Open consultation

Smart Secure Electricity Systems (SSES) Programme: Enduring Governance (accessible webpage)

Published 4 August 2025

Applies to England, Scotland and Wales

General information

Why we are consulting

The Smart Secure Electricity Systems (SSES) Programme is designed to create the technical and regulatory frameworks to enable the untapped flexibility from small scale devices, such as domestic electric vehicle charge points and heat pumps.

It should contribute to electricity system decarbonisation in a way that protects consumers and the electricity system and as such is a key enabler for consumer-led flexibility (CLF) that will help consumers make energy bill savings and deliver the government’s Clean Energy Superpower Mission.

To make sure the technical and security requirements for energy smart appliances and flexibility services continue to meet the evolving needs of industry and government’s policy objectives, we plan to establish industry-led governance arrangements to manage these considerations and recommend any changes to government and regulators in light of emerging risks and market developments.  

We are consulting on: 

  • our minded-to position for Elexon to be responsible for SSES Enduring Governance through modifications to the Balancing and Settlement Code
  • the technical and security governance functions to be managed by the SSES Technical and Security Governance Groups
  • the proposed membership arrangements for the SSES Technical and Security Governance Groups
  • cost recovery proposals for Elexon to recover costs for managing the enduring governance functions
  • the proposed code modifications to the Balancing and Settlement Code (Annex A)

Consultation details

Issued: 4 August 2025
Respond by: 29 September 2025

Enquiries to:

Smart Secure Electricity Systems Team
Department for Energy Security and Net Zero
7th Floor
3-8 Whitehall Place
London
SW1A 2AW

Email: SSESConsultation@energysecurity.gov.uk

Consultation reference: Smart Secure Electricity Systems Programme (SSES): Enduring Governance

Audiences: This consultation is open to anyone to respond, but will primarily be of interest to:

  • energy and technology companies
  • energy smart appliance manufacturers
  • flexibility service providers and load controllers
  • consumer and environmental groups
  • innovators, and third party intermediaries in energy and / or other sectors
  • parties to the Balancing and Settlement Code

Territorial extent:

Great Britain only.

How to respond

Respond online at: energygovuk.citizenspace.com/energy-security/sses-enduring-governance

Or

Email to: SSESConsultation@energysecurity.gov.uk 

A response form is available on the GOV.UK consultation page: www.gov.uk/government/consultations/smart-secure-electricity-systems-programme-sses-enduring-governance

When responding, please state whether you are responding as an individual or representing the views of an organisation.

Your response will be most useful if it is framed in direct response to the questions posed, though further comments and evidence are also welcome.

Confidentiality and Data Protection

Information you provide in response to this consultation, including personal information, may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act 2018 and the Environmental Information Regulations 2004).

If you want the information that you provide to be treated as confidential, please tell us, but be aware that we cannot guarantee confidentiality in all circumstances. An automatic confidentiality disclaimer generated by your IT system will not be regarded by us as a confidentiality request.

We will process your personal data in accordance with all applicable data protection laws. See our privacy policy.

We will summarise all responses and publish this summary on GOV.UK. The summary may include a list of names or organisations that responded, but not people’s personal names, addresses or other contact details.

Quality Assurance

This consultation has been carried out in accordance with the government’s consultation principles.

If you have any complaints about the way this consultation has been conducted, please email: bru@energysecurity.gov.uk.

Ministerial Foreword

As the Prime Minister has made clear, clean power is an urgent priority for our country and one of the key five missions in the Government’s Plan for Change. Our Clean Power 2030 Action Plan highlights the critical need for a substantial increase in clean flexibility to achieve our clean energy goals. A central component of this is domestic-scale consumer-led flexibility, where consumers can choose when to use electricity through their use of energy smart appliances and flexibility services, being rewarded by lower bills while continuing to meet their energy needs.

The publication of our Clean Flexibility Roadmap [footnote 1] demonstrates the government’s commitment to meeting our clean power ambitions, as we aim to scale consumer-led flexibility from 2.5GW in 2023 to 10GW to 12GW by 2030 [footnote 2]. The deployment of consumer-led flexibility presents a valuable opportunity to reduce energy bills - not only for those using energy smart appliances, but also for all consumers - by minimising generation and the network build needed to deal with increased demand as we further electrify heat and transport.

The Clean Flexibility Roadmap sets out our vision for flexibility, which includes supporting the continued, sustainable growth of consumer-led flexibility. The SSES Programme will be crucial for establishing robust technical and security frameworks for energy smart appliances and load control organisations to support this. In our April 2025 government response to the 2024 consultation on ‘Delivering a smart secure electricity system’ we set out further detail for ensuring Enduring Governance arrangements for these frameworks and we committed to consult further on these proposals.

We recognise that industry holds the expertise and will be at the forefront of delivering consumer-led flexibility with government and delivery partners. That is why, through this consultation, we are proposing that industry and organisations representing consumers take a lead role in maintaining and evolving these frameworks over time. This approach ensures that those with the most relevant and first-hand knowledge of evolving CLF markets are jointly responsible for keeping technical and security frameworks for energy smart appliances and load control up to date, with appropriate oversight from government and Ofgem.

I would like to thank the many industry partners with whom we have worked closely to develop the proposals in this consultation, as well as those who have responded to previous consultations on delivering a smart secure electricity system. The Enduring Governance arrangements set out in this consultation are a key step towards a flourishing consumer-led flexibility sector, minimising bills for consumers, maintaining security of supply and meeting our Clean Energy Superpower Mission. 

Michael Shanks MP, Minister for Energy

Executive Summary

The Smart Secure Electricity Systems (SSES) Programme will support the move to a smarter, more flexible clean energy system as part of our effort to bring down energy bills by facilitating more Consumer-Led Flexibility (CLF).

CLF involves the voluntary shifting of electricity use to times when supply is more abundant, cheaper, and cleaner, and away from peak periods. Consumers [footnote 3] are already benefiting from using their electricity flexibly, whether through smart charging an electric vehicle or taking part in discounted sessions from their supplier. Depending on their current usage, some will be able to save even without changing their usage habits. Those who do not generally use electricity at peak times (4pm to 7pm) could save over £200 a year from switching from the price cap to one that changes through the day based on market rates. [footnote 4] Households with heat pumps could save more than £250 annually by shifting to a smart tariff and using their heat pump flexibly. [footnote 5]

The SSES Programme is putting in place technical and regulatory requirements for Energy Smart Appliances (ESAs) to ensure interoperability, cyber security and protect grid stability. We are also establishing a load control licence which will be designed to ensure that consumers are treated fairly, offered simple and consistent complaints and redress processes, and can easily compare service offerings while ensuring they are not unfairly locked into contracts. The licensing framework will also ensure that organisations managing load through ESAs meet cyber security and grid stability requirements proportionate to the risk they pose to the system. Subject to an upcoming licensing consultation, we expect load control licence applications to open in 2026 and for the licence to come into effect in Autumn 2027; both Flexibility Service Providers (FSPs – being organisations entering into arrangements directly with a consumer) and load controllers will be required to hold a load control licence.

Close industry engagement is a key feature of the SSES Programme and our ESA Technical and Security Working Groups, run and chaired by the Department for Energy Security and Net Zero (DESNZ), have been important for informing policy options and direction in the development phase of the SSES Programme. Consistent with this collaborative approach and to ensure technical and security standards work for the sector, we plan to transition government-led governance activities for the programme to become enduring industry-led governance arrangements. These industry-led groups will support industry, regulators and the government working together to maintain and further develop technical and security frameworks and to protect the electricity system and safeguard consumer interests, including in light of technological innovation and emerging risks.

Following an objective and structured assessment of potentially suitable existing energy governance bodies to perform this role, we set out in the government response to our 2024 consultation our minded-to position for Elexon to deliver SSES Enduring Governance through the Balancing and Settlement Code. We are proposing Elexon deliver the SSES Technical and Security Governance Groups to maintain technical and security requirements as CLF (previously known as Demand Side Response) markets grow and evolve. These new groups will be required to work closely with DESNZ, the Office of Gas and Electricity Markets (Ofgem) and the Office for Product Safety and Standards (OPSS) who will maintain their respective legislative, regulatory and enforcement responsibilities.

This consultation follows on from the 2022 [footnote 6] and 2024 [footnote 7] consultations on ‘Delivering a smart and secure electricity system’ and focuses on proposals for Enduring Governance. The proposals in this consultation are separate from those relating to Time-of-use Tariff Data Interoperability which will require energy suppliers to comply with a tariff data specification set out in the Retail Energy Code. The proposals in this consultation concern wider SSES Enduring Governance functions and structures, specifically the running and purpose of the SSES Technical and Security Governance Groups.

