Securing Distributed Energy Resources
Industrial Internet of Things (IIoT) devices at the grid edge are increasing rapidly and transforming the power grid. Their connectivity, the conduit through which they can become vulnerable, is an emerging cyber threat to the distribution grid.
Cybersecurity guidance to help energy companies protect IIoT data integrity and communications
Project Abstract
Protecting IIoT devices at the grid edge is arguably one of the more difficult tasks in cybersecurity. There is a wide variety of devices, many of which are deployed and operate in a highly specific manner.
In the energy sector, DERs such as solar photovoltaics introduce information exchanges between a utility’s distribution control system and the DERs to manage the flow of energy in the distribution grid. These information exchanges often use IIoT technologies that may lack communications security. Additionally, the operating characteristics of DERs are dynamic and significantly different from those of typical power generation capabilities. Timely management of DER capabilities often requires a higher degree of automation. Managing the automation, the increased need for information exchanges, and the cybersecurity associated with these presents significant challenges.
The NCCoE is building an example solution focused on helping energy companies secure IIoT information exchanges of DERs in their operating environment that demonstrates the following capabilities:
- authentication and access control to ensure that only known, authorized systems can exchange information
- communications and data integrity to ensure that information is not modified in transit
- malware detection to monitor information exchanges and processing to identify potential malware infections
- command register that maintains an independent, immutable record of information exchanges between distribution and DER operators
- behavioral monitoring to detect deviations from operational norms
- analysis and visualization processes to monitor data, identify anomalies, and alert operators
Protecting IIoT devices at the grid edge is arguably one of the more difficult tasks in cybersecurity.
Collaborating Vendors
Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.
Supplemental Resources
The NCCoE and our project collaborators presented a brief overview of the example solution detailed in NIST SP 1800-32 to the Sandia National Laboratory/SunSpec Alliance Distributed Energy Resources Working Group, followed by a question and answer session in the video.
Additionally, the following resources are available:
Flyer: Read the Securing Distributed Energy Resources one-page flyer to learn about the cybersecurity capabilities demonstrated in the project.
Fact Sheet: Read the two-page fact sheet for a brief overview of this project.
Waterfall Industrial Security Podcast: Internet communications are creeping into electric distribution systems. The NCCoE's Jim McCarthy and Don Faatz join Waterfall's Andrew Ginter and Nate Nelson to talk about the cybersecurity challenges and opportunities for securing distributed energy resources. Listen now.
Join the Community of Interest
A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI.