Smart Meter Security

Providing the secure foundation needed to unlock the potential of smart meter technology.

Contact us Download solution sheet


Smart Meter Security Possibilities

Smart meter security and the legal frameworks and regulatory requirements surrounding the roll-out of smart metering infrastructures are thorough, forcing utility providers to adapt and invest. While the necessary investments are significant, smart meters also provide significant opportunities. A smart metering infrastructure can help combat climate change, while delivering savings to consumers. For utility providers, smart meters give access to valuable data and enable the development of value-added services that protect revenues, differentiate services and reduce customer churn, while cutting operating expenses and improving grid management. Furthermore, smart meters enable the reduction of energy consumption, waste, and emissions, and will be one of the fundamental enablers for the future smart grids where bigger variations in supply will be an unavoidable parameter.  A key obstacle to deliver on these promises? Security and privacy concerns.

A fundamental part of what is “smart” in the context of smart meters is that the infrastructure is connected to the Internet. It enables a continuous flow of data between the consumer and the utility provider, but it also exposes the infrastructure to third parties. Several markets have already seen smart meters being hacked, and the potential threats are vast; from a damaged brand reputation to billing fraud and ultimately, power failures. This, of course, are raising smart meter security concerns.


Ensuring data protection, privacy and security when implementing Smart Meter Security

To realize the promises of smart meter security, utilities need to take several security-, data protection-, and privacy considerations into account, including:

  • Protecting the integrity of the device at the consumers premises – ensuring the software is not tampered with.
  • Proofing and protecting the integrity and origin of data sent between the consumer premises and utility.
  • Authenticating the identities of the parties in communication.
  • Protecting the data from unauthorized access when in transit between consumer premises and the utility provider.
  • Ensuring regulatory compliance of data access when stored by the utility provider.

These considerations can all be handled using digital certificates. Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. This enables secure communication between parties and provide security through identity and services built on top, including authenticity, integrity, confidentiality and non-repudiation. For utility companies or integrators looking to build a security smart metering infrastructure, the right PKI solution can be a one-stop shop.


Meeting the Regulatory Demands of Smart Meter Security

The legal framework for smart metering in EU is mainly set by the Directives on the internal markets for electricity and gas (2009/72/EC & 2009/73/EC) and the Directive 2006/32/EC on energy end-use efficiency and energy services. Directive 2004/22/EC on measuring instruments contains relevant technical provisions for metering devices, also applicable for smart metering. Other Directives encouraging, but not requiring, advanced or intelligent metering systems to promote energy savings and demand response are Directives 2005/89/EC and 2010/31/EC. In addition, more general regulation like General Data Protection Regulation (GDPR) is greatly impacting how utilities gather, store, handle and use the data generated from smart meters.

To ensure utility companies’ compliance with current and regulatory frameworks, including general regulations like GDPR and smart metering-specific regulations like Directive 2009/72/EC, Directive 2009/73/EC, Directive 2006/32/EC and Directive 2004/22/EC, a scalable and flexible way of ensuring data protection, privacy and security needs to be considered. Specifically, the smart meter security solutions selected should be able to:

  • Adapt to various use cases including current and future regulatory demands.
  • Have configurable profiles to enable different access levels to data wherever it is stored.
  • Have integration interfaces to other 3rd party systems to enable compliance across platforms and systems.

PrimeKey Public Key Infrastructure and Certificate Management solutions enable utilities to stay compliant with current and future regulatory demands while delivering the data protection, privacy and security necessary for a resilient smart meter infrastructure.

PrimeKey is Creating Trust for the Connected Society

One of the world’s leading companies for PKI solutions, PrimeKey has developed successful technologies such as EJBCA Enterprise, SignServer Enterprise and PrimeKey PKI Appliance. PrimeKey is a pioneer in open source security software that provides businesses and organizations around the world with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

Able to protect virtually any area of technology, PrimeKey’s solutions is a perfect fit for a utility provider looking for a proven, scalable and flexible way of securing a smart metering infrastructure. Trusted by governments and world-leading companies alike, PrimeKey secures the most critical infrastructure on the planet, including national e-IDs, mobile communications and industrial IoT solutions.

Key features for Smart Meter Security

High Security and Reliability

  • Common Criteria certified
  • Detailed audit and transaction logs
  • Role-based authorization
  • Hardware security modules
  • Designed for scalability and reliability
  • Service availability across maintenance windows
  • Scalability and availability using clusters


  • Configurable profiles supporting diverse use cases and standards
  • Integration interfaces, supporting standard protocols and web services
  • Designed for high levels of automation
  • Supports different deployment scenarios
  • Available as Software, Appliance, in the cloud and hybrid deployments

Regulatory Compliance

  • ETSI/eIDAS and WebTrust-compliant
  • Enabling GDPR-compliance across platforms and systems
  • Future-proof and flexible to support regulatory demands of the future.

Contact us

Fill in your contact information below and we will get in touch with you.