Solar panels, wind turbines and energy storage are gradually transforming the way in which energy is generated and distributed across millions of homes, businesses and industries in America. These distributed energy resources (DERs) use electronics like smart inverters to convert power and are often equipped with communication capabilities to communicate with each other or with a control center. Yet this presents opportunities for cyber attacks that could become real threats to the electric power system as distributed systems integrate more with the grid.

Cybersecurity and systems experts at the U.S Department of Energy’s (DOE) Argonne National Laboratory are developing ways to protect power systems from these threats before they can occur. Their work is providing utilities a framework for evaluating their power systems for vulnerabilities to cyber attack, as well as strategies for preventing, detecting and responding to them.

“Argonne’s cyber solutions will ultimately strengthen America’s cyber infrastructure so that it is better protected and equipped to meet the transformational changes that are rapidly underway.” — Argonne cyber expert and principal distribution engineer Ravindra Singh

“As a National Laboratory, we have a responsibility to identify threats and propose solutions to protect the U.S. grid infrastructure from any type of threat, among the most ominous being cyber attacks,” said Ravindra Singh, a cyber expert and principal distribution engineer at Argonne. ​“Because distributed generation from renewable energy resources is growing as a replacement for central generation, solutions must be found for minimizing the risks of cyber attacks for their large-scale integration into the grid.”

How the power system is evolving

Before distributed energy resources became a significant source of generation, power flowed in one direction — from central power plants to transmission lines down to distribution networks and finally consumers. As DER technologies emerge, this dynamic is changing entirely, by giving consumers the ability to both generate, store and consume power locally.

As DERs spread, the devices that control them need to communicate and connect with the larger grid in order to safely and reliably manage voltage and frequency stability. This greater connectivity and communications introduces added vulnerabilities.

“Using distributed resources on a large scale adds risk due to the large number of devices and access points they introduce,” Singh observes.

Without systems constructed to protect, monitor and control grid components, attacks on distributed devices like smart inverters could potentially destabilize larger grid operations and in extreme cases, cause large-scale blackouts.

How Argonne is preparing systems for the future

Singh and his colleagues are developing best practices, standards, and safeguards to enhance the grid’s security and resilience against the cyber threats that may emerge from integrating distributed technologies. They’re starting by focusing on renewables, DERs, and smart inverter systems and developing a holistic cybersecurity framework to:

• Analyze the physical and cyber structure of a power system with high penetration of DER
• Identify scenarios by which DERs may be attacked and develop methodologies for analyzing the power system’s resiliency to these attacks
• Create attack prevention, detection, and response measures specifically designed for DERs
• Validate and verify their methods using real-world input

The approach taken by Singh and his team is ​“from the bottom-up,” meaning that the researchers are focusing their efforts on the distribution side of the power system and customer sites. Researchers are modeling cyber attacks targeting DERs in order to analyze how power systems react to them and identify ways of making them more resilient. They are also modeling power distribution networks, including customer-owned solar panels, and connecting these with bulk electric system models.

The ultimate objective is to create methods and tools for use by distribution utilities that are integrating increasing amounts of renewables into their portfolio, and bulk power companies concerned about maintaining reliable service to customers.

“Argonne’s cyber solutions will ultimately strengthen America’s cyber infrastructure so that