1. Home
  2. News Releases
  3. Back Issues
  4. May FY2025
  5. Cybersecurity Guidelines for Energy Resource Aggregation Business Revised

Cybersecurity Guidelines for Energy Resource Aggregation Business Revised

May 22, 2025

The Ministry of Economy, Trade and Industry revised the guidelines on cybersecurity measures to be implemented by companies participating in the energy resource aggregation business.

1. About the Cybersecurity Guidelines for ERAB Version 3.0

The guidelines set out the cybersecurity measures to be implemented by companies participating in the energy resource aggregation business (hereinafter referred to as “ERAB”), which makes use of demand side resources, such as small power sources, power storage systems, and demand response (hereinafter referred to as “DR”) programs. (Formulated in April 2017 and revised in November 2017 and in December 2019.)

2. Background and details of the latest revision

Recently, due to the expansion of ERAB and changes in the business environment, threats that were not assumed at the initial stage are increasing, along with the expanded use of DR company-equipment connection systems that do not use gateways and of IoT devices. Also, cyberthreats caused by the vulnerability of IoT devices have been on the increase, leading to progressive reviews of device security assessment systems and guidelines. In light of this situation, the Study Group on Next-Generation Distributed Power Systems carried out a review to revise the guidelines and compiled a draft for the Cybersecurity Guidelines for ERAB Version 3.0. Subsequently, public opinions were solicited for the draft during the period from Wednesday, December 25, 2024, to Friday, January 31, 2025.

Based on the opinions collected, a report on the Cybersecurity Guidelines for ERAB Version 3.0 (draft) was presented at the 12th meeting of the Study Group on Next-Generation Power Systems held on Monday, March 3, 2025, and the draft was finalized to become the Cybersecurity Guidelines for ERAB Version 3.0. Major revisions from the previous version are as follows.

Major revisions

Note: ERAB refers to businesses that provide various energy services, such as balancing capacity, imbalance avoidance, electricity rate cuts and output control avoidance, by making use of virtual power plants and DR for transmission system operators, distribution system operators, electricity retailers, consumers, renewable-energy utilities and other customers.

Related Materials (in Japanese)

Related Links (in Japanese)

Division in Charge

Advanced Energy Systems and Structure Division, Energy Efficiency and Renewable Energy Department, Agency for Natural Resources and Energy