This consultation is seeking views on:

  • our minded-to position for Elexon to deliver SSES Enduring Governance through modifications to the Balancing and Settlement Code (BSC);
  • the technical and security governance functions to be delivered by the SSES Technical and Security Governance Groups;
  • the proposed membership arrangements for the SSES Technical and Security Governance Groups;
  • cost recovery proposals for Elexon to deliver the Enduring Governance functions;
  • the proposed code modifications to the Balancing and Settlement Code (Annex A – linked alongside this consultation).

Subject to the outcomes of this consultation and final government decision, we intend to implement the code modifications required for Elexon to deliver the SSES Technical and Security Governance Groups in early 2026. This would enable Elexon to sufficiently prepare prior to the groups being operational from mid-2026.

Introduction

As set out in the Clean Power 2030 Action Plan, [footnote 8] a significant increase in clean flexibility is critical to reaching Clean Power in 2030. The Clean Flexibility Roadmap published on 23 July 2025 [footnote 9], is a critical milestone in the government’s Clean Energy Superpower Mission. The Roadmap sets out the government’s vision for flexibility and how we will deliver it. It contains actions for DESNZ, other government departments, Ofgem, NESO and key industry bodies, and crucially establishes a governance framework, so that all parties deliver on their actions. A key element of the Roadmap is setting the pathway for increasing consumer-led flexibility (CLF) which involves the voluntary shifting of electricity use to times when supply is more abundant, cheaper, and cleaner, and away from peak periods.

Deployment of CLF [footnote 10] could not only cut bills for consumers but minimise the amount of more costly generation and associated network infrastructure that needs to be built, whilst maintaining security of supply.

The electrification of heat and transport is increasing demand on electricity networks, while Great Britain’s growing use of renewables means that energy supply is more variable. These changes pose challenges for the operators of the GB’s electricity systems who are responsible for making sure demand does not exceed the capacity of local distribution networks. One way in which the National Energy System Operator (NESO) and Distribution Network Operators (DNOs) (in their capacity as Distribution System Operators (DSOs)) are meeting these challenges is by procuring flexibility services, reducing the requirement for costly infrastructure investments. Energy suppliers can also benefit from an increasingly flexible network by being able to support their wholesale market positions.

The SSES Programme is creating the technical and regulatory frameworks to increase flexibility available to the network and help consumers access cheaper electricity. Through optimisation of the charging of an electric vehicle, heat pump or battery, a consumer can choose for it to be charged, ready for when they need it, using cheaper electricity available outside of peak hours of demand. The SSES Programme empowers consumers to participate in CLF by putting in place key consumer protections that can help give consumers confidence to take part. The consumer is currently rewarded for the flexibility provided to the grid by receiving financial rewards such as discounts on bills or vouchers. The financial benefits of flexibility on offer to consumers reflect the benefits to the wider electricity system which in turn benefits all consumers by lowering system costs.

Transitioning to a clean, flexible electricity system will bring numerous benefits. The energy system will become more cost-effective by utilising low-cost renewable energy. By using flexibility to reduce peak demand and distributing sources of generation, we will require less grid infrastructure, which will help to minimise consumer bills. It can therefore help Great Britain to reach clean power in a cost-effective way with reduced need for new infrastructure. For example, an average-consumption household with an electric vehicle could save around £330 [footnote 11] annually by smart charging on a time-of-use tariff when compared to a static one, and switching from a gas boiler to a heat pump on a smart tariff can generate up to £250 [footnote 12] of savings per year.

To make sure the technical and security requirements of ESAs continue to meet the evolving needs of industry and government’s policy objectives, we plan to establish industry-led governance arrangements to manage these considerations and recommend any changes to government and regulators. These arrangements will support industry, regulators, and the government to work together to protect the electricity system and safeguard consumer interests. This will provide an important opportunity for industry to support the shared objectives of ESA technical interoperability, maintaining security standards and ensuring grid stability and cyber security. Industry will be at the forefront of a growing CLF sector and implementing the technical and security requirements set by government, therefore industry taking a key role in maintaining these requirements with oversight from regulators and government is critical to ensuring an agile and thriving sector.

In our 2025 government response to the SSES 2024 consultation we reiterated that governance for the SSES Programme is to be managed in three phases:

  • ‘Development’ phase (present) – the period immediately following the SSES July 2022 consultation, during which future governance arrangements and plans are being designed and mobilised.
  • ‘Transition’ phase (2026 to mid-2029) – the period during which ESA specifications, assurance schemes, central services and contractual arrangements will be established in full. The transition stage goes to mid-2029 and we expect the load control licence to come into force during this period.
  • ‘Delivery’ phase (mid-2029 onwards) – the long-term arrangements during and after the manufacture and sale of compliant ESAs, during which standards and contractual arrangements need to be maintained. ESAs need to demonstrate compliance, and additional security requirements may need to be implemented and maintained depending on interoperability requirements.

Our 2025 government response also set out that we would consult further on delivering governance through SSES Technical and Security Governance Groups. There was overall support for the proposals set out in the 2024 consultation but a general view that further detail on the functions and model of governance was needed.

This consultation follows on from the 2022 and 2024 consultations on ‘Delivering a smart secure electricity system’ and focuses on proposals for Enduring Governance. Consultations on other elements of the SSES Programme such as first phase ESA regulations and the load control licence will be launched later this year.

Section 1 - Governance Body Proposals

As we move into the transition phase of the SSES Programme we require a governance structure to be in place to begin to deliver the required technical and security governance functions. This will ensure that technical and security standards can be developed and maintained in an evolving sector as our first phase ESA regulations come into force. [footnote 13]

The 2024 consultation set out that we were considering whether delivering Enduring Governance through a new or existing body would provide better outcomes. In our response to this consultation, we set out that in light of the live code governance reform project being undertaken by Ofgem and government, adding a new body or code to the energy regulatory landscape would not be suitable at this time. This conclusion aligned with responses to our 2022 consultation that raised concerns about the potential costs and complexity of establishing new governance bodies or codes.

Energy codes set out the detailed rules of participation in the gas and electricity markets, underpinning market operation. Energy code reform [footnote 14] aims to ensure that the codes can respond to the significantly changing sector, enabling change to be delivered more efficiently and effectively in the interests of consumers, and to support the transition to net zero. Newly appointed code managers, selected and licensed by Ofgem, will be responsible for governance of the codes. Ofgem has consulted on its process and criteria for selecting code managers, and in March 2025 published its determination to select the code manager for the Balancing and Settlement Code on a non-competitive basis. [footnote 15]

Our government response to the 2024 consultation set out our minded-to position for Elexon to deliver the necessary Enduring Governance functions to maintain and supervise these standards and requirements through modifications to the Balancing and Settlement Code (BSC). This followed an objective and structured assessment of the suitability of National Energy System Operator (NESO), Elexon (BSCCo), the Retail Energy Code Company (RECCo) and the Smart Energy Code Company (SECCo) to deliver SSES Enduring Governance functions through their existing codes or licences. These organisations were in scope of this assessment process due to synergies with their current roles within the energy sector and for being not-for-profit entities. [footnote 16] We assessed these bodies against the following criteria:

  • relevant expertise and synergies – how well current roles, stakeholders, and objectives map with SSES governance functions
  • stakeholder management – ability to manage a range of stakeholder interests and the overlap between SSES stakeholders and the organisations’ existing stakeholders
  • ability to recover costs efficiently and fairly – previous experience of being able to recover costs independently and efficiently
  • freedom from any unmanageable conflicts of interest – to avoid perception of bias
  • feasibility – proportionate use of our Section 245 Energy Act (2023) powers to modify licences and codes for the purpose of facilitating load control [footnote 17]

This assessment process was delivered through three stages:

  • engagement with NESO, RECCo, SECCo and Elexon to gather their views on the suitability of their organisation to deliver SSES Enduring Governance including written responses to questions based on the criteria
  • engagement with wider stakeholders through our existing ESA Technical Working Group and ESA Security Working Group as well as our SSES Industry Advisory Group to gather views on the suitability of candidate bodies and receive feedback on our approach to implementing Enduring Governance
  • desk-based research on the suitability of the candidate bodies in relation to the defined criteria

We are proposing Elexon leads on SSES Enduring Governance on a not-for-profit basis based on the information gathered as part of our assessment of candidate governance bodies which is set out below.

