SMETS1 PKI Service from Secure Meters Ltd

SMETS1 PKI Service
from Secure Meters Ltd

Grant of Approval

tScheme Limited grants approval to the electronic trust service identified as:
SMETS1 PKI Service

as supplied by:
Secure Meters Ltd
of E Class, Pratap Nagar Industrial area, Udaipur 313003, India.

The management system used to deliver this service is certified by:
KPMG Audit Plc.
of 1 St Peter’s Square, Manchester, M15 5PS

to satisfy the criteria defined in the following tScheme Approval Profiles:

Title Identity Issue
Base Approval Profile tSd0111 3.02
Approval Profile for a Certification Authority* tSd0102 3.03
Approval Profile for Certificate Generation* tSd0104 3.03
Approval Profile for Signing Key Pair Management tSd0103 3.04

*excluding Qualified Certificates

This approval initially commenced on:
23rd June 2020

Documents supporting this grant are available by clicking on the links in the table above.

This Grant of approval is issued by:
tScheme Limited
Mulberry Grove
PO Box 3653
RG40 9NN
United Kingdom

Company Number 4000985

Approved Service Description

Secure's SMETS1 PKI Service is a ‘closed’ PKI and is only accessible to Secure for their own use. The PKI is not made available for general public use.

The SMETS1 PKI Service only issued Certificates to internal embedded IoT devices (SMETS1 Devices) manufactured and supplied by Secure such as smart meters, home / industrial control devices and gateways.

Secure are the only Relying Party and the only Subscribers in relation to the Secure SMETS1 PKI Service.

Secure’s SMETS1 PKI Service is used internally for issuance of Certificates to support a secure communications infrastructure for their Customer’s SMETS1 Devices as per Secure’s general security commitments within their respective Customer contracts.

The Secure SMETS1 PKI Service issues Certificates for the purposes of:

  • the creation, sending, receipt and processing of communications to and from Secure SMETS1 Devices and Secure’s HES in accordance with or pursuant to their contractual arrangements with their Customers and the Smart Energy Code (SEC), which will further include:
    • symmetric key generation (Digital Signature, Key Agreement);
    • Code signing (Digital Signature, Non-Repudiation, Code Signing);
    • TLS Communication (Digital Signature, Key Agreement, TLS Web Client Authentication, TLS Web Server Authentication); and
    • Authentication and Non-Repudiation of Secure SMETS1 Devices (Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement, TLS Web Client Authentication, TLS Web Server Authentication).

It should be noted that the Secure SMETS1 PKI Service no longer issues Certificates for SMETS1 Devices.

It should also be noted that the Secure SMETS1 PKI Service does not support Certificate status i.e. Certificates cannot be revoked and a CRL or ARL is never published.

All Secure SMETS1 PKI Services are operated from within internal Secure networks and servers that reside within secure data centres. There are no internet facing elements of the Secure SMETS1 PKI Service, Secure is an ISO27001 certified organization and the Secure SMETS1 PKI Service falls within the scope of this certification.


Why tScheme approval?

It’s the mark which says your service meets the highest standards of trust.


Our members

We’re a member-led not-for-profit organisation.


What we do

Approval for organisations in the trust service provider sector.