Power Metering in Germany
based on information released by the Bundesamt für Informationssicherheit (BSI) / German Federal Agency on IT-Security on Cybersecurity for the Digitalization in Energy Industries
The basic principles, requirements and threat profiles documented by the releasing agency can be found in a set of technical guidelines named: BSI-TR-03116
As digital communications is and will inevitably related to current and future smart energy industries, the available standards do in fact focus on all levels of communication from generation over distribution to consumers. That includes general and generic methods for protection (encryption) and verification (electronic signatures) in a Public Key Infrastructure or PKI of national scale to communication protocols for the specific interchange of information within business processes in energy industries, like (for example) transferring a meter’s value for invoicing through a Metered Services Consumption report message (UN/CEFACT BDEW MSCONS PID 13017).
- PKI: BSI TR-03109-4
- MSCONS: BEDEW MSCONS
Editor’s Note: Without being able to describe all aspects of the above-mentioned standards and their implications in whole, I will follow a route on how it works and what is happening from the point of view of a regular consumer of energy services. Pleas keep in mind that the roll-out for this digital infrastructure is still in full swing at the point of this writing (2025). Whenever use cases are used as examples, they refer to electric energy. This should not divert attention from the fact, these communication standards and protocols do apply to all metered products (Sparten) in energy industries (Water, Heat, Gas, Contracting Services…) as well. Also, I do use the words “electricity” and “electric energy” synonymously and electricity or energy cannot be “consumed” – I know that. Finally: I am only beginning to investigate this. I have some professional experience, but it is limited. If I am wrong and/or describing situations inadequately, please share your insight either in this Wiki, Recessim Discord or DM (Discord)
Chapter 1 Home
So you live in an apartment or house and use electricity. Big deal! And it really is. Let us see why. All the electric energy delivered for your convenience goes through at least one measuring device – the meter. That will be in our digitized world an electronic device called in Germany for unknown reasons a smart-meter or moderne Messeinrichtung (mME). This thing in its initial configuration is not “smart” at all, given the idea "smart" means also: able to communicate. It’s not. It is an electronic counter with no ability to communicate. The meter resides logically in a market-location or MaLo (address of the building or apartment), which is associated with your invoicing details (customer name & address). The meter itself or multiple meters represent the measuring-location or MeLo. Ant this is bound to a meter-ID which is then associated with the physical meter, which again has a serial number.
Identification Hierarchy:
The Format of a Market Location MaLo consist out of a 11-digit code:
1st Digit = authorizing body (1-3: DVGW; 4-9: BDEW) 2nd to 10th = (9 digits) ID provided by the grid provider / measurement device provider 11th digit = checksum
Example: 012345678901
The Format of a Measurement Location MeLo consist out of a 33-digit code called ZBP:
1,2 digit = country code 3-9 digit = distribution grid provider 10-14 digit = postcode 15-33 digit = “counting point number” / Zählpunktnummer
Example: DE012345678901234567890
Associated with the MeLo is an dynamic OBIS Value (Object Identification System), which relates the meter to the product variant: import only, import/export, multi-tariff…
Consumption of electricity is measured in kWh which is kilowatt-hours or 1.000 watts per hour. With a price of 35 to 45 eurocent per kWh, this is a commodity worth to think a moment on how to organize the value chain to ensure money can be collected from consumers (Endverbraucher) and distributed to the contributors in the energy industry. The “bottom” end if this value chain is the “electricity bill” (invoice) you are receiving from a supplier (Lieferant). As Germany is an open market for electricity, this supplier buys the electric energy for your future consumption from an exchange-like market and/or has means to produce electricity themselves. But this will be covered later in more detail. For the moment we just reduce it to the fact that the supplier estimates your individual consumption of electricity based on a standardized load profile (SLP) and if everything is normal, it will be there to power whatever electric appliances you might have.
Local Metrological Network or LMN
In order to “smartify” the situation, communication must be enabled. Therefore an communication interface needs to be added to the smart-meter. Furthermore a smart-meter-gateway (SMGW) needs to be added and accessible from the meters communication interface. These two devices can now communicate and are called in Germany an intelligent measuring system or iMSys - and yes, this communication is already protected (encrypted). The protocol used here is a COSEM (Companion Specification for Energy Metering) / OBIS (Object Identification System) / OMS (Operation Management System) protocol based on RS485 which can be either by wire or wireless, defined in TR-03109
One or more smart-meters with communication interfaces connect with a single smart meter gateway and form the Local Metrological Network or LMN.
