Who Controls Your Energy? On the (In)Security of Residential Battery Energy Storage Systems

Baumgart, Ingmar; Borsig, Matthias; Goerke, Niklas; Hackenjos, Timon; Rill, Jochen; Wehmer, Marek

doi:10.1109/smartgridcomm.2019.8909749

Cited by 7 publications

(1 citation statement)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Marques et al [24] discuss security features that can be added to a control area network (CAN) communication channel for home batteries. Standard network security issues, like distributed denial of service (DDoS) attacks, transport layer security (TLS) setup, and man-in-the-middle attacks are explored and found to be feasible in many home battery systems [25]. Other work studies DER networks in more detail, assessing the impacts of latency in various parts of the network and proposing network-based defenses against possible attacks [26].…”

Section: Related Workmentioning

confidence: 99%

Cybersecurity Considerations for Grid-Connected Batteries with Hardware Demonstrations

Culler

Burroughs

2021

Energies

View full text Add to dashboard Cite

The share of renewable and distributed energy resources (DERs), like wind turbines, solar photovoltaics and grid-connected batteries, interconnected to the electric grid is rapidly increasing due to reduced costs, rising efficiency, and regulatory requirements aimed at incentivizing a lower-carbon electricity system. These distributed energy resources differ from traditional generation in many ways including the use of many smaller devices connected primarily (but not exclusively) to the distribution network, rather than few larger devices connected to the transmission network. DERs being installed today often include modern communication hardware like cellular modems and WiFi connectivity and, in addition, the inverters used to connect these resources to the grid are gaining increasingly complex capabilities, like providing voltage and frequency support or supporting microgrids. To perform these new functions safely, communications to the device and more complex controls are required. The distributed nature of DER devices combined with their network connectivity and complex controls interfaces present a larger potential attack surface for adversaries looking to create instability in power systems. To address this area of concern, the steps of a cyberattack on DERs have been studied, including the security of industrial protocols, the misuse of the DER interface, and the physical impacts. These different steps have not previously been tied together in practice and not specifically studied for grid-connected storage devices. In this work, we focus on grid-connected batteries. We explore the potential impacts of a cyberattack on a battery to power system stability, to the battery hardware, and on economics for various stakeholders. We then use real hardware to demonstrate end-to-end attack paths exist when security features are disabled or misconfigured. Our experimental focus is on control interface security and protocol security, with the initial assumption that an adversary has gained access to the network to which the device is connected. We provide real examples of the effectiveness of certain defenses. This work can be used to help utilities and other grid-connected battery owners and operators evaluate the severity of different threats and the effectiveness of defense strategies so they can effectively deploy and protect grid-connected storage devices.

show abstract

Section: Related Workmentioning

confidence: 99%