Cybersecurity in Photovoltaic Plant Operations

Walker, Andy; Desai, Jal; Saleem, Danish; Gunda, Thushara

doi:10.2172/1774870

Cited by 15 publications

(7 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In a study conducted by Walker et al (2021) that specifically examined cybersecurity in PV operations, notable challenges were identified, including a shortage of personnel with cybersecurity expertise and inadequate cyber hygiene practices. To address these concerns, the study proposed comprehensive plans that encompassed the expanded threat landscape, emphasized training programs for staff, and recommended implementing certifications for security systems as proactive measures to mitigate these risks.…”

Section: Cybersecurity In Smart Grids With Solar Pv Integrationmentioning

confidence: 99%

Cybersecurity Vulnerabilities in Smart Grids with Solar Photovoltaic: A Threat Modelling and Risk Assessment Approach

Abdul Rahim,

Ahmad,

Magalingam

et al. 2023

IJSCET

View full text Add to dashboard Cite

Cybersecurity is a growing concern for smart grids, especially with the integration of solar photovoltaics (PVs). With the installation of more solar and the advancement of inverters, utilities are provided with real-time solar power generation and other information through various tools. However, these tools must be properly secured to prevent the grid from becoming more vulnerable to cyber-attacks. This study proposes a threat modeling and risk assessment approach tailored to smart grids incorporating solar PV systems. The approach involves identifying, assessing, and mitigating risks through threat modeling and risk assessment. A threat model is designed by adapting and applying general threat modeling steps to the context of smart grids with solar PV. The process involves the identification of device assets and access points within the smart grid infrastructure. Subsequently, the threats to these devices were classified utilizing the STRIDE model. To further prioritize the identified threat, the DREAD threat-risk ranking model is employed. The threat modeling stage reveals several high-risk threats to the smart grid infrastructure, including Information Disclosure, Elevation of Privilege, and Tampering. Targeted recommendations in the form of mitigation controls are formulated to secure the smart grid’s posture against these identified threats. The risk ratings provided in this study offer valuable insights into the cybersecurity risks associated with smart grids incorporating solar PV systems, while also providing practical guidance for risk mitigation. Tailored mitigation strategies are proposed to address these vulnerabilities. By taking proactive measures, energy sector stakeholders may strengthen the security of their smart grid infrastructure and protect critical operations from potential cyber threats.

show abstract

Section: Cybersecurity In Smart Grids With Solar Pv Integrationmentioning

confidence: 99%

Cybersecurity Vulnerabilities in Smart Grids with Solar Photovoltaic: A Threat Modelling and Risk Assessment Approach

Abdul Rahim,

Ahmad,

Magalingam

et al. 2023

IJSCET

View full text Add to dashboard Cite

show abstract

“…Cybersecurity has an important impact on many aspects of the supply chain, from firmware arranged on chips, to software packages used at various points in the software development cycle. Equipment or software that has been compromised in the supply chain upstream of the ultimate owner-operator might lead to attacks, such as stealing or rerouting funds; denial of service; breaching confidential or proprietary information from a company, its customers, or its suppliers; ransomware that denies the operation of automated equipment for payment; and malicious control actions that could damage equipment and endanger personnel (Walker et al 2021). One key area that that needs cybersecurity recommendations and guidance is the security of firmware and programmable logic controllers.…”

Section: Executive Summarymentioning

confidence: 99%

“…Many standards exist to inform increases in cybersecurity postures and to protect against cyberattacks. The current landscape of recommendations and standards includes several that can be used by DER utilities, vendors, aggregators, or manufacturers (Walker et al 2021): Although this is not a complete list, these are recommended standards to assess and implement for DER cybersecurity. Idaho National Laboratory posted the standards to a secure energy infrastructure website that allows an organization to select the filters that match their own organizational structure, the purpose of the standard they are looking for, as well as the type.…”

Section: Current Landscapementioning

confidence: 99%

“…In the context of supply chain cybersecurity, the resources that directly influence this ecosystem include software, hardware, data, and/or other digital components. Compromised equipment or software in the supply chain could lead to attacks, such as financial loss; denial of service; breaching confidential or proprietary information from a company, its customers, or its suppliers; ransomware that denies the operation of automated equipment for payment; and malicious control actions that could damage equipment and endanger personnel (Walker et al 2021).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Gap Analysis of Supply Chain Cybersecurity for Distributed Energy Resources

Ryan¹,

Saleem²,

Peterson³

et al. 2023

View full text Add to dashboard Cite

show abstract

“…example is the 2015 cyberattack on Ukraine's power grid, where hackers targeted control systems, triggering widespread outages affecting approximately 225,000 customers (Zetter, 2016). Similarly, a 2019 attack on a US utility impacted PV and wind installations due to an unpatched firewall breach, temporarily disrupting Supervisory Control and Data Acquisition (SCADA) systems and 500 MW of generation (Walker et al, 2021). These incidents emphasize the urgent need for robust cybersecurity measures in PV systems to avert future threats, underlining power grid vulnerability and potential repercussions of cyberattacks on vital systems.…”

mentioning

confidence: 99%

Cybersecurity of photovoltaic systems: challenges, threats, and mitigation strategies: a short survey

Harrou,

Taghezouit,

Bouyeddou

et al. 2023

Front. Energy Res.

View full text Add to dashboard Cite

Photovoltaic (PV) systems, as critical components of the power grid, have become increasingly reliant on standard Information Technology (IT) computing and network infrastructure for their operation and maintenance. However, this dependency exposes PV systems to heightened vulnerabilities and the risk of cyber-attacks. In recent times, the number of reported cyber-attacks targeting PV systems has increased significantly. This paper provides an overview of the cybersecurity challenges faced by PV systems, emphasizing their susceptibility to anomalies and cyber threats. It highlights the urgency of implementing robust cybersecurity measures to protect the integrity and reliability of PV installations. By understanding and addressing these challenges, stakeholders can ensure the resilience and secure integration of PV systems within the power grid infrastructure.

show abstract

Cybersecurity in Photovoltaic Plant Operations

Abstract: Department of Energy (DOE) reports produced after 1991 and a growing number of pre-1991 documents are available free via www.OSTI.gov.

Cited by 15 publications

References 6 publications

Cybersecurity Vulnerabilities in Smart Grids with Solar Photovoltaic: A Threat Modelling and Risk Assessment Approach

Cybersecurity Vulnerabilities in Smart Grids with Solar Photovoltaic: A Threat Modelling and Risk Assessment Approach

Gap Analysis of Supply Chain Cybersecurity for Distributed Energy Resources

Cybersecurity of photovoltaic systems: challenges, threats, and mitigation strategies: a short survey

Contact Info

Product

Resources

About