Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Risk Assessment at the Edge: Applying NERC CIP to Aggregated Grid-Edge Resources

Journal Article · · Electricity Journal
 [1];  [1];  [2];  [3]
  1. National Renewable Energy Lab. (NREL), Golden, CO (United States)
  2. Duo Security, Ann Arbor, MI (United States)
  3. ETAS/ESCRYPT Embedded Security, Ann Arbor, MI (United States)
+ Show Author Affiliations
Distributed energy resources (DERs) promise to deliver benefits for both utilities and consumers by dynamically interoperating utility systems with customer-owned grid-edge technologies. These small energy-consuming devices are increasingly being aggregated for participation in grid markets, planning and operations. A cyber attack penetrating the control system of aggregated DERs could negatively impact the operation of the grid. In the worst case, the power grid could be severely damaged and physical safety compromised. In this paper we analyze cybersecurity risks associated with the aggregation of DERs and develop an approach to mitigating that risk. The approaches to both cyber risk analysis and mitigation were developed during a recent research project that serves as an example of how the approaches could be applied. However, both the risk analysis and mitigation are applicable to the broader domain of all DERs. An important conclusion is that the successful cyber compromise of aggregated DERs could have a significant impact on the bulk power system. This is the case even if each individual DER falls below the threshold of compliance with bulk-grid cybersecurity standards. For this reason, we specifically investigate how National Electricity Reliability Corporation's Critical Infrastructure Protection requirements could flow down to interactions between DER aggregators and the DERs themselves in order to protect the grid from these bulk-scale cyber attack impacts.
Research Organization:
National Renewable Energy Laboratory (NREL), Golden, CO (United States)
Sponsoring Organization:
USDOE; USDOE Office of Energy Efficiency and Renewable Energy (EERE), Building Technologies Office (EE-5B)
Grant/Contract Number:
AC36-08GO28308
OSTI ID:
1505076
Alternate ID(s):
OSTI ID: 1636923
Report Number(s):
NREL/JA--5500-73026
Journal Information:
Electricity Journal, Journal Name: Electricity Journal Journal Issue: 2 Vol. 32; ISSN 1040-6190
Publisher:
ElsevierCopyright Statement
Country of Publication:
United States
Language:
English

Similar Records

OT Operational Anomaly Detection (OAD) T&D + DER
Conference · Wed Feb 28 23:00:00 EST 2024 · OSTI ID:2319199
Security of DERs and Grid Edge Technologies
Technical Report · Mon Jan 19 19:00:00 EST 2026 · OSTI ID:3014667

Related Subjects

24 POWER TRANSMISSION AND DISTRIBUTION
aggregated energy assets
home automation
internet of things
power system security
security
smart grids
smart homes