if or how frequently this occurs and no way to advise Users to enable them to ensure they are compliant with the Smart Energy Code (SEC).
The solution is to implement a DCC validation check to identify if this is occurring and, if necessary, work with DCC Users to ensure compliance.
Who should respond?
- All DCC Users.
Related Documents
Please find the consultation document here (you will need to be logged in to access).
How to respond
Please use the response template and contact sec.change@gemserv.com with the subject line ‘MP104 Modification consultation response’ by 5pm on 16 August 2021.