This reports recommends security measuers for grid operators connecting to distributed energy resources (DER).
As alternative energy sources, such have wind, solar or heat, have become sustainable for small scale use, they are being placed in a wide variety of locations. These DER can be connected to high, medium, or low voltage grid. They can however cause congestion or quality problems in the electrical grid. To solve these problems, grid operators are connecting to the DER control systems to monitor and control their generation.
The connections to DER create new cyber-security risks for grid operators. By compromising the connections, attackers could send unauthorized curtailment commands to DER locations. If they manage to switch off enough locations, they could disrupt the grid balance. Additionally, the connections could be used as an entry point into grid operator systems. By first compromising a DER system, attackers may get into critical grid operator control systems, such as SCADA systems or substation automation systems.
This document recommends security measures for grid operators to protect the digital connections to DER and mitigate these new risks. The measures cover:
- threats to the connection and information passing through it;
- threats to grid operator systems through the DER connection;
- interests that come into play in the new relationship between the grid operator and DER operator.