Solar panels, wind turbines and energy storage are gradually transforming the way in which energy is generated and distributed across millions of homes, businesses and industries in the United States.
These distributed energy resources (DERs) use electronics like smart inverters to convert power and are often equipped with communication capabilities to communicate with each other or with a control center. Yet this presents opportunities for cyber attacks that could become real threats to the electric power system as distributed systems integrate more with the grid.
There are new ways in development to protect power systems from these threats before they can occur, said cybersecurity and systems experts at the U.S Department of Energy’s (DoE) Argonne National Laboratory.
Their work is providing utilities a framework for evaluating their power systems for vulnerabilities to cyber attack, as well as strategies for preventing, detecting and responding to them.
“As a National Laboratory, we have a responsibility to identify threats and propose solutions to protect the U.S. grid infrastructure from any type of threat, among the most ominous being cyber attacks,” said Ravindra Singh, a cyber expert and principal distribution engineer at Argonne. “Because distributed generation from renewable energy resources is growing as a replacement for central generation, solutions must be found for minimizing the risks of cyber attacks for their large-scale integration into the grid.”
Before distributed energy resources became a significant source of generation, power flowed in one direction — from central power plants to transmission lines down to distribution networks and finally consumers. As DER technologies emerge, this dynamic is changing entirely, by giving consumers the ability to generate, store and consume power locally.
As DERs spread, the devices that control them need to communicate and connect with the larger grid in order to safely and reliably manage voltage and frequency stability. This greater connectivity and communications introduces added vulnerabilities.
“Using distributed resources on a large scale adds risk due to the large number of devices and access points they introduce,” Singh said.
Without systems constructed to protect, monitor and control grid components, attacks on distributed devices like smart inverters could potentially destabilize larger grid operations and in extreme cases, cause large-scale blackouts.
Singh and his colleagues are developing best practices, standards, and safeguards to enhance the grid’s security and resilience against the cyber threats that may emerge from integrating distributed technologies. They’re starting by focusing on renewables, DERs, and smart inverter systems and developing a holistic cybersecurity framework to:
The approach taken by Singh and his team is “from the bottom-up,” meaning the researchers are focusing their efforts on the distribution side of the power system and customer sites. Researchers are modeling cyber attacks targeting DERs in order to analyze how power systems react to them and identify ways of making them more resilient. They are also modeling power distribution networks, including customer-owned solar panels, and connecting these with bulk electric system models.
The ultimate objective is to create methods and tools for use by distribution utilities integrating increasing amounts of renewables into their portfolio, and bulk power companies concerned about maintaining reliable service to customers.
“Argonne’s cyber solutions will ultimately strengthen America’s cyber infrastructure so that it is better protected and equipped to meet the transformational changes that are rapidly underway,” Singh said.