As the central communication component, the smart meter gateway must implement secure means for communication with two additional networks:
Home Access Network or HAN
In the HAN you will find all the Controllable Local Systems (CLS). These are switches controlled by the SMGW and can be turned on or off or put into a “reduced power mode”. This is the sole purpose of the HAN to have access to one or more CLS. Pictures are often shown with including the consumers smart-home components and proprietary in-home-displays (IHD), but this is just obfuscation. The truth is all consumers will connect their smart home components in their home WLAN and in one way or another directly to the meters for readout or in the case of a power generating situation (photovoltaic, wind, generators) to the inverters / regulators of that generation unit. The CLS sole purpose is reduce the risk of instability for the grid in energy shortage situations and to enable the grid operators to shut down high consumption appliances like professional grade electric heaters, air conditioning, washer and dryers, kitchen ovens, stove, furnaces, wall boxes for e-mobility, instantaneous water heaters and heat pumps. The owner of a house will effectively loose the final control over these appliances if they have been connected through an CLS. As of now, consumers and house owners are tricked into the CLS acceptance process by offering discounts on the price of the kWh. But the national institute for electrical engineering (VDE) is working on standards making it mandatory to connect anything with an electrical power of more than a thousand Watts to a CLS. Making it illegal to constantly operate those without an CLS.
Imagine, you are generating electricity from solar power coming from your house’s roof to charge your electric vehicle in your garage, which is connected to a wall box. Now the grid’s frequency turns suddenly low, and the grid operator decides to dump “unnecessary” load. Your CLS will be turned off. The excessive electricity from your roof will be immediately diverted to the grid to have it furthermore stabilized. You get 8ct per kWh for tis stunt, but your car remains uncharged. A similar doomed situation occurs if grid frequency rises. Your solar export to the grid will be just cut off by commanding the inverters to reduce efficiency by frequency manipulation. The electric vehicle is charged with grid power at 50 ct/kWh. Your customer data record at the energy supplier and the grid operator will contain and release the information about the possibility of remotely deactivating import or export to the grid. This information is exchanged through UN/CEFACT BDEW UTILMD PID 55112/55113/55114
You can be exempt from remote control if you are a hospital or a government agency and do rely on electricity on a higher priority than consumers. The HAN communication protocol is based on mostly wireless cell broadcasts in the 2.4 GHz band similar to the capabilities of Bluetooth:
It does not connect or need to connect to your home’s WiFi. It can be wired of course.
Wide Area Network or WAN
This network carries the communication from the grid operator (Gateway-Administrator) to and from the intelligent measuring System. The gateway administrator is a role. This role is controlled by the grid operator and his rules for redispatch (rules to control frequency in the power grid at a acceptable stable level). That is a very important role and numerous apocalyptic movies do build their plot on the idea of something going wrong here. This role is the true divers’ seat in this orchestra. With CLS the ability to reduce the impact of medium or larger stability incidents to a desired audience of maximum suffering tolerable individuals, the possibilities have substantially increased. Of course, it is up the German government and the minister of energy, to decide how this audience should be exactly composed of.
Also an external market player role (externer Markteilnehmer) is defined. These is for example your energy supplier (Lieferant). He can communicate with the SMGW as well and have it sending consumption-based data in higher or lower frequency or change your tariff. If you for instance, are notorious late with payments, the supplier can switch your invoicing from billing to prepaid and cut you off the grid until a positive balance materializes in the payable account. WAN communication from the SMGW is based exclusively on GSM or Power Line Communication (PLC) protocols and effectively do form an ISO/OSI stack IP network which can be tunneled through the internet by SLL for cost effectiveness. Payload will be always encrypted on the byte level Please note, routing is not available between these networks: LMN, HAN and WAN trough the smart meter gateway. It purely acts as a “bridge”, receiving messages from one network and sending different messages but accordingly to the purpose, to another attached network.