Relevant expertise and synergies

Elexon manages the BSC which governs the electricity balancing and settlement arrangements in Great Britain. Our assessment showed there were strong synergies between Elexon’s current roles as set out in the BSC and the SSES Enduring Governance functions. These include:

  • market facilitator for distributed flexibility. This role will see Elexon work with Ofgem, NESO, energy suppliers, FSPs, load controllers, and DSOs to create more open, co-ordinated, and transparent local flexibility markets, and to align local and national flexibility markets. The objective of this role is to promote market growth in flexibility, including by removing barriers to growth in NESO and DSO flexibility markets. This role has relevance to SSES, given the focus on flexibility, and requires Elexon to engage and co-ordinate similar stakeholders.
  • flexibility market asset register (FMAR). Elexon is the delivery body for providing a common registration system for flexibility assets (such as ESAs) across DSO and NESO markets to support market participation in flexibility markets. The aim of the FMAR is to enable the widest possible participation of smart and flexible assets, including ESAs in scope of the SSES programme.
  • overseeing and reviewing Codes of Practice (CoP). The CoPs are a set of documents which detail the technical requirements for the Metering System used to measure and record electrical energy flows, primarily for balancing and settlement of electricity in Great Britain. Although the objectives are different, Elexon’s experience of overseeing technical CoPs is relevant to some aspects of the SSES Technical Governance Group. Elexon takes a similar approach to that required for SSES Enduring Governance in that the default approach is to use established standards where appropriate. Through this role Elexon has developed relationships with manufacturers of electric vehicle charge points and OPSS on meter compliance issues, both of whom are key SSES stakeholders.
  • compliance testing of asset meters to confirm they function in compliance with the relevant CoP(s). Elexon’s role is setting out the responsibilities of manufacturers and Data Collectors and providing guidance notes and delivering certain roles itself, including: agreeing test laboratories, witnessing protocol tests, reviewing test results, providing certificates, and notifying new approvals to industry. This has synergies with the proposed functions for the SSES Technical Governance Group.

Of the seven BSC Objectives our SSES Enduring Governance proposals align most with the following two:

  • (b) The efficient, economic, and co-ordinated operation of the National Electricity Transmission System
  • (c) Promoting effective competition in the generation and supply of electricity and (so far as consistent therewith) promoting such competition in the sale and purchase of electricity

Stakeholder management

As set out above, Elexon has a broad range of roles which requires engagement with a breadth of stakeholders both for the purposes of code administration and delivering its other roles. This includes key stakeholders such as ESA manufacturers, OPSS, NESO, DNOs and independent aggregators (who participate in the Balancing Mechanism and are signed up to the BSC as Virtual Lead Parties, some of which are likely to become licensed once the load control licence comes into effect).

As part of our assessment, we engaged SSES stakeholders to gather views on the suitability of Elexon to deliver SSES Enduring Governance. Overall, stakeholders expressed that Elexon would be suitable for delivering the SSES Technical and Security Governance Groups although some raised concerns that Elexon is taking on many new roles and therefore may not have capacity to take on new responsibilities. We have considered responses received and believe that as the SSES Technical and Security Governance Groups are not due to be operational until mid-2026, this is sufficient time for Elexon to bring in the required resource to carry out this role within this timeframe. Elexon have confirmed they would be able to deliver the groups from mid-2026.

Freedom from any unmanageable conflicts of interest

Elexon is of a size where mitigations for conflicts of interest (or financial separations) can be implemented if needed. At this stage, we do not anticipate this being necessary for this role due to no conflicts of interest being identified.

Ability to recover costs efficiently and fairly

Elexon is funded by BSC code parties which are some of the main beneficiaries of the SSES Programme due to the increase in energy flexibility available to the network. This enables cost recovery mechanisms to effectively target those organisations who are receiving services and benefits through the delivery of the SSES Technical and Security Governance Groups. Proposed cost recovery mechanisms are set out later in this consultation.

Feasibility

Our assessment concluded that there was sufficient alignment between the existing objectives of the BSC and the intended SSES Enduring Governance functions to enable us to utilise our Energy Act 2023 Section 245 Powers to modify the BSC for the purposes of facilitating load control.

Assessment of the suitability of other bodies

NESO, RECCo and SECCo were candidates in our assessment of suitable governance bodies due to the overlap between their objectives and codes or licence and the functions we require the governance body to deliver. They were also in scope of the assessment due to being not-for-profit entities.

As part of our assessment of suitability, the in-depth and structured conversations we held with NESO, RECCo, SECCo and Elexon were all informative and valuable. This section sets out the high-level comparative outcomes of our assessment exercise.

NESO

NESO, established in October 2024, is an operationally independent and impartial body with responsibilities across both the electricity and gas systems for driving progress towards net zero while maintaining energy security and minimising costs for consumers.

During the assessment process we felt it was important that the proposed governance body had strong alignment between their objectives and current delivery model and the SSES Enduring Governance delivery framework. Our assessment demonstrated that NESO’s existing roles and responsibilities, being as overarching and strategic as they are, were not as closely mapped onto the proposed SSES Enduring Governance functions as Elexon’s. Consistent with our Programme objectives that SSES Enduring Governance should be suitably embedded into an existing industry code, we assessed that the codes NESO currently govern would not be an appropriate fit.

NESO’s role and remit means it has a strong stake in the successful delivery of the SSES Programme [footnote 18] and of the security and grid stability functions carried out by the SSES Security Governance Group. As set out in the membership section of this consultation, we are proposing NESO have a seat in the SSES Technical and Security Governance Groups.

SECCo

The Smart Energy Code (SEC) sets out the rights and obligations of energy suppliers, network operators, and other relevant parties involved in the management of smart metering in Great Britain.

As part of our assessment, we recognised SECCo’s unique relevant experience in delivering technical and security sub-committees to ensure the interoperability and security of smart meters in consumers’ homes. This was also reflected in stakeholder feedback we gathered as part of our assessment and in our 2024 SSES consultation on security governance.

The assessment also demonstrated that SECCo’s role and subject matter focus on Smart Metering are likely to differ from the broader range of SSES governance stakeholder interests. This conclusion was consistent with a number of responses to our 2022 consultation which set out concerns not only about the lack of synergy between the SEC and the broader scope of a new SSES framework and thus the scale of change that would be required for the SEC, but also the potential detrimental impacts to smart metering delivery and SECCo’s important role in that. 

RECCo

RECCo’s objectives are to facilitate the efficient and effective running of the retail energy market, including its systems and processes, through promoting innovation and competition and delivering positive consumer outcomes. The government response to our 2024 consultation confirmed that RECCo will be responsible for delivering governance for the important tariff data interoperability element of the SSES Programme. This responsibility was a factor in our wider consideration of the suitability of RECCo to deliver the full range of SSES Enduring Governance functions as covered in this consultation, especially in relation to the ‘relevant expertise and synergies’ assessment exercise criterion.

Our view is that there is no essential reason that one existing code and organisation should deliver the full suite of SSES workstream governance given the various requirements for SSES delivery compared to the roles and responsibilities across code bodies. The assessment concluded that while the REC and the SSES Programme have a strong alignment on achieving positive consumer outcomes, there is less relevant overlap between the REC and wider flexibility market considerations key to the success of the SSES Programme.

Summary

We are proposing Elexon delivers SSES Enduring Governance through modifications to the BSC setting out the functions of this role. Our assessment showed their existing roles and stakeholders are well aligned with SSES, and Elexon would therefore be able to bring this experience into their delivery of the SSES Technical and Security Governance Groups and support a co-ordinated flexibility market.

We recognise that the impacts of the SSES Programme are wide-reaching across a multitude of existing energy governance arrangements. We acknowledge that NESO, RECCo and SECCo will have an interest and stake in the SSES Enduring Governance functions being delivered. Input from NESO, RECCo and SECCo in their respective areas will be very important to ensure the successful establishment of these groups. We would expect Elexon to engage with NESO, RECCo and SECCo and other relevant energy governance bodies throughout the transition and delivery phases of SSES governance.

1. Do you agree that the Balancing and Settlement Code administered by Elexon is the most suitable code to house SSES Enduring Governance functions?

Section 2 – Governance Functions

Governance Model

In our 2024 consultation, we proposed SSES Enduring Governance be delivered through Technical and Security Governance Groups. This received a high level of support and in our government response we confirmed governance will be delivered through this model. The diagram below sets out how we are proposing this model be adopted by Elexon to ensure the smooth delivery of these groups. Each group will be required to have representation from government, regulators and industry to ensure a range of voices are incorporated into the decision-making process and that decisions taken are in line with government objectives for SSES and the wider energy sector.

