SMETS1 PKI Service
from Secure Meters Ltd
Grant of Approval
tScheme Limited grants approval to the electronic trust service identified as:
SMETS1 PKI Service
as supplied by:
Secure Meters Ltd
of E Class, Pratap Nagar Industrial area, Udaipur 313003, India.
The management system used to deliver this service is certified by:
KPMG Audit Plc.
of 1 St Peter’s Square, Manchester, M15 5PS
to satisfy the criteria defined in the following tScheme Approval Profiles:
|Base Approval Profile||tSd0111||3.02|
|Approval Profile for a Certification Authority*||tSd0102||3.03|
|Approval Profile for Certificate Generation*||tSd0104||3.03|
|Approval Profile for Signing Key Pair Management||tSd0103||3.04|
*excluding Qualified Certificates
This approval initially commenced on:
23rd June 2020
Documents supporting this grant are available by clicking on the links in the table above.
This Grant of approval is issued by:
PO Box 3653
Company Number 4000985
Approved Service Description
Secure's SMETS1 PKI Service is a ‘closed’ PKI and is only accessible to Secure for their own use. The PKI is not made available for general public use.
The SMETS1 PKI Service only issued Certificates to internal embedded IoT devices (SMETS1 Devices) manufactured and supplied by Secure such as smart meters, home / industrial control devices and gateways.
Secure are the only Relying Party and the only Subscribers in relation to the Secure SMETS1 PKI Service.
Secure’s SMETS1 PKI Service is used internally for issuance of Certificates to support a secure communications infrastructure for their Customer’s SMETS1 Devices as per Secure’s general security commitments within their respective Customer contracts.
The Secure SMETS1 PKI Service issues Certificates for the purposes of:
- the creation, sending, receipt and processing of communications to and from Secure SMETS1 Devices and Secure’s HES in accordance with or pursuant to their contractual arrangements with their Customers and the Smart Energy Code (SEC), which will further include:
- symmetric key generation (Digital Signature, Key Agreement);
- Code signing (Digital Signature, Non-Repudiation, Code Signing);
- TLS Communication (Digital Signature, Key Agreement, TLS Web Client Authentication, TLS Web Server Authentication); and
- Authentication and Non-Repudiation of Secure SMETS1 Devices (Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement, TLS Web Client Authentication, TLS Web Server Authentication).
It should be noted that the Secure SMETS1 PKI Service no longer issues Certificates for SMETS1 Devices.
It should also be noted that the Secure SMETS1 PKI Service does not support Certificate status i.e. Certificates cannot be revoked and a CRL or ARL is never published.
All Secure SMETS1 PKI Services are operated from within internal Secure networks and servers that reside within secure data centres. There are no internet facing elements of the Secure SMETS1 PKI Service, Secure is an ISO27001 certified organization and the Secure SMETS1 PKI Service falls within the scope of this certification.