Directly Reading Information from the Smart Meter (IR-Port)
Most smart meters in Germany are equipped with an bidirectional ifrared-port (actually two ports: one for TX and one for RX) for sending and receiving data. This port will send additional metering information if activated. This includes momentary power import/export to and from the grid and voltage in different phases (L1, L2, L3). Activation is protected by a 4-digit PIN, which is (for data protection reasons) only available from the company owning the meter, or if unconfigured "0000" as a factory default. To activate the sending of additional metering data, the pin has to be entered by using a simple flashlight. Here's a video showing, how this is done. PIN protetion can be permanaently deactivated. After successfull activation, the meter can be configured by sending serial communication commands via the ir port either by OBIS protocol (ASCII or binary (SML) depending on the meter). After configuration the meter will transmit the information requested via the ir-port. Users communicate with these meters via diy-style serial opto-couples via cable link or WiFi. Freely available Tasmota (github) software based soultions do make use of inexpensive microcontrollers (ESP8266 or ESP32) for that purpose. There is a description of the smart meter interface API, running an OBIS-Protocol here.
Example of the OBIS ASCII communication protocol:
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"/KFM5KAIFA-METER\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-3:0.2.8(42)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-0:1.0.0(200913101618S)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-0:96.1.1(4530303235303030303639363432393136)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:1.8.1(005779.835*kWh)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:1.8.2(005583.617*kWh)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:2.8.1(000000.000*kWh)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:2.8.2(000000.000*kWh)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-0:96.14.0(0001)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:1.7.0(00.498*kW)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:2.7.0(00.000*kW)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-0:96.7.21(00000)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-0:96.7.9(00000)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:99.97.0(1)(0-0:96.7.19)(000101000001W)(2147483647*s)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:32.32.0(00000)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:32.36.0(00000)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-0:96.13.1()\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-0:96.13.0()\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:31.7.0(002*A)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:21.7.0(00.496*kW)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"1-0:22.7.0(00.000*kW)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-1:24.1.0(003)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-1:96.1.0(4730303332353631323736373836373136)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"0-1:24.2.1(200913100000S)(04139.079*m3)\r"}
09:16:17 MQT: tele/wemos-9/RESULT = {"SerialReceived":"!F798\r"}
Example of the OBIS SML (binary) Protocoll:
1b 1b 1b 1b 01 01 01 01 76 05 03 2b 18 0f 62 00 62 00 72 63 01 01 76 01 01 05 01 0e 5d 5b 0b XX XX XX XX XX XX XX XX XX XX 01 01 63 49 00 00 76 05 03 2b 18 10 62 00 62 00 72 63 07 01 77 01 0b XX XX XX XX XX XX XX XX XX XX 07 01 00 62 0a ff ff 72 62 01 65 02 1a 58 7f 7d 77 07 81 81 c7 82 03 ff 01 01 01 01 04 49 53 4b 01 77 07 01 00 00 00 09 ff 01 01 01 01 0b XX XX XX XX XX XX XX XX XX XX 01 77 07 01 00 01 08 00 ff 65 00 01 01 80 01 62 1e 52 ff 59 00 00 00 00 01 c9 0c a7 01 77 07 01 00 01 08 01 ff 01 01 62 1e 52 ff 59 00 00 00 00 01 c9 0c a7 01 77 07 01 00 01 08 02 ff 01 01 62 1e 52 ff 59 00 00 00 00 00 00 00 00 01 77 07 01 00 02 08 00 ff 01 01 62 1e 52 ff 59 00 00 00 00 00 00 00 00 01 77 07 01 00 02 08 01 ff 01 01 62 1e 52 ff 59 00 00 00 00 00 00 00 00 01 77 07 01 00 02 08 02 ff 01 01 62 1e 52 ff 59 00 00 00 00 00 00 00 00 01 77 07 01 00 10 07 00 ff 01 01 62 1b 52 00 55 00 00 00 5b 01 77 07 01 00 24 07 00 ff 01 01 62 1b 52 00 55 00 00 00 17 01 77 07 01 00 38 07 00 ff 01 01 62 1b 52 00 55 00 00 00 2e 01 77 07 01 00 4c 07 00 ff 01 01 62 1b 52 00 55 00 00 00 15 01 77 07 81 81 c7 82 05 ff 01 01 01 01 83 02 XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX 01 01 01 63 54 86 00 76 05 03 2b 18 11 62 00 62 00 72 63 02 01 71 01 63 fa 36 00 1b 1b 1b 1b 1a 00 70 b2
(sensitive data blanked out = XX)
Chapter 2 Public Key Infrastructure
General
While until 1st of April 2024 most communications between energy market participants (roles) were relying on automatically processed EDIFACT messages in email, this is changed to a machine-to-machine communication via webservices, using AS4 encrypted payloads. The requirements for the XML encryption / signing public key infrastructure (PKI) leans on Diffie-Hellman key exchange procedures. The keys algorithms themselves however can be based on anything commonly accepted like: RSA, Diffie-Hellman, DLIES or Elliptic-Curve.
