This report recommends security measures for operators of distributed energy resources (DER).
As alternative energy sources, such as wind, solar or heat, have become sustainable for small scale use, they are being placed in a wide variety of locations. These DER can be connected to high, medium, or low voltage grid, contributing significantly to the electricity mix. A large loss of DER generation can severely disrupt the electrical grid.
DER are exposed to significant cyber risks. Their operations and maintenance are supported by information systems. Many activities are executed through remote access, especially in larger DER. Cyber criminals can attack the systems or communications to obtain money or information from some party. Nation states can damage the systems or cause a black-out by switching off enough locations.
The operator role is vital to protect DER systems. A large system operator monitors and controls the systems in real time. A small system operator should acknowledge alarms on a daily basis and take necessary actions in the shortest delay. In many cases, an operator accesses the system remotely or receives the information he needs through untrusted networks. He can also provide access to the system to other parties. DER parties can accumulate the operator role with other roles.
This document recommends security measures for DER operators to protect their systems and mitigate these risks. The measures cover threats to the systems and communications through the central systems, field locations and communications.