Toolbox Entry: Cyber Security Primer for DER Vendors Aggregators and Grid Operators

From energypedia

► Back to the Toolbox

Last edited on 27/11/2022 by Hector Alfaro
(Date format: DD/MM/YYYY)

General Information

ID Number
Main Author
Sandia National Laboratories
Publication Year
Type of Entry
Study Report

Enabling Distributed Technologies
  • Battery Energy Storage Systems
  • Distributed generation (solar)

Information Exchange
  • Interoperability and communication
  • Cybersecurity
Which of the above categories best describe the material
Information exchange


This report provides an introduction to cyber security for distributed energy resources (DER) - such as photovoltaic (PV) inverters and energy storage systems (ESS). This material is motivated by the need to assist DER vendors, aggregators, grid operators, and broader PV industry with cyber security resilience and describe the state-of-the-art for securing DER communications. The report outlines basic principles of cyber security, encryption, communication protocols, DER cyber security recommendations and requirements, and device-, aggregator-, and utility-level security best practices to ensure data confidentiality, integrity, and availability. Example cyber security attacks, including eavesdropping, masquerading, man-in-the-middle, replay attacks, and denial-of-service are also described. A survey of communication protocols and cyber security recommendations used by the DER and power system industry are included to elucidate the cyber security standards landscape. Lastly, a roadmap is presented to harden end-to-end communications for DER with research and industry engagement.