The SSES Technical and Security Governance Groups would have the ability to set up sub-groups or review groups as and when required to ensure a broader range of views are captured into the decision-making process.

As set out earlier in this consultation, governance will continue to be delivered in phases, we are proposing the following activities for each stage:

  • development phase (present): Governance will continue to be delivered in the form of the government-run ESA Technical and Security Working Groups focusing on policy design and development.
  • transition phase (2026 to mid-2029): Government will make a first modification to the BSC in early 2026 to enable Elexon to set up and run the SSES Technical and Security Governance Groups carrying out the functions set out later in this consultation. We will expect the activities of the ESA Technical and Security Working Groups currently led by government to transition to the SSES Technical and Security Governance Groups run by Elexon near the beginning of this phase. The government-run ESA Technical and Security Working Groups will close after the SSES Technical and Security Governance Groups are deemed by government to be fully operational. Government and the SSES Security Governance Group will continue to consider during the transition phase whether additional security requirements will be required. We expect to hand over full responsibility to Elexon for technical and security aspects of SSES Enduring Governance only once a target operating model with clear lines of responsibilities between government, regulators and industry has been established. The SSES Technical and Security Governance Groups will only become binding once consent has been given by the Secretary of State.
  • delivery phase (mid-2029 onwards): SSES Technical and Security Governance Groups to continue to function as in the transition phase; however, following load control licensees becoming licensed and second phase ESA regulations coming into force, government may make a further modification to the BSC to reflect this change and include load control licensees in cost recovery arrangements as appropriate. This second modification could also take into account any lessons learned from the transition phase of SSES Enduring Governance and provide an opportunity to modify the BSC to reflect this evaluation. Any further government-implemented code modifications for the delivery phase will be consulted on separately.

This phased approach to governance is due to the recognition that the load control licence will not be in place until the middle of the transition phase and other requirements impacting the functions of the groups will not be in place until our second phase ESA regulations come into force in 2029. Therefore, the SSES Technical and Security Governance Groups may not be delivering their full range of intended functions until mid-2029 as they require wider input from load control licensees (outside of group membership) or are impacted by second phase ESA regulations.

We are aware of the ongoing code governance reform work being undertaken by government and Ofgem to ensure code governance structures are set up to deliver the proactive foresight and co-ordination that will be needed to meet the challenges of the evolving sector. The work being undertaken by Ofgem and government on code reform will include the introduction of a code manager licence for the BSC and consideration will be given to how associated sub-committees are governed. We are working closely with Ofgem to ensure we are aligned as much as possible on the interactions between introducing Enduring Governance structures for SSES and code governance reform objectives and timelines. We will work closely with Ofgem to ensure that the BSC code modifications needed to put these SSES Enduring Governance arrangements in place can be achieved as part of the transition to the new code governance framework being implemented.

The following section of the consultation considers the functions and membership of the SSES Technical and Security Governance Groups; however, we will seek to align where we can with decisions taken on code governance reform where appropriate.

Elexon’s Responsibilities

Subject to the outcome of this consultation, Elexon’s role would be to oversee the administration of the SSES Technical and Security Governance Groups, and would include:

  1. providing secretariat responsibilities – ensuring SSES Technical and Security Governance Groups are scheduled with an agenda that reflects the functions of each of the groups. This would include administrative responsibilities such as taking notes and actions in the meetings and distributing them to group members or wider stakeholders where appropriate such as to any sub-groups.

  2. facilitating stakeholder engagement sessions – providing a format for industry engagement for all relevant stakeholder groups. This could include: participation by industry representatives in the governance itself; stakeholder engagement exercises such as sub-groups with wider stakeholder membership; and through the production of guidance documents and other supporting materials for the technical framework.

  3. procurement of services – there may be instances where the SSES Technical and Security Governance Groups are required to procure services, for example if testing of devices is required. Elexon would be responsible for procurement on behalf of the groups. This includes management of any procured services.

  4. considering implications on the wider flexibility market – Elexon’s other roles will enable them to have an understanding of the implications of decisions of the SSES Technical and Security Governance Groups on the wider flexibility market and vice versa, and to provide this insight to the groups where required.

  5. supporting membership arrangements – facilitating the nomination process for both the chair and the wider SSES Technical and Security Governance Group membership ensuring any non-BSC Parties such as manufacturers can take part in this process.

  6. cost recovery arrangements – providing a funding mechanism to support the activities of the SSES Technical and Security Governance Groups.

Overarching SSES Governance Group Functions

For both the SSES Technical and Security Governance Groups there will be formalised terms of reference to govern the groups and its membership selection (through open nomination and, if multiple candidates are nominated, voting). We expect the terms of reference for both groups to be subsidiary documents under the BSC and to only take effect once consent has been given by the Secretary of State. Membership of the groups would be on a voluntary basis and there will be a requirement for members to act independently and impartially of their employer whilst bringing expertise from their relevant sector. We expect representatives to be able to vote to change the terms of reference as needed.

We recognise that having input from the wider sector, beyond just those nominated as group members, will be important in ensuring decisions taken by the group factor in wider stakeholder engagement. We therefore expect the SSES Governance Groups to have the ability to set up and utilise sub-groups or review groups, as required, to facilitate this.

The chairing arrangements for the SSES Technical and Security Governance Groups are set out below:

  1. In the transition phase, government will assign (and potentially re-assign if applicable) chairs of the SSES Technical and Security Governance Groups.

  2. In the delivery phase, there will be an industry-led nomination process for the chairs of both groups, and government will have final approval of the appointment of SSES Security Governance Group chair.

  3. Government will be able to alter the chairing arrangements in either group in both the transition and delivery phases.

The detailed arrangements for the chairs of the groups will be set out in the terms of reference. The membership of the groups will include non-voting members from government and regulators to ensure they are kept informed of the activities of the group. They will not be able to vote to ensure the group’s activities continue to be industry-led. We expect these non-voting members to be required to provide any policy directions or regulatory steers during group meetings as and when required.

The groups will be responsible for owning and maintaining various documents. We expect that the documents the groups will manage will be a mix between Code Subsidiary Documents (CSDs) under the BSC (subject to the established BSC Change Process for CSDs with additional government oversight), as well as documents which will be subject to a bespoke change process. Government and/or regulators will reserve the right to have the final approval on changes to documents owned by the Security Governance Group. For the Technical Governance Group, we are proposing government and/or regulators will have final approval over any recommended changes to the companion specification.

We expect the SSES Technical and Security Governance Groups to be set up and active from mid-2026. This is subject to consent from the Secretary of State for these groups to become active and the required terms of reference documents for the groups, target operating model and CSDs being finalised.

Quorum

To ensure fair and effective decision-making, the SSES Technical and Security Governance Groups will only conduct business if a quorum is present. The quorum for each meeting shall be at least half of the appointed members, one of whom must be the chair or the chair’s nominated alternate.

Nomination process for SSES Governance Groups

Subject to the outcome of this consultation, we will work with Elexon to develop a process whereby there are nominations for the available seats on the SSES Technical and Security Governance Groups. We recognise manufacturers are not party to the BSC; however, we will ensure this process includes a mechanism whereby manufacturers are able to participate in this nomination process. We expect there would be a two-year term limit for all members, though members can be voted in for subsequent terms.

It is worth noting that the composition of each group has been proposed to reflect their core objectives. Both groups will include stakeholders from across the wider energy network to ensure a holistic approach to cyber security and technical interoperability.

We expect that the chairs of the SSES Technical and Security Governance Groups will have the ability to invite non-members to the groups as and when necessary, depending on the business the group is conducting.

2. Do you agree with the suggested term limit of two years for the SSES Technical and Security Governance Group members?

SSES Technical Governance Group

Domestic CLF requires a complex set of functions to work together to improve the efficiency and resilience of Great Britain’s (GB) electricity network and pass on savings to consumers. Therefore, a system of ongoing industry-led governance is required to ensure that the technical framework needed to support interoperable CLF is maintained in a way that continues to meet the evolving needs of industry and government’s policy objectives, and to aid in the co-ordination of industry, government, and regulators. This will ensure technical requirements for ESAs are maintained as the sector evolves and that interoperability objectives continue to be met.

