Due to the increasing digitalization of communication in all industries, the stronger safeguarding of information and data exchange between the different actors of the market participants electricity is also essential and an important contribution to the comprehensive safeguarding of the critical infrastructure in Germany.
In its decision of March 31, 2022 (Ref.: BK6-21-282), the Federal Network Agency calls for the conversion of market communication in electricity to the secure message protocol "Applicability Statement 4" (AS4 for short). In addition, electronic market communication must comply with the cryptographic specifications of the BSI and be protected by the use of the BSI's smart metering PKI (Public Key Infrastructure).
Based on the cryptographic keys from the smart metering PKI, the following criteria must be met in order to fulfill the requirements of the resolution for future security of electronic market communication:
- Use of TLS (Transport Layer Security) for network communication
- AS4 compliant encryption of the data
- AS4 compliant authentication of data (using digital signatures)
- Secure key management
A Hardware Security Module (HSM) represents the most secure and reliable method of implementing AS4 as well as meeting the cryptographic requirements set by the BSI. It provides a highly secure environment for the secure creation and storage of cryptographic keys according to BSI specifications, their use for AS4 compliant message security (encryption and digital signature) and secure communication, using TLS as well as the basis for secure key management.
As one of the global market leaders for cryptographic protection of critical infrastructures, the German company Utimaco offers the necessary experience and market penetration to master the given challenges quickly and securely, even for large-scale implementations.