13 Search Results

Open Charge Point Protocol (OCPP) 1.6 is widely used in the electric vehicle (EV) charging industry to communicate between Charging System Management Services (CSMSs) and Electric Vehicle Supply Equipment (EVSE). Unlike OCPP 2.0.1, OCPP 1.6 uses unencrypted websocket communications to exchange information between EVSE devices and an onpremise or cloud-based CSMS. In this work, we demonstrate two machine-in-the-middle (MITM) attacks on OCPP sessions to terminate charging sessions and gain root access to the EVSE equipment via remote code execution (RCE). Second, we demonstrate a malicious firmware update with a code injection payload to compromise an EVSE. Lastly, we demonstrate twomore » methods to prevent availability of the EVSE or CSMS. One of these, originally reported by SaiFlow, prevents traffic to legitimate EVSE equipment using a DoS-like attack on CSMSs by repeatedly connecting and authenticating several CPs with the same identities as the legitimate CP. These vulnerabilities were demonstrated with proof-of-concept exploits in a virtualized Cyber Range at Wright State University and/or with a 350 kW Direct Current Fast Charger (DCFC) at Idaho National Laboratory. The team found that OCPP 1.6 could be protected from these attacks by adding secure shell (SSH) tunnels to the protocol, if upgrading to OCPP 2.0.1 was not an option. Index Terms—Electric vehicle charging, cybersecurity, OCPP, cyberattack, cyber-resilience. INSPEC Accession Number: 23981565« less

In the near future, grid operators are expected to regularly use advanced distributed energy resource (DER) functions, defined in IEEE 1547-2018, to perform a range of grid-support operations. Many of these functions adjust the active and reactive power of the device through commanded or autonomous operating modes which induce new stresses on the power electronics components. In this work, an experimental and theoretical framework is introduced which couples laboratory-measured component stress with advanced inverter functionality and derives a reduction in useful lifetime based on an applicable reliability model. Multiple DER devices were instrumented to calculate the additional component stress undermore » multiple reactive power setpoints to estimate associated DER lifetime reductions. A clear increase in switch loss was demonstrated as a function of irradiance level and power factor. This is replicated in the system-level efficiency measurements, although magnitudes were different—suggesting other loss mechanisms exist. Using an approximate Arrhenius thermal model for the switches, the experimental data indicate a lifetime reduction of 1.5% when operating the inverter at 0.85 PF—compared to unity PF—assuming the DER failure mechanism thermally driven within the H-bridge. If other failure mechanisms are discovered for a set of power electronics devices, this testing and calculation framework can easily be tailored to those failure mechanisms.« less

Worldwide growth in electric vehicle use is prompting new installations of private and public electric vehicle supply equipment (EVSE). EVSE devices support the electrification of the transportation industry but also represent a linchpin for power systems and transportation infrastructures. Cybersecurity researchers have recently identified several vulnerabilities that exist in EVSE devices, communications to electric vehicles (EVs), and upstream services, such as EVSE vendor cloud services, third party systems, and grid operators. The potential impact of attacks on these systems stretches from localized, relatively minor effects to long-term national disruptions. Fortunately, there is a strong and expanding collection of information technologymore » (IT) and operational technology (OT) cybersecurity best practices that may be applied to the EVSE environment to secure this equipment. In this paper, we survey publicly disclosed EVSE vulnerabilities, the impact of EV charger cyberattacks, and proposed security protections for EV charging technologies.« less

Sandia National Laboratories and Idaho National Laboratory deployed state-of-the-art cybersecurity technologies within a virtualized, cyber-physical wind energy site to demonstrate their impact on security and resilience. This work was designed to better quantify cost-benefit tradeoffs and risk reductions when layering different security technologies on wind energy operational technology networks. Standardized step-by-step attack scenarios were drafted for adversaries with remote and local access to the wind network. Then, the team investigated the impact of encryption, access control, intrusion detection, security information and event management, and security, orchestration, automation, and response (SOAR) tools on multiple metrics, including physical impacts to the powermore » system and termination of the adversary kill chain. We found, once programmed, the intrusion detection systems could detect attacks and the SOAR system was able to effectively and autonomously quarantine the adversary, prior to power system impacts. Cyber and physical metrics indicated network and endpoint visibility were essential to provide human defenders situational awareness to maintain system resilience. Certain hardening technologies, like encryption, reduced adversary access, but recognition and response were also critical to maintain wind site operations. Lastly, a cost-benefit analysis was performed to estimate payback periods for deploying cybersecurity technologies based on projected breach costs.« less

Role-based access control (RBAC) is adopted in the information and communication technology domain for authentication purposes. However, due to a very large number of entities within organizational access control (AC) systems, static RBAC management can be inefficient, costly, and can lead to cybersecurity threats. In this paper, a novel hybrid RBAC model is proposed, based on the principles of offline deep reinforcement learning (RL) and Bayesian belief networks. The considered framework utilizes a fully offline RL agent, which models the behavioral history of users as a Bayesian belief-based trust indicator. Thus, the initial static RBAC policy is improved in amore » dynamic manner through off-policy learning while guaranteeing compliance of the internal users with the security rules of the system. By deploying our implementation within the smart grid domain and specifically within a Distributed Energy Resources (DER) ecosystem, we provide an end-to-end proof of concept of our model. Finally, detailed analysis and evaluation regarding the offline training phase of the RL agent are provided, while the online deployment of the hybrid RL-based RBAC model into the DER ecosystem highlights its key operation features and salient benefits over traditional RBAC models.« less

