Toolbox Entry: Cyber Security Primer for DER Vendors Aggregators and Grid Operators

General Information

63

Sandia National Laboratories

2017

Study Report

• Battery Energy Storage Systems
• Distributed generation (solar)

• Interoperability and communication
• Cybersecurity

Information exchange

This report provides an introduction to cyber security for distributed energy resources (DER) - such as photovoltaic (PV) inverters and energy storage systems (ESS). This material is motivated by the need to assist DER vendors, aggregators, grid operators, and broader PV industry with cyber security resilience and describe the state-of-the-art for securing DER communications. The report outlines basic principles of cyber security, encryption, communication protocols, DER cyber security recommendations and requirements, and device-, aggregator-, and utility-level security best practices to ensure data confidentiality, integrity, and availability. Example cyber security attacks, including eavesdropping, masquerading, man-in-the-middle, replay attacks, and denial-of-service are also described. A survey of communication protocols and cyber security recommendations used by the DER and power system industry are included to elucidate the cyber security standards landscape. Lastly, a roadmap is presented to harden end-to-end communications for DER with research and industry engagement.