The technical framework is likely to comprise the following technical regulation and guidance:

Technical Regulation: GB Interoperable CLF Companion Specification (CS)

The CS is expected to set out:

  • which requirements from open standards and protocols must be implemented
  • which requirements from open standards and protocols must not be implemented
  • additional guidance for requirements from open standards and protocols
  • additional requirements where standards and protocols do not contain them
  • testing/ assurance approaches (including, as appropriate, test scripts/specifications)

Technical Guidance: Informative Design Documents

  • business architecture design document – setting out how different business models are facilitated (made interoperable) by the CS
  • technical architecture design document – setting out how different protocols are used between ESAs and flexibility service entities
  • plain language schema – setting out the commands and data items used to select and maintain open standards in the CS

The content of the CS will be driven by functional requirements (e.g. randomisation) and the plain language schema (commands and data items needed for interoperable CLF) which is being developed with industry input. The plain language schema is being designed to be business model agnostic, so the standards and protocols the CS references will be as consistent as possible with the prevailing business architectures.

The plain language schema will be used to assess and maintain the suitability of existing standards and protocols to deliver domestic interoperable CLF. Following the conclusion of this assessment, and further input from industry, we will decide which standards and/or protocols will be referenced in the companion specification: for example, the Open ADR 3.x series, [footnote 19] OCPP, [footnote 20] OCPI, [footnote 21] a revised PAS 1878:2021 [footnote 22] or any other relevant standard or protocol that emerges (such as from Project Mercury). [footnote 23]

The suitability assessment will also help government decide the level of detail the CS will need to include - for example, whether the CS can point to existing standards and/or protocols, or if in addition to this, it will also need to set out guidance on how to implement the standard and fulfil other necessary technical requirements.

A number of standards and/or protocols may be referenced in the CS, but for the avoidance of doubt, for a given ESA type there will be no optionality in what minimum requirements must be implemented. The more standards and protocols that are referenced, the more co-ordination and work there will need to be in managing the CS. The SSES Technical Governance Group’s responsibilities would include regularly reviewing the business architecture design, technical architecture design and plain language schema - which the technical requirements of the framework are based on. It would also include reviewing and suggesting modifications to the CS.

We have considered the following options for how the CS could be managed:

Option 1 – Standard Code Subsidiary Document Change Process [footnote 24] Option 2 – Bespoke Change Process
Description The standard process for modifying the BSC requires Authority (Ofgem) approval. This is different to the process for modifying code subsidiary documents. The companion specification would be managed in the usual current way code subsidiary documents are managed: via Change Proposals (CP).  The CP procedures are overseen by the BSC Panel and do not require Authority approval. Changes brought about by code reform may impact this process. The companion specification would be a subsidiary document of the BSC but there would be bespoke arrangements to manage changes to the specification.
Who owns the document? SSES Technical Governance Group SSES Technical Governance Group
Who can raise a change request? Any interested persons Any interested persons
How will you make sure there is a robust consultation process with affected stakeholders before changes are made? Before the SSES Technical Governance Group decides (option 1) or makes a recommendation (option 2) to accept a change there will be a public consultation on the proposed changes. Before the SSES Technical Governance Group decides (option 1) or makes a recommendation (option 2) to accept a change there will be a public consultation on the proposed changes.
Who decides whether to make a change? SSES Technical Governance Group Government and/ or Regulators
How long will the change process take from a change request being raised to a decision being taken? It depends on the nature of the change request, but it would usually take less than a month for an assessment of the change request, one month consultation, and then between one to two months for the SSES Technical Governance Group to decide. It depends on the nature of the change request, but it would usually take less than a month for an assessment of the change request, one month consultation, then between one to two months for the SSES Technical Governance Group to make a recommendation, and then between one to two months for Government and/or Regulators to decide.
How long would the implementation period be for changes? As part of the consultation process on proposed changes, impact assessment questions would be asked which would inform recommendations around implementation timelines. As part of the consultation process on proposed changes, impact assessment questions would be asked which would inform recommendations around implementation timelines.

Domestic CLF is a nascent sector, and we expect there to be a high level of change in devices and services over time due to falls in the cost of technologies and due to innovation. For example, future iterations of the technical requirements may include Home Energy Management Systems (HEMS) and Vehicle to Everything (V2X). We think industry is best placed to advise on what technical updates are needed because it understands best and first-hand what the challenges and opportunities are. However, as the CS will be mandated through legislation, this process requires oversight from government and/or regulators to make sure that innovation can be delivered at the lowest cost whilst protecting consumers and minimising risks to the electricity system. Therefore, our minded-to position is to proceed with developing Option 2 – a bespoke process for managing the change process. Government will continue to work with industry to ensure that the CS is maintained in a way that meets policy objectives - interoperability, data privacy, security, and grid stability.

3. Do you agree that the business architecture design, technical architecture design, plain language schema and the GB Interoperable CLF Companion Specification should be managed by the SSES Technical Governance Group? If you disagree, please provide information on how these documents should continue to be managed.

4. Do you agree that government and/or regulators should make the final decision on changes to the companion specification? Please explain your answer.

Technical Governance Functions

As mentioned above, we envisage the technical and regulatory framework for interoperability for ESAs to comprise a CS that will point at existing standards (including which parts of them to use/not use), as well as any additional requirements that do not exist in current standards.

The key functions the technical governance would need to deliver include:

1. reviewing the technical framework – ensuring that the technical framework remains aligned with the Policy Principles set by government, suggesting modifications where this may no longer be the case, and reviewing the outcomes of revision processes to ensure that the development of the framework continues to meet government objectives.

2. considering the addition of new documents to the technical framework – this could be through a gap analysis within the technical framework as the sector evolves, or through the assessment of newly developed documents (such as new technical standards). This could also be conducted if new requirements or policy proposals arise. Once government and/or regulators decide that a document should be included within the technical framework, the governance system will need to work with government to make the case for the document to be added to it.

3. maintaining any assurance regimes – an appropriate and proportionate approach to assurance will be necessary to ensure consumers, industry and government can be confident that interoperability requirements are being met. There could be a role for the Technical Governance Group in developing, operating and/or maintaining the assurance regime - for example, the design and potential operation of dispute resolution for any alleged non-compliance. Assurance requirements will be further developed in future consultations.

5. Do you agree that the SSES Technical Governance Group should have a longer-term role in assurance and testing?

Membership of the SSES Technical Governance Group

We will ensure that all groups affected by the technical framework, such as consumers, manufacturers and load controllers are represented by the membership of the SSES Technical Governance Group. This will ensure that any impacts arising from proposed changes are fairly assessed in a balanced way. We have taken on board feedback from consultation to date on suggested membership, such as needing to ensure consumer interests are represented and that industry representation is not limited to that provided by trade bodies.

Given the SSES Technical Governance Group will be performing similar functions to those of the Technical and Business Architecture Sub-committee under the Smart Energy Code, we propose that it is a good model to follow to ensure effective governance.

Seat allocation

We are proposing that the Technical Governance Group is comprised of nine voting members along with an independent chair. Please see below for a breakdown of the membership and seat allocation:

  • An independent chair (government assigned during the transition period)
  • Three manufacturers: these could be organisations and/or trade bodies
  • Three load controllers: these could be organisation and/or trade bodies
  • One network party i.e. a DNO or a DSO
  • One representative from NESO
  • One consumer interest group representative
  • One representative from a relevant standard body (Non-voting)
  • One government representative (Non-voting)
  • One OPSS representative (Non-voting)
  • One Ofgem representative (Non-voting)

6. Do you agree with the categories for seat allocation and the suggested split of seats for the SSES Technical Governance Group?

7. Do you have any other reflections on the proposed governance structure for the SSES Technical Governance Group?

SSES Security Governance Group

Ahead of the load control licence and first phase ESA regulations coming into force (approx. Autumn 2027 and end of 2027 at the latest respectively), a holistic and strategic approach to security governance is needed to: maintain and update critical security documentation and keep under review the need for additional security requirements; co-ordinate and support cyber security assurance regimes for organisations and devices; and provide cyber security advice and support to the sector.

Enforcement of non-compliance would fall under the remit of Ofgem (for organisations) and OPSS (for devices), following the precedent set by the Smart Energy Code Security Sub-committee. In this context, non-compliance refers to failures to meet the security requirements outlined in the ESA regulations (which OPSS will enforce) and/or the relevant load control licence conditions and/or requirements on load controllers set out in subsidiary documents of the BSC as appropriate (which Ofgem will enforce).

To reduce the operational burden on the regulators, this model proposes that both Ofgem and OPSS participate in the SSES Security Governance Group along with DESNZ to provide strategic oversight as to the security assurance approach. Large Load Controllers managing 300MW and above will be designated Operators of Essential Services under the Network and Information System Regulations 2018, and will be regulated by Ofgem.