As more countries seek solutions to their de-carbonization targets using renewable energy (RE) technologies, interconnection standards and national grid codes for distributed energy resources (DER) are being updated to support higher penetrations of RE and improve grid stability. Common grid-code revisions mandate DER devices, such as solar inverters and energy storage systems, ride-through (RT) voltage and frequency disturbances. This is necessary because as the percentage of generation from DER increases, there is a greater risk power system faults will cause many or all DER to trip, triggering a substantial load-generation imbalance and possible cascading blackout. This paper demonstrates for themore » first time a methodology to verify commercial DER devices are compliant to new voltage, frequency, and rate of change of frequency (ROCOF) RT requirements established in IEEE Std. 1547-2018. The methodology incorporates a software automation tool, called the SunSpec System Validation Platform (SVP), in combination with a hardware-in-the-loop (HIL) system to execute the IEEE Std. 1547.1-2020 RT test protocols. In this paper, the approach is validated with two commercial photovoltaic inverters, the test results are analyzed for compliance, and improvements to the test procedure are suggested.« less

The American distributed energy resource (DER) interconnection standard, IEEE Std. 1547, was updated in 2018 to include standardized interoperability functionality. As state regulators begin ratifying these requirements, all DER—such as photovoltaic (PV) inverters, energy storage systems (ESSs), and synchronous generators—in those jurisdictions must include a standardized SunSpec Modbus, IEEE 2030.5, or IEEE 1815 (DNP3) communication interface. Utilities and authorized third parties will interact with these DER interfaces to read nameplate information, power measurements, and alarms as well as configure the DER settings and grid-support functionality. In 2020, the certification standard IEEE 1547.1 was revised with test procedures for evaluating themore » IEEE 1547-2018 interoperability requirements. In this work, we present an open-source framework to evaluate DER interoperability. To demonstrate this capability, we used four test devices: a SunSpec DER Simulator with a SunSpec Modbus interface, an EPRI-developed DER simulator with an IEEE 1815 interface, a Kitu Systems DER simulator with an IEEE 2030.5 interface, and an EPRI IEEE 2030.5-to-Modbus converter. By making this test platform openly available, DER vendors can validate their implementations, utilities can spot check communications to DER equipment, certification laboratories can conduct type testing, and research institutions can more easily research DER interoperability and cybersecurity. We indicate several limitations and ambiguities in the communication protocols, information models, and the IEEE 1547.1-2020 test protocol which were exposed in these evaluations in anticipation that the standards-development organizations will address these issues in the future.« less

Real-time state estimation using a digital twin can overcome the lack of in-field measurements inside an electric feeder to optimize grid services provided by distributed energy resources (DERs). Optimal reactive power control of DERs can be used to mitigate distribution system voltage violations caused by increased penetrations of photovoltaic (PV) systems. In this work, a new technology called the Programmable Distribution Resource Open Management Optimization System (ProDROMOS) issued optimized DER reactive power setpoints based-on results from a particle swarm optimization (PSO) algorithm wrapped around OpenDSS time-series feeder simulations. This paper demonstrates the use of the ProDROMOS in a RT simulatedmore » environment using a power hardware-in-the-loop PV inverter and in a field demonstration, using a 678 kW PV system in Grafton (MA, USA). The primary contribution of the work is demonstrating a RT digital twin effectively provides state estimation pseudo-measurements that can be used to optimize DER operations for distribution voltage regulation.« less

Grid operators are now considering using distributed energy resources (DERs) to provide distribution voltage regulation rather than installing costly voltage regulation hardware. DER devices include multiple adjustable reactive power control functions, so grid operators have the difficult decision of selecting the best operating mode and settings for the DER. In this work, we develop a novel state estimation-based particle swarm optimization (PSO) for distribution voltage regulation using DER-reactive power setpoints and establish a methodology to validate and compare it against alternative DER control technologies (volt–VAR (VV), extremum seeking control (ESC)) in increasingly higher fidelity environments. Distribution system real-time simulations withmore » virtualized and power hardware-in-the-loop (PHIL)-interfaced DER equipment were run to evaluate the implementations and select the best voltage regulation technique. Each method improved the distribution system voltage profile; VV did not reach the global optimum but the PSO and ESC methods optimized the reactive power contributions of multiple DER devices to approach the optimal solution.« less

Extensive deployment of interoperable distributed energy resources (DER) is increasing the power system cyber security attack surface. National and jurisdictional interconnection standards require DER to include a range of autonomous and commanded grid-support functions, which can drastically influence power quality, voltage, and bulk system frequency. Here, the authors investigate the impact to the cyber-physical power system in scenarios where communications and operations of DER are controlled by an adversary. The findings show that each grid-support function exposes the power system to distinct types and magnitudes of risk. The physical impact from cyber actions was analysed in cases of DER providingmore » distribution system voltage regulation and transmission system support. Finally, recommendations are presented for minimising the risk using engineered parameter limits and segmenting the control network to minimise common-mode vulnerabilities.« less