DOE PAGES title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Assessing DER Network Cybersecurity Defences in a Power-Communication Co-Simulation Environment

Abstract

Increasing penetrations of interoperable distributed energy resources (DER) in the electric power system are expanding the power system attack surface. Maloperation or malicious control of DER equipment can now cause substantial disturbances to grid operations. Fortunately, many options exist to defend and limit adversary impact on these newly-created DER communication networks, which typically traverse the public internet. However, implementing these security features will increase communication latency, thereby adversely impacting real-time DER grid support service effectiveness. In this work, a collection of software tools called SCEPTRE were used to create a co-simulation environment where SunSpec-compliant PV inverters were deployed as virtual machines and interconnected to simulated communication network equipment. Network segmentation, encryption, and moving target defence security features were deployed on the control network to evaluate their influence on cybersecurity metrics and power system performance. The results indicated that adding these security features did not impact DER-based grid control systems but improved the cybersecurity posture of the network when implemented appropriately.

Authors:
 [1];  [1];  [1];  [1];  [1];  [1]
  1. Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Publication Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE Office of Energy Efficiency and Renewable Energy (EERE), Renewable Power Office. Solar Energy Technologies Office; USDOE National Nuclear Security Administration (NNSA)
OSTI Identifier:
1618097
Report Number(s):
SAND-2019-3168J
Journal ID: ISSN 2398-3396; 673642
Grant/Contract Number:  
AC04-94AL85000; NA0003525
Resource Type:
Accepted Manuscript
Journal Name:
IET Cyber-Physical Systems: Theory & Applications
Additional Journal Information:
Journal Volume: 5; Journal Issue: 3; Journal ID: ISSN 2398-3396
Publisher:
Institution of Engineering and Technology (IET)
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING; Distributed energy resources; cybersecurity; network security; co-simulation; red teaming; moving target defence

Citation Formats

Johnson, Jay Tillay, Onunkwo, Ifeoma, Codeiro, Patricia, Wright, Brian, Jacobs, Nicholas, and Lai, Christine. Assessing DER Network Cybersecurity Defences in a Power-Communication Co-Simulation Environment. United States: N. p., 2020. Web. doi:10.1049/iet-cps.2019.0084.
Johnson, Jay Tillay, Onunkwo, Ifeoma, Codeiro, Patricia, Wright, Brian, Jacobs, Nicholas, & Lai, Christine. Assessing DER Network Cybersecurity Defences in a Power-Communication Co-Simulation Environment. United States. https://doi.org/10.1049/iet-cps.2019.0084
Johnson, Jay Tillay, Onunkwo, Ifeoma, Codeiro, Patricia, Wright, Brian, Jacobs, Nicholas, and Lai, Christine. Tue . "Assessing DER Network Cybersecurity Defences in a Power-Communication Co-Simulation Environment". United States. https://doi.org/10.1049/iet-cps.2019.0084. https://www.osti.gov/servlets/purl/1618097.
@article{osti_1618097,
title = {Assessing DER Network Cybersecurity Defences in a Power-Communication Co-Simulation Environment},
author = {Johnson, Jay Tillay and Onunkwo, Ifeoma and Codeiro, Patricia and Wright, Brian and Jacobs, Nicholas and Lai, Christine},
abstractNote = {Increasing penetrations of interoperable distributed energy resources (DER) in the electric power system are expanding the power system attack surface. Maloperation or malicious control of DER equipment can now cause substantial disturbances to grid operations. Fortunately, many options exist to defend and limit adversary impact on these newly-created DER communication networks, which typically traverse the public internet. However, implementing these security features will increase communication latency, thereby adversely impacting real-time DER grid support service effectiveness. In this work, a collection of software tools called SCEPTRE were used to create a co-simulation environment where SunSpec-compliant PV inverters were deployed as virtual machines and interconnected to simulated communication network equipment. Network segmentation, encryption, and moving target defence security features were deployed on the control network to evaluate their influence on cybersecurity metrics and power system performance. The results indicated that adding these security features did not impact DER-based grid control systems but improved the cybersecurity posture of the network when implemented appropriately.},
doi = {10.1049/iet-cps.2019.0084},
journal = {IET Cyber-Physical Systems: Theory & Applications},
number = 3,
volume = 5,
place = {United States},
year = {Tue Mar 17 00:00:00 EDT 2020},
month = {Tue Mar 17 00:00:00 EDT 2020}
}