Government would maintain overall oversight of the group and would expect to retain certain powers in terms of mitigating any potential Critical National Infrastructure (CNI) or national security risk and ensuring public interests are adequately protected. NESO would be a permanent member of the group. The National Cyber Security Centre (NCSC), whilst not a member, would be invited where their input into the group was required and kept informed with regular updates.

Security Governance Functions

1. monitor existing, and propose new, cyber security, Internet of Things (IoT) and grid stability standards and requirements: Monitor the development of new and existing cyber security, IoT and grid stability standards across devices, organisations, and systems both domestically and internationally and ensure these are considered, where appropriate. This includes providing support and advice concerning any draft proposal or modification of existing policy that may affect the security of in-scope organisations (specifically load controllers managing in aggregate load below 300MW), devices and systems, or the effective implementation of the security controls being implemented.

2. maintaining threat and risk assessments: Develop and maintain Threat and Risk Assessments, as well as continued monitoring of any Risk Treatment Plans, to ensure these are updated at least annually, and when material changes have occurred to the threat and risk landscape. This is to monitor material changes in security risks and threats and ensure that security requirements are appropriate to mitigate the identified security risks and threats.

3. maintaining other key security documentation: Develop and maintain the following additional security documentation to ensure it is updated periodically and mitigates identified security risks: Trust Modelling, CLF Security Architecture, propose amendments to Security Requirements, Accompanying Guidance alongside organisational and device requirements. All of this documentation will be maintained by the Security Governance Group; however, Ofgem, OPSS and DESNZ via permanent group membership will ensure they have oversight and access to such documentation as appropriate. To note, this does not include maintaining the Cyber Assessment Framework (CAF) profile that load control licensees will be required to meet, which will be owned and maintained by DESNZ.

4. supporting OPSS with a security assurance regime for ESAs: Note, there is currently no mandated requirement envisaged for the first phase ESA regulations on manufacturers/importers for third-party testing or assurance for ESAs under the ESA regulations. OPSS may choose to use the SSES Security Governance Group to support with compliance and assurance activities, such as procuring test labs to assess self-assessment submissions, where appropriate and where OPSS sees fit. This may also include, but not be limited to, developing and maintaining relevant documentation to ensure the assurance process remains fit for purpose. OPSS remains responsible for the enforcement for ESA devices.

5. supporting Ofgem with the audit and assurance regime for organisations in scope of the load control licence: Annual CAF returns should be submitted to the Security Governance Group. On assurance, the Security Governance Group will support organisations to identify suitable third-party auditors, through the NCSC’s Cyber Resilience Audit (CRA) scheme. Where organisations fail to meet assurance requirements, the independent auditor will identify remediation needs. The licensee will be responsible for developing a remedial action plan to address these findings. The SSES Security Governance Group will oversee and monitor the remediation process, ensuring that appropriate actions are implemented and tracked. Ofgem will remain responsible for enforcement of the load control licence. Ofgem may seek to use the Security Governance Group to support them on governance and assurance activities as they see fit.

6. maintain key grid stability guidance and other required documentation: Ensure that the approach to devices, and load controllers’ responsibilities with regards to grid stability remains fit for purpose. This includes working with NESO stakeholders, monitoring the development of current and new innovations on grid stability parameters and providing support and advice concerning any proposal or modification of current policy which may affect the effective implementation of grid stability measures in scope of the ESA regulations and load control licence.

7. providing ad-hoc cyber security advice and support: Providing relevant regulators, government and industry with advice and support on cyber security matters related to CLF. This includes providing support and advice during a cyber incident either due to, or that affects, CLF, as requested.

We are proposing that the documents maintained by the Security Governance Group have a bespoke change process within the BSC, rather than following the usual change process. This is due to there potentially being instances where the documentation needs to be updated quickly and that government would retain overall authority on approving any changes. We anticipate the security governance documentation maintained by the group to be behind an authenticated log-in, rather than being publicly available.

Membership

The SSES Security Governance Group will consist of 12 voting members (excluding the chair). Subject to the outcome of Ofgem’s code reform consultation, the Group’s chair will be government-assigned during the transition period, with this position ultimately transitioned to industry to vote and appoint on an enduring basis. The chair will be responsible for overseeing the committee’s activities and ensuring independence from any particular party or class of parties. We would expect a nomination process to ensure members have the necessary security expertise and are vetted (ensuring they have completed a BS7858 security assessment or equivalent).

Industry stakeholders would be allocated a certain number of seats to ensure that a range of business impacts are appropriately considered. DESNZ, Ofgem and OPSS would each be given a (non-voting) seat in the Security Governance Group to ensure they are kept informed regarding the potential recommendations and decisions the Security Governance Group will be making he regulators will also provide insights on key themes that arise from previous enforcement action to help the group identify additional areas to focus on where possible. A greater level of industry control is desirable as the objectives of the SSES programme will be taken forward and achieved by industry because of its first-hand understanding of the specific risks and challenges within the sector, with risks across the wider ecosystem identified through regular (at least annual) risk assessments.

DESNZ would maintain oversight of the Security Governance Group given its role as the lead government department for the energy sector and their ownership of any potential CNI risks from CLF. NESO would be a permanent member of the group given their wider responsibilities around grid stability. The National Cyber Security Centre (NCSC), whilst not a member, would be invited, as required, for their advice or guidance on national technical authority matters, and to be kept informed of relevant outputs. Please see below for a proposed breakdown of the membership and seat allocation:

  • An independent chair (government assigned during the transition period)
  • Three manufacturers
  • Six load controllers, representing both above and below the 300MW threshold, who manage the distribution and control of electrical loads in the energy system
  • Two network parties i.e. DNOs and/or DSOs
  • One NESO attendee, to provide a view on grid stability considerations
  • One Government representative (Non-voting)
  • One OPSS representative (Non-voting)
  • One Ofgem representative (Non-voting)

8. Do you agree with the proposed membership composition of the SSES Security Governance Group, including the number of members in each category?

9. Are the scope of the roles and responsibilities of the SSES Security Governance Group manageable and proportionate?

10. Should any responsibilities of the SSES Security Governance Group be added or removed?

Section 3 – Interactions with the Load Control Licence

Both FSPs (an organisation entering into arrangements with a consumer for load control) and load controllers will be required to hold a load control licence (although the licence conditions which they are subject to may vary depending on whether they are an FSP, a load controller, or both). There will be a condition in the load control licence for load control licensees (FSPs and load controllers) to be party to the code which houses the SSES governance functions. This will ensure they will be able to engage in the governance processes as required and can be captured in any relevant cost recovery arrangements.

Members of the SSES Technical and Security Governance Groups may have suggestions regarding updates to the load control licence as the sector evolves. The groups may put forward proposals for changes to government and Ofgem who could then consult on their implementation if deemed appropriate. We will work with Ofgem and wider stakeholders to develop further detail on how the SSES Technical and Security Governance Groups interact with load control licensees and Ofgem.

Section 4 – Implementation

For Elexon to deliver the SSES Enduring Governance role, the BSC would need to be modified extending Elexon’s remit to deliver the SSES Technical and Security Governance Groups and deliver the required functions. Modifications to the BSC will be implemented by the Secretary of State using modification powers under Section 245 of the Energy Act 2023.

In early 2026, subject to the outcomes of this consultation, we will insert transition phase code modifications into the BSC which will enable Elexon to legitimately undertake activities to set up and deliver the SSES Enduring Governance functions.

Transition Phase BSC Modification

This transition phase modification to the BSC is being consulted on as part of this consultation package and is linked alongside this consultation (Annex A). This modification would be inserted into Section C of the BSC which sets out the roles and responsibilities of Elexon (BSCCo). The proposed modification in Annex A sets out Elexon’s responsibilities including the establishment of the SSES Technical and Security Governance Groups and would not come into force until being designated by government.

We are expecting the detailed arrangements of the SSES Technical and Security Governance Groups to be set out in subsidiary documents to the BSC which as above, would not come into force until consent has been given by the Secretary of State. These documents will contain information on functions, membership arrangements of the groups and include documents that these groups will manage as described in this consultation. The subsidiary documents will align with the outcome of this consultation on the membership and functions of the SSES Technical and Security Governance Groups. The proposed modification sets out the required wording for these subsidiary documents to be established and their change process. We will work with Elexon, Ofgem and OPSS to develop the subsidiary documents to ensure roles and responsibilities between industry, government and regulators are clearly defined.