Keygen and Distribution
In theory every market participant is obliged to create their own key-pair for each role in the EDI@Energy framework. Then the public key needs to be signed by an officially certified CA. Officially certified CAs in this case are IT service providers, registered with the National Energy Grid Agency (BNetzA) and do include like Arvato, Telesec and Deutsche Telekom. The signed public key must be made available in a central directory operated by the BDEW, an energy industry standardization organization. It turns out, the challenge to generate key pairs in a secure fashion is overwhelming most IT organizations in small and medium sized utilities companies. The challenges arising from installing and maintaining trust-centre grade “circle of trust” procedures including the necessary escrow mechanisms, keeping employees from stealing keys and passwords, are substantial. Some larger organizations are known to have the resources and procedures in place, most smaller companies seem to ignore the risks and have their admins generating X.509 keys with ssh-keygen on their Linux machines and some totally rely on the service offerings of the CAs. In the case of some IT-guy made the key pair, there is a substantial risk, this pair will sooner or later be compromised. Additionally relying on a CA service provider to generate, distribute and maintain thousands of key-pairs for smaller organizations creates a single target, which if compromised, will void the security of the whole PKI at least for a while.
Payload Encryption vs. Transport encryption
The National Institute for IT Security (BSI) emphasizes two alternative AS4 compatible approaches: PKI encrypted payloads with electronic signatures and transport based (TLS 1.2) encryption. It is not clear from the requirements specification which one should be used when. But the initial thinking probably was to go for the payload encryption in the first place and to fall back to TLS, when the procedures implemented proved technically unreliable ot too complicated for the market participants. As this is currently under implementation by a multitude of software vendors for energy market communication products at the point of this writing (March/2024), no statement can be made on the initial success and use of payload encryption.
Chapter 3 Grid Operators
Maintaining Stability
Electricity grid operators play a crucial role in ensuring the reliable and efficient functioning of electricity grids. Their primary purpose is to manage the flow of electricity across the grid, maintain grid stability, and ensure that supply meets demand in real-time. Grid operators in germany distinguish themselves into two categories: national transmission grid operatiors and local distribution grid operators.
Here's a breakdown of their key responsibilities and the means they use to ensure grid stability and frequency:
- Grid Management Grid operators monitor the flow of electricity through the grid and balance the supply and demand of electricity in real-time. They must ensure that enough electricity is generated to meet current demand while maintaining grid stability.
- Load Balancing Grid operators must balance the load on the grid by adjusting the generation of electricity to match the fluctuating demand throughout the day. They use various tools and techniques to predict and manage load changes, such as demand response programs, energy storage systems, and grid interconnections.
- Frequency Regulation Grid operators maintain the frequency of the electricity grid within a narrow range to ensure stable and reliable operation. In most power systems, the standard frequency is 50 Hz or 60 Hz. Fluctuations in frequency can cause disruptions to sensitive equipment and lead to power outages. Grid operators use frequency regulation mechanisms such as automatic generation control (AGC) and frequency response services to stabilize the grid frequency.
- Grid Monitoring and Control Grid operators continuously monitor the performance of the grid using advanced control systems and monitoring devices. These systems provide real-time data on grid conditions, including voltage levels, power flows, and equipment status. By analyzing this data, operators can identify potential issues and take corrective actions to maintain grid stability.
- Emergency Response Grid operators must be prepared to respond quickly to unexpected events such as equipment failures, natural disasters, or sudden changes in demand or generation. They have contingency plans in place to minimize disruptions and restore power as quickly as possible in the event of an emergency.
- Grid Expansion and Maintenance Grid operators also play a role in planning and expanding the grid infrastructure to accommodate growing demand and integrate renewable energy sources. They coordinate with utilities, regulators, and other stakeholders to invest in new transmission lines, substations, and other infrastructure projects.
Overall, electricity grid operators are essential for ensuring the reliable and secure operation of electricity grids. Through careful monitoring, control, and coordination, they help maintain grid stability and ensure that electricity is delivered safely and efficiently to consumers.
