Einsatz der elektronischen Signatur für den Messdatenaustausch im liberalisierten Energiemarkt

Reading out measuring data electronically makes it possible to collect metering data automatically and efficiently using the same medium from the originating meter up to the billing of the energy. The SELMA project has the goal to generate a standard for the secure electronic exchange of metering data. The liberalization of the german energy market results in a change from a closed system with a relatively small number of market partners to an open system with many, competing participants that have to communicate. Thus the protection against manipulation and fraud is of major importance and has been considered in the SELMA project from the beginning. This paper describes the security analysis and security architecture of SELMA. In the first part of the paper, the security analysis is described. In the beginning, an abstract communication model is designed that models the liberalised energy market in Germany showing the different roles In the market and their relations. Based on this model, a risk analysis is conducted. Of special interest in this context are attacks that are conducted by a coalition of market participants. The security analysis concludes with a catalog of security requirements for the security architecture. In the second part of the paper, the security architecture is described. One of the main requirements is to guarantee the authenticity of the metering data that is collected over open networks. In addition to that, It must be possible to check the authenticity of the data throughout its whole life cycle. The technical realization of these security requirements results in an architecture that distinguishes itself by the end-to-end use of digital signatures. In addition to that the security architecture takes into account the requirements of the manufactures and the users as well as legal aspects like the EichG, the SigG, the BDSG and the TDDSG. The result is a consistent and universal security architecture that keeps the balance between the desired level of security, the additional complexity and the bearable residual risks. Thus this architecture leads a major contribution to the propagation of use of electronic signatures in Germany.