The smart grid cyber-physical system has digital technologies coexisting with legacy power system devices, and its distribution network has been equipped with intelligent electronic devices and advanced metering infrastructure to enhance energy efficiency, support increased penetration levels of distributed energy resources (DERs), and enable command and control functionalities down to the customer level. This leads to a potentially larger attack surface and an increased susceptibility to potential cyber-physical attacks.
The infrastructure of DERs was originally designed with the primary intention of harnessing the potential of renewable energy. For such a setting, security at the device, network, or application levels of DERs was of little to no concern. The growing penetration levels of DERs has increased the overall attack surface of critical infrastructure such as smart grids. The lack of in-place security controls has led to many successful cyber-physical attacks over the last five years (REF1).
Utilities have traditionally relied on intrusion detection and prevention systems (ID/PS), firewalls and other tools to protect the bulk of their resources, but such tools are limited to signature-based malware detection and fail against data fuzzing, stealthy attacks, and insider threats. Further, poor cybersecurity business processes are in place for analysts to follow while integrating new products into their trusted networks. A business process is a set of activities that drives an organization toward its mission. This is more crucial for electric utilities as they are driven by the mission to provide reliable and safe power to meet dynamic consumer demands at all times.
In the emerging age of the industrial Internet of Things and DERs, threat landscapes of information technology (IT) and operational technology (OT) have become intertwined, with data at the core. The information assurance (IA) model posits three dimensions of security, each with multiple characteristics: 1) security goals: confidentiality, integrity, availability, accountability, possession, and utility; 2) state of information: information stored, processed, or transmitted; and 3) security countermeasures: technology (commercial off-the-shelf or in-house), assessments, and human factors. The holistic multidimensional framework shown in the below figure imbibes these dimensions of IA model in its solution dimensions shown on the right, which cohesively address the three levels of security. The primary aim of such a framework is to not only secure the energy systems holistically but to also protect the critical infrastructure from cyberattacks:
1) Device-level: security of the physical devices and their interfaces (user and machine)
2) Communications-level: security of the communications medium that the devices use to send and receive packets
3) Application-level: security of the processing and analytical applications that deliver high-end insights to analysts and operators
The proposed framework places multiple security technologies at different layers of the Open Systems Interconnect (OSI) stack, enforces sound assessments, and embeds intelligent algorithms to ensure a strong security posture.
To develop, research, and implement the holistic multidimensional framework for DERs, NREL has been collaborating with Dr. Arif I. Sarwat, Director of the Energy, Power & Sustainability (EPS) Group of the Florida International University (FIU), Miami, which conducts advanced research to solve specific challenges in smart grids, renewable integration, big data analytics, and cybersecurity. This collaborative work primarily involves lab-scale simulations and tests to study the impacts of employing such a framework on larger and massively integrated systems, and then conducting field validations.
In addition to this, NREL is also collaborating with government and industry partners— including SunSpec Alliance, UL, National Electrical Manufacturers Association, IEEE 1547 standard working group, IEEE P2030 standard working group, IEC Technical Committee 57 Working Group 15, Smart Electric Power Alliance Smart Grid Cybersecurity Committee, and NIST Smart Grid Program— to support the development of a national/international standard to ensure that DERs have minimum cybersecurity policies, controls, and procedures that maximize the strengths of authentication, authorization, and integrity of the data, communications, and exchange of information.
To read more about these, and other, NREL efforts to bolster the cybersecurity of DERs, see these publications:
- https://ieeexplore.ieee.org/abstract/document/8755282
- https://www.researchgate.net/publication/334811662_Certification_Procedures_for_Data_andCommunications_Security_of_Distributed_Energy_Resources
- https://www.mdpi.com/1996-1073/11/9/2360
Co-authored by:
Danish Saleem, Energy Security & Resilience Center, National Renewable Energy Laboratory
Aditya Sundararajan, Electrical and Computer Engineering Department, Florida International University