We are proposing that the SSES Technical and Security Governance Groups will be sub-committees under the BSC Panel. This is to ensure that the BSC Panel has oversight of both the groups and that it can provide any necessary directions and steers to maintain alignment between the two groups. This also goes with the direction of travel being set by code reform which is reviewing sub-committee arrangements to ensure they are in line with the outcomes of energy code reform which in part aims to standardise how codes operate. We appreciate that code reform could impact the arrangements proposed in the code modification and other elements of this consultation. We are working closely with Ofgem to ensure alignment where possible.

We recognise that not all SSES stakeholders are party to the BSC, such as ESA manufacturers. We have therefore included provisions in the modification that Elexon shall engage with interested SSES stakeholders who are non-BSC parties in arrangements, and that those not already party to the BSC could accede to the SSES Governance Framework if required.

To ensure the arrangements set out in the BSC for the delivery of the SSES Technical and Security Governance Groups continue to meet government objectives, we are proposing a requirement for government and/or Ofgem to consent to any further proposed BSC modifications to the SSES Arrangements in the BSC.

11. Do you agree with the proposed content of the BSC code modification set out in Annex A? If you disagree, please set out your reasonings and any suggested changes.

12. Do you agree the SSES Technical and Security Governance Groups should report into the BSC Panel (recognising the proposals in this consultation are subject to change following the outcomes of code reform consultations)?

Second Phase Implementation Arrangements

Once the load control licence and second phase ESA regulations come into force, government may make a second BSC modification for the delivery phase of SSES governance. This would include any subsequential amendments following the introduction of further device regulations, licensing of load controllers and FSPs, and introduction of enduring cost recovery arrangements. It may also contain updates to the transition phase modifications to reflect any learnings from the initial implementation of the SSES Technical and Security Governance Groups as well as any emerging issues as the sector evolves. 

Section 5 – Cost Recovery

Subject to the outcomes of this consultation, Elexon will be responsible for developing and maintaining technical and security governance arrangements to protect the security and stability of our electricity system and safeguard consumer interests. These activities will incur costs that will need to be recovered appropriately, we are estimating these costs to be approximately £1.7m per annum. The proposals outlined in this section refer only to the costs that would be incurred by Elexon in delivering SSES Enduring Governance subject to the outcome of this consultation.

Stakeholders have previously set out how any cost recovery approach should be simple and not create unnecessary, novel financial structures which require additional resources from Elexon to manage. We therefore propose that during the transition phase, the costs for setting up and developing the capabilities to deliver the role are treated as BSC Costs. [footnote 25] These costs are paid by BSC parties depending on their market role and the volume of energy they generate, supply or trade. This cost recovery mechanism would be in line with the approach taken when Elexon was appointed the Market Facilitator Role by Ofgem.

This approach would be the simplest to implement, reducing the administrative burden of Elexon having to design an alternative cost recovery mechanism for SSES against a backdrop of ongoing code governance reform by government and Ofgem, allowing functions to be set up at pace without being dependent on the timelines for this other wider work. This has the advantage of enabling the set-up and delivery of the SSES Technical and Security Governance Groups in 2026.

From the delivery phase, once the load control licence and second phase regulations come into force, government will review the cost recovery arrangements. It will consider how the costs of activities required to deliver the SSES Technical and Security Governance Groups could be recovered from the full range of parties benefiting from these arrangements, accountable for their successful delivery and incentivised to obtain value for money. For example, this will consider how load control licensees will be brought in scope of the cost recovery arrangements as they will share in the system-wide benefits the governance groups will bring.

Costs associated with Ofgem enforcement of the load control licence are not part of these proposals and will be included within the overall administration costs of Ofgem. We are continuing to work with Ofgem on the approach to recovering this distinct set of costs. We will be consulting later this year on the load control licence.

As we are proposing that the SSES Technical and Security Governance Groups are to be sub-committees of the BSC panel, we recognise that funding arrangements may be subject to the outcome of code reform and will work closely with Ofgem to ensure alignment on this.

13. Do you agree that the set-up costs during the Transition Phase for SSES Enduring Governance should be treated as BSC Costs, subject to review prior to the delivery phase?

Section 6 – Accountability

Elexon would be responsible for facilitating the SSES Technical and Security Governance Groups as set out in earlier in this consultation. This would be set out in the BSC to ensure they are accountable to code parties to deliver this. The direction of travel for the groups will be determined by the chair, therefore we are proposing that government retain the right to change any independent chair of each of the SSES Technical and Security Governance Groups if circumstances require, e.g. if the groups are not delivering the outcomes as intended or if there are concerns around impartiality. As the chairs of the SSES Technical and Security Governance Groups will have significant influence on the way they operate this will be a sufficient motivator to ensure the groups deliver in line with government expectations. This is in line with how the government holds the Security Sub-committee in the Smart Energy Code to account.

14. Do you agree that government reserving the right to change the chair is a sufficient method to hold the SSES Technical and Security Governance Groups to account for their activities?

Section 7 – Next Steps  

Subject to the outcome of this consultation we will continue to work closely with Ofgem, OPSS, Elexon and other industry stakeholders to develop a detailed target operating model for SSES Enduring Governance prior to full industry-led arrangements being established. This will include developing CSDs to the BSC, setting terms of reference for the groups and associated framework documents to deliver the arrangements, as well as laying out clear lines of responsibility for government, regulators, and industry as part of this. These will be consented to by the Secretary of State using Energy Act (2023) powers.

The timeline below sets out the expected dates for each of the key elements in the run-up to the launch of the SSES Technical and Security Governance Groups. Depending on the outcome of this consultation, we will implement the necessary code modifications into the BSC to enable Elexon to undertake this role in 2026. It also includes any deliverables from the SSES Programme after this date which may impact the work of the governance groups. We will work closely with Ofgem to ensure that we are aligned as much as possible with the code governance reform programme timings.

Activity Date
SSES Enduring Governance Consultation closes 29th September 2025
Aim to publish government response to this SSES Enduring Governance consultation End of 2025
Implement code changes to the BSC using Energy Act Section 245 Powers to give Elexon the responsibility for SSES Enduring Governance Early 2026
Any further stakeholder engagement prior to setting up the SSES Technical and Security Governance Groups February to May 2026
SSES Technical and Security Governance Groups Operational From mid-2026
Load Control Licence Applications Open From Autumn 2026
Load Control Licence in force From Autumn 2027
First phase ESA regulations in force By the end of 2027 at the latest
Second phase ESA regulations in force From mid-2029

15. Are there any key elements we are not including in the timeline which will need to be factored into our roll-out of SSES Enduring Governance?

Consultation questions

  1. Do you agree that the Balancing and Settlement Code administered by Elexon is the most suitable code to house SSES Enduring Governance functions?

  2. Do you agree with the suggested term limit of two years for the SSES Technical and Security Governance Group members?

  3. Do you agree that the business architecture design, technical architecture design, plain language schema and the GB Interoperable CLF Companion Specification should be managed by the SSES Technical Governance Group? If you disagree, please provide information on how these documents should continue to be managed.

  4. Do you agree that government and/or regulators should make the final decision on changes to the companion specification? Please explain your answer.

  5. Do you agree that the SSES Technical Governance Group should have a longer-term role in assurance and testing?

  6. Do you agree with the categories for seat allocation and the suggested split of seats for the SSES Technical Governance Group?

  7. Do you have any other reflections on the proposed governance structure for the SSES Technical Governance Group?

  8. Do you agree with the proposed membership composition of the SSES Security Governance Group, including the number of members in each category?

  9. Are the scope of the roles and responsibilities of the SSES Security Governance Group manageable and proportionate?

  10. Should any responsibilities of the SSES Security Governance Group be added or removed?

  11. Do you agree with the proposed content of the BSC code modification set out in Annex A? If you disagree, please set out your reasonings and any suggested changes.

  12. Do you agree the SSES Technical and Security Governance Groups should report into the BSC Panel (recognising the proposals in this consultation are subject to change following the outcomes of code reform consultations)?

  13. Do you agree that the set-up costs during the Transition Phase for SSES Enduring Governance should be treated as BSC Costs, subject to review prior to the delivery phase?

  14. Do you agree that government reserving the right to change the chair is a sufficient method to hold the SSES Technical and Security Governance Groups to account for their activities?

  15. Are there any key elements we are not including in the timeline which will need to be factored into our roll-out of SSES Enduring Governance?

Glossary

Term Definition
Balancing and Settlement Code (BSC) Defines the rules and governance for the balancing mechanism and imbalance settlement processes of electricity in Great Britain. It is administered by Elexon.
Consumer-Led Flexibility (CLF) (formerly Demand Side Response) Changing electricity demand to help meet the needs of the energy system, typically to benefit the transmission network, distribution network, or another third party.
Companion Specification A Companion Specification is an implementation guide as to how to build a device against a given existing standard to help deliver interoperability usually for some sort of “constrained” implementation e.g. such as within a given geography.

