Recommended Functionalities for Improving Cybersecurity of Distributed Energy Resources

Carvalho, Ricardo Siqueira de; Saleem, Danish

doi:10.1109/rws47064.2019.8972000

Cited by 30 publications

(31 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…These existing solutions include basic security controls, such as role-based access controls and intrusion detection, and advanced security controls, such as transport layer security and session renegotiation. Particularly of interest, controls enabling ancillary services of DER, such as volt-var, watt-var, volt-watt, and frequency droop, have been mapped to potential physical impacts due to cyberattacks [132]. This work highlights the vulnerabilities within specific IEEE communication protocols commonly used in DER communications and pinpoints opportunities for cyber hardening.…”

Section: Cyber-physical Analysis Of Solar Wind and Dersmentioning

confidence: 99%

Resilience in an Evolving Electrical Grid

et al. 2021

View full text Add to dashboard Cite

Fundamental shifts in the structure and generation profile of electrical grids are occurring amidst increased demand for resilience. These two simultaneous trends create the need for new planning and operational practices for modern grids that account for the compounding uncertainties inherent in both resilience assessment and increasing contribution of variable inverter-based renewable energy sources. This work reviews the research work addressing the changing generation profile, state-of-the-art practices to address resilience, and research works at the intersection of these two topics in regards to electrical grids. The contribution of this work is to highlight the ongoing research in power system resilience and integration of variable inverter-based renewable energy sources in electrical grids, and to identify areas of current and further study at this intersection. Areas of research identified at this intersection include cyber-physical analysis of solar, wind, and distributed energy resources, microgrids, network evolution and observability, substation automation and self-healing, and probabilistic planning and operation methods.

show abstract

Section: Cyber-physical Analysis Of Solar Wind and Dersmentioning

confidence: 99%

Resilience in an Evolving Electrical Grid

et al. 2021

View full text Add to dashboard Cite

show abstract

“…They propose metrics to evaluate the impact of attacks. Other research presents network attacks on DER in more detail and provides recommendations that align with standard best practices for cybersecurity are discussed with application to DER [50]. Additional threat assessment work proposes a framework to evaluate the current security position and help stakeholders ensure that they have covered all basic cybersecurity best practices via standards, certifications, and testing against an individual system [51].…”

Section: Related Workmentioning

confidence: 99%

Securing Distributed Energy Resource Integration

Culler

2021

View full text Add to dashboard Cite

The penetration of distributed energy resources (DER) is growing at much higher rates than predicted 20 years ago. Far from being used only in residential settings, DER are now installed on distribution and transmission circuits. In this position, they do not have the same properties as traditional generators and are more flexible in many cases. The growing penetration and range of uses for DER motivate the need to reliably and safely integrate them into the grid. Operators must be able to rely on them not only for normal operation, but also during abnormal conditions like black starts or adverse cyber scenarios. To that end, we study the communications, device interfaces, and potential consequences of DER operation under abnormal and adversarial conditions. The weaknesses of communications networks are studied based on the industrial protocols used, and the benefits of security features are examined. The device interfaces are found to be vulnerable to attack based on the requirements in the IEEE-1547 standard for DER interconnection and interoperability, which is expected to be adopted in the next ten years. In addition to exploring the requirements of the standard, we show that these vulnerabilities and others do exist and can be used maliciously in a modern storage system DER. Consequences of these vulnerabilities range from exacerbated grid instability, to simultaneous loss of large portions of DER penetration, to physical damage to inverters or DER themselves and other sensitive equipment. We tie these outcomes to specific attacker actions in an effort to give operators a better threat intelligence view that allows them to prioritize mitigations. Finally, we discuss mitigations that could prevent many of the adversarial scenarios described. Some solutions can be added to existing infrastructure, while others may require longer term planning for grid modernization with consideration for security.

show abstract

“…In [13] the authors identify key issues with DER deployments and provide a series of product improvements that must be integrated into new systems in order to prevent cyber-attacks. In [14] a Cybersecurity Framework (CSF) compatible with the National Institute of Standards and Technology (NIST) guidelines is presented, the guide has been integrated into a web tool to be used by federal, private and utility scale organizations.…”

Section: Related Workmentioning

confidence: 99%

Assessing Cyber-Physical Risks of IoT-Based Energy Devices in Grid Operations

2020

View full text Add to dashboard Cite

The growing number of consumer-grade network-enabled Distributed Energy Resources (DER) installations introduces new attack vectors that could impact grid operations through coordinated attacks. This work presents a cyber-physical model and risk assessment methodology for analyzing the emerging nexus between Internet of Things-based energy devices and the bulk transmission grid. The cyber model replicates the device-level interconnectivity and software components interaction found within these architectures to understand the feasibly of coordinated attacks, while the physical model is used to assess the attack's impacts on the grid. The manuscript questions the validity of previous papers' claims regarding IoT-based grid attacks by addressing key limitations in both the power grid and cyberinfrastructure models of those works. The resulting methodology is then evaluated using the Western Electricity Coordinating Council (WECC) electrical model coupled with DER's operational statistics from California. The results suggest that current DER penetration rates are not yet significant enough to present serious risk, but continued DER growth may be problematic. Furthermore, the work identifies policies that mitigate these risks through increased device diversity and cybersecurity requirements.

show abstract

Recommended Functionalities for Improving Cybersecurity of Distributed Energy Resources

Cited by 30 publications

References 23 publications

Resilience in an Evolving Electrical Grid

Resilience in an Evolving Electrical Grid

Securing Distributed Energy Resource Integration

Assessing Cyber-Physical Risks of IoT-Based Energy Devices in Grid Operations

Contact Info

Product

Resources

About