Executive summary
Detica's response to the request by Ofgem to update their views on the key issues to be addressed by the Government's Consultation on Smart Metering for Electricity and Gas.
The purpose of this document
Detica was pleased to respond to the Government’s “Consultation on Smart Metering for Electricity and Gas” in the summer of 2009.
In our response we recommended that a “thick” Central Communications Model (CCM) be specified, as this would deliver the greatest benefit to Great Britain plc, and highlighted that a Central Communications Provider (CCP) would become an integral part of the Critical National Infrastructure (CNI), which would need to be assured against cyber attack and other threats. We went on to assert that security needs to be viewed as an end-to-end systemic challenge that is pervasive through the data transmission, data management and data protection elements of the solution1.
We were gratified to see many of our recommendations reflected in the post-consultation documentation published by DECC on 2 December 2009, and again at the joint Ofgem/DECC briefing event on 16 December 2009. At that event, Ofgem requested updated views on the key issues to be addressed under Phase 1 of the implementation programme from industry stakeholders by 11 January 2010. This document contains a summary of the data management and security issues which Detica believes need to be addressed.
About Detica
Detica specialises in collecting, managing and exploiting information to reveal actionable intelligence. We use this capability to help government and commercial clients reveal intelligence, maintain security and strengthen resilience in today’s complex operating environment. We also use our skills to assist clients with other information-intensive problems such as achieving regulatory compliance and understanding customer behaviour.
The issues we have raised in this update draw upon this expertise and relate primarily to security, data and communications management.
Key issues to be addressed during Phase 1
1 Security must be given a high priority from the outset to protect against degradation or malicious attack.
• The establishment of a single nationwide communications and data processing entity will create a significant new element of the critical national infrastructure that must be defended and assured against degradation or malicious attack. It will be difficult to achieve this to acceptable government specifications unless this communications and data processing entity are under single control and accountability.
• In defining this assurance, many industry and government stakeholder groups must be taken into account. An expert function needs to be established to balance the needs of these groups and evolve essential standards, policies and processes as necessary.
• A holistic approach is required; covering the definition of the overarching security strategy, establishment of governance, assessment of risks, formulating standards and policies, development of processes and technology, training of users, and ongoing compliance audits.