A Companion Specification will have its own Governance, separate from the that of any underlying standards. This helps where an Authority is required to ensure the Companion Specification is delivering against specific objectives/ policy intents without being directly bound by existing standards governance which may be subject to conflicting interests.

A Companion Specification is generally developed and followed by device manufacturers through commercial incentives or regulatory requirements.

Example of Companion Specifications include: GBCS, IDIS, G3 [all smart metering related].
Critical National Infrastructure (CNI) National assets that are essential for the functioning of society, such as those associated with energy supply, water supply, transportation, health, and telecommunications.
Cyber Assessment Framework (CAF) The framework of that name established by NCSC to assist in carrying out cyber resilience assessments.
Flexibility Service Provider (FSP) – formally Demand Side Response Service Provider (DSRSP) An organisation entering into arrangements with a consumer for load control
Distribution Network Operator (DNO) Own the local networks and feeds low voltage electricity through to homes or business property.
Distribution System Operator (DSO) Has a role to monitor, control and actively manage the power flows on the distribution system to maintain a safe, secure, and reliable electricity supply.
Energy Smart Appliance (ESA) A device which is communications-enabled and capable of responding automatically to price and/or other signals by shifting or modulating its electricity consumption and/or production.
Electric Vehicles (EV) Vehicle that uses one or more electric motors for propulsion. Unlike traditional internal-combustion engine (ICE) vehicles that rely on gasoline or diesel fuel, EVs operate using rechargeable electric batteries and an electric motor.
First Phase ESA Regulations This legislation will:

- establish a smart mandate for electric heating products in scope, requiring that they are placed on the market with smart functionality (consumers will always retain the option to use their devices in non-smart mode).
- incorporate, with some planned amendments, existing requirements regarding EVSCPs into a single set of regulations.
- contain a set of minimum requirements in relation to smart functionality, cybersecurity, and grid stability for the smart electric heating appliances, EVSCPs and smart domestic-scale battery energy storage systems (BESS). The regulations will require compliance with provisions of the ETSI EN 303 645 standard for IoT cybersecurity and require devices to be configured to deliver in aggregate a randomised delay up to 10 minutes where there is a risk of herding.
UK General Data Protection Regulation (GDPR) A set of rules that govern how personal information is used by organisations, businesses, and the government in the United Kingdom.
Home Energy Management System (HEMS) A device or system that controls and configures the energy usage or production of one or more ESAs, in order to optimise usage across all devices within a consumer premises and factoring in other elements such as local generation, tariffs and carbon intensity.
Interoperability The ability of a product or system to operate in conjunction with other products and systems. For the SSES programme, interoperability in reference to ESAs, specifically refers to the ability of the ESA to change its FSP without the need for a visit to the premises and whilst maintaining the ability to provide consumer-led flexibility.
Load Control The activity of adjusting the immediate or future flow of electricity into or out of an energy smart appliance.
Load Controller Controlling or configuring an energy smart appliance through a load control signal, for the purpose of causing or otherwise facilitating an adjustment to the immediate or future flow of electricity into or out of an ESA.
National Cyber Security Centre (NCSC) The organisation of that name established by the UK government to, amongst other things, provide advice in relation to cyber security.
National Energy System Operator (NESO) Established in October 2024 is an operationally independent and impartial body with responsibilities across both the electricity and gas systems for driving progress towards net zero while maintaining energy security and minimising costs for consumers.
Network and Information Systems (NIS) Regulations The Network and Information Systems Regulations 2018, that require organisations to meet specified cyber security requirements.
Publicly Available Specification (PAS) 1878 A technical standard that sets out requirements for CLF-enabled ESAs. It was developed through an industry-led, BSI-facilitated process that was funded by government.
Public Key Infrastructure A system for managing cryptographic material that is used to secure and encrypt communications.
Retail Energy Code (REC) A central industry document that sets out how centralised information is managed including, for example, which energy supplier supplies which consumer.
Second Phase ESA Regulations We will take forward a second phase of legislation later in this Parliament. This second phase will further protect consumers who choose to participate in CLF by giving them the confidence that the ESAs they purchase can be used with different FSPs, should they decide to switch. The framework will require (as a minimum) ESAs to comply with an interoperability standard and FSPs to integrate with this standard, thus ensuring a base level of interoperability.
Smart Energy Code (SEC) A central industry document that sets out how energy suppliers and other parties communicate with Smart Meters via the DCC.
Smart Means, in relation to a device, the ability of the device to respond in real time to remote communication signals, using digital technologies, to deliver a service.
Smart Secure Electricity Systems Programme (SSES) A DESNZ programme with the primary objective of unlocking the benefits of a smart and flexible electricity system for domestic and small non-domestic consumers, whilst protecting consumers and the grid.
Tariff The charges applied to a consumer for their energy supply (and the associated contract terms).
Tariff Data Interoperability In relation to an ESA, the ability of an ESA to be used with a tariff from any energy supplier, easily and without a service provider visit to the ESA.
Time-Of-Use Tariff (TOUT) An electricity Tariff under which the unit price for electricity varies throughout the day.
Vehicle to Everything (V2X) V2X, where “X” stands for everything, is the umbrella term for all forms of technology whereby the EV battery can export electricity back to a system, be that a home (V2H), a building (V2B) such as a business or back to the electricity grid (V2G).
  1. Clean Flexibility Roadmap: Mapping the path to a clean, flexible, consumer-focused electricity system](https://www.gov.uk/government/publications/clean-flexibility-roadmap) 

  2. Clean Power 2030: Action Plan: A new era of clean electricity 

  3. Consumers referred to in this consultation cover domestic and small non-domestic consumers. 

  4. £233 annual saving compares an average household energy consumption of 3,149kWh of electricity and 12,193kWh of gas using Octopus’ Agile tariff compared to electricity price cap unit rates between July 2023 - July 2024. 

  5. DESNZ analysis: based on Octopus’ Cosy tariff compared to the electricity price cap unit rates between July 2023 - July 2024. For flexibility behaviour the heat pump is assumed not to operate at peak times. 

  6. Delivering a smart and secure electricity system: the interoperability and cyber security of energy smart appliances and remote load control - GOV.UK 

  7. Delivering a smart and secure electricity system: implementation 

  8. Clean Power 2030: Action Plan: A new era of clean electricity 

  9. Clean flexibility roadmap - GOV.UK 

  10. Consumer-led flexibility involves voluntary actions taken freely by energy consumers – or on their behalf by Demand Side Response Service Providers (D S R S P s) with consumers’ consent – to shift some of their electricity use when they choose to be rewarded for this flexibility while still having their energy needs met. 

  11. https://www.gov.uk/government/calls-for-evidence/default-energy-tariffs-for-households-call-for-evidence 

  12. Internal DESNZ analysis                               

  13. The government will, in 2025, consult on and then lay in Parliament secondary legislation on Energy Smart Appliances.  Once these regulations are made, subject to Parliamentary approval, an approximately 20-month implementation period will allow industry to update production cycles before the regulatory requirements will be enforced. This implementation period will conclude by the end of 2027 at the latest. 

  14. Energy Code Reform: Ofgem 

  15. Decision on code manager selection 

  16. An entity whose primary purpose is not to generate profit for its owners or members, but rather to pursue a specific mission or cause. 

  17. Energy Act 2023%3B) 

  18. https://www.neso.energy/publications/markets-roadmap/enabling-demand-side-flexibility-neso-markets 

  19. Open Automated Demand Response (Open ADR) is an open protocol for communication between a virtual top node and virtual end node.   

  20. Open Charge Point Protocol (OCPP) is an open protocol for communication between electric vehicle charging stations and a charge point operator central management system. 

  21. Open Charge Point Interface (OCPI) is an open protocol for communication between charge point operator central management system and third-party service providers interacting with the charge points via the charge point operator central management system. 

  22. PAS 1878:2021 is an open standard for communication between an energy smart appliance interface and demand side response service providers. 

  23. Project Mercury is an alliance established to set global standards for the integration of clean technologies with smart energy systems focussing on charge points to begin with. 

  24. BSC Change Process Guidance Note - Elexon Digital BSC – Change Process for CSD’s 

  25. BSC Section D: BSC Cost Recovery and Participation Charges - Elexon Digital BSC – please see 2.1.1 for a full definition of BSC Costs.