Day Ahead and Merit Order
In Germany, the electricity market operates using a "day-ahead" scheduling system and a "merit order" mechanism to determine the dispatch of power plants and the pricing of electricity:
- Day-Ahead Scheduling
The day-ahead scheduling system allows market participants, including generators, retailers, and traders, to submit their electricity supply and demand forecasts for the next day.
Market participants submit bids indicating the quantity of electricity they are willing to buy or sell at various price levels. Based on these bids, the market operator determines the optimal schedule for electricity generation and consumption to meet forecasted demand while minimizing costs. The day-ahead market clears once a day, typically in the evening, and establishes the prices and quantities of electricity for the following day. The system and protocols “ESS” (ENTSO-E Scheduling System) are described tin this document. - Merit Order System
The merit order system is used to dispatch power plants based on their marginal costs of generation. Power plants are ranked in ascending order of their marginal costs, with renewable energy sources like wind and solar typically having the lowest marginal costs (since their fuel is free), followed by nuclear, coal, gas, and finally, peaking plants. The system dispatches power plants in order of increasing marginal costs until the forecasted demand is met. The clearing price in the day-ahead market is often determined by the marginal cost of the last unit of electricity needed to meet demand, which is typically set by a gas-fired or coal-fired power plant. As a result, renewable energy sources are typically dispatched first when their output is available, helping to reduce the overall cost of electricity generation and promote the integration of renewable energy into the grid.
In Germany, the combination of the day-ahead scheduling system and the merit order mechanism helps to ensure the efficient and cost-effective operation of the electricity market while integrating a growing share of renewable energy sources. It also provides transparency and market signals for investment in new generation capacity and grid infrastructure.
Redispatch 2.0
Redispatch 2.0 is a term used in Germany to refer to a set of regulatory changes aimed at optimizing the management of electricity grid operations, particularly in light of the increasing integration of renewable energy sources and the evolving energy landscape. It builds upon the original redispatch measures implemented to maintain grid stability but introduces several updates and enhancements to better accommodate the changing dynamics of the energy market:
- Background
Germany, like many other countries, is transitioning its energy system towards a greater share of renewable energy sources such as wind and solar power. Renewable energy generation is often decentralized and intermittent, which poses challenges for grid stability and management. - Original Redispatch Measures
The original redispatch measures allowed grid operators to instruct power plants to adjust their output or generation schedules to maintain grid stability. This was primarily done to manage congestion on transmission lines and prevent overloading of the grid. Redispatch is based on order and acknowledgement messages within the communication framework EDI@Energy defined between market participants. - Redispatch 2.0 Enhancements
Greater Flexibility: Redispatch 2.0 introduces measures to enhance the flexibility of the electricity system, allowing grid operators to better manage fluctuations in renewable energy generation.
Market-Based Approaches: It encourages the use of market-based mechanisms to manage congestion and grid stability, such as the use of flexible market products and incentives for demand response. Decentralization: Redispatch 2.0 recognizes the increasing decentralization of energy generation and consumption, encouraging the integration of distributed energy resources and demand-side management solutions.
Digitalization: The implementation of digital technologies and advanced grid monitoring systems is also a key aspect of Redispatch 2.0, enabling real-time monitoring and control of grid operations.
Cost Allocation: Redispatch 2.0 includes provisions for the fair allocation of costs associated with redispatch measures among market participants, ensuring that the costs are allocated efficiently and transparently. - Objectives The primary objectives of Redispatch 2.0 are to improve grid stability, increase the efficiency of grid operations, and facilitate the integration of renewable energy into the electricity system. It aims to achieve these objectives while minimizing the overall cost to consumers and ensuring fair and transparent market practices.
Redispatch 2.0 represents a comprehensive framework for modernizing grid management practices and adapting to the changing dynamics of the energy market in Germany. It reflects the ongoing transition towards a more sustainable and flexible energy system driven by renewable energy and digital innovation and for this reason includes functions embedded into consumers smart meters. If frequency rises and conventional cut off of generated power is not sufficient, the transmission grid operator sends a message to the smart meter operator via the distribution grid operator and telling it to cut of the CLS (controllable local system) for consumer-side electric generators (photovoltaik, wind, gas). Similar things happens with sinking frequencies from a higher demmand exceeding available conventinal energy reserves. In this case the smart meter gateway shuts down the CLSs assiciated with high enegy consuming devices (wallbox, heat-pumps...)