Enabling consumers to switch energy supplier more securely
What is ECoS?
Enduring Change of Supplier (ECoS), is a programme to enhance the security when you switch from one energy supplier to another. An essential component of this is the replacement of certificates on devices (primarily smart meters) which identify the responsible supplier.
Transitional vs Enduring Arrangement
What's changing?
There are many different security keys protecting the system which underpins the smart meter network and devices. As part of the original Smart Network deployment a Transitional Change of Supplier (TCoS) process was implemented (the Transitional Arrangement). This was to be replaced with the Enduring Change of Supplier process (the Enduring Arrangement).
So what does this mean..
At a high level, this involves replacing one of the keys and hosting the Enduring Change of Supplier in a new location and with a new supplier. The ECoS Programme has been tasked with delivering this change.
The solution
At the end of June 2023, ECoS successfully gained approval to proceed to go-live from the SEC Panel and DESNZ. This has enabled the migration of TCoS to ECoS devices to commence, with the migration expected to complete in Q2 2024.
The ECoS programme will make the required changes that include:
- Building the ECoS functionality within a new software component
- The provisioning of a new service provider where the new software component will be hosted
- Putting in place the relevant support to manage the new Change of Supplier solution
Other key elements to the delivery are to change the keys on the devices that have already been rolled out to homes/businesses and to ensure new devices that are added to the smart network support the Enduring Change of Supplier solution.
Got a question?
Frequently asked questions
What happens to devices which cannot be migrated to ECoS when TCoS is turned off, i.e. the TCoS credential is still on the device?
Change of Supplier (CoS) requests that are sent to TCoS credentialled devices will not be able to be actioned and the CoS request will fail as the TCoS Smart Network component will not be in place. Only CoS will be affected as all other functionality will continue to operate as before.
The challenges that this presents are understood and as a result other options are being explored to see if it is possible to continue to support the TCoS credentials once the TCoS Smart Network Component has been turned off. It will take some time to understand whether this option is possible and what will be required to make it available. As this work progresses more information will be provided.
What is the expected failure rate after all attempts to migrate devices including corrective actions have completed?
The programme will be able to provide details of anticipated failure rates once testing of the ECoS Migration solution has started. This will give indicative numbers which will firm up as testing progresses.
Numerous testing activities will be undertaken prior to Migration in order to collate further information. This will include undertaking TCoS to TCoS tests which should identify any device types / variants where there could be problems that would contribute to the overall failure rates. The overall migration failure rate is expected to be small.
Information about failure rates will be shared when it becomes available.
The forecasts will continue to be updated based upon the failure rates from production once migrations have started.
When will TCoS be turned off?
The formal decision as to when to turn off the TCoS Network Component will be made by Government following migration. Industry views will be an important consideration in that decision-making process.
Can devices at the same location have a mix of TCoS and ECoS credentials and still work?
Yes - all devices, of all types, can be updated with an ECoS credential separately.
How can Energy Suppliers influence when their devices are migrated? i.e. to avoid periods where Energy Suppliers have other items to focus on. For example major system upgrades, major events, etc.
DCC does not believe it is necessary for Energy Suppliers to influence when their devices and Comms Hubs will be migrated. The migration from TCoS to ECoS is a behind the scenes change which has been specifically designed to be non-disruptive and invisible to Energy Suppliers. As such, CoS requests can be submitted as normal in line with existing business processes.
Will migration prevent Energy Suppliers from conducting business as normal?
No. The ECoS changes and migration have been specifically designed to be non-disruptive and invisible to Energy Suppliers. As such, CoS requests can be submitted as normal in line with existing business processes.
What changes do Energy Suppliers need to put in place to be able to use the new ECoS credential installed on the device?
Energy Supplier systems do not need to be aware of the CoS credential being used on the device.
What changes do Energy Suppliers need to be in place in order to support the ECoS migration?
Energy Suppliers will need to have applied the following changes before migration:
- XML Signing
- The inclusion of the correct MPIDs aligned to the gaining Energy Supplier’s signing certificate
- Adjusted Anomaly Detection Thresholds (ADT)
- The management of the device and Comms Hub supply chains so that after Go Live
- ECoS credentialled devices and Comms Hubs are made available as soon as possible and,
- TCoS credentialled devices and Comms Hub inventory is run down as soon as possible
What about SMETS1 devices?
SMETS1 devices do not hold CoS Party credentials on the device. The S1SP holds details of the credentials for SMETS1 devices to enable CoS. Whilst the devices are not affected as such there is processing required in DSP that will identify SMETS1 related CoS requests.
The details of SMETS1 devices will be registered with the new ECoS Party as part of ECoS Go Live. Once registered CoS requests will be managed by the ECoS Party without any further changes. SMETS1 devices are not part of the wider TCoS to ECoS migration as above they do not contain TCoS credentials.
What is going to happen to my existing TCoS supply chain inventory after ECoS Go Live?
After ECoS Go Live existing TCoS inventory will continue to be deployed. As part of the overall requirement to reduce TCoS credentialled devices, once this inventory is exhausted new ECoS credentialled devices will be deployed.
The length of all supply chains and inventory volumes for devices will form part of the decision making process for the switch off of the TCoS Network Component.
Get involved
Ask our team a question
Read our ECoS newsletter
Latest editions
Drop in and briefing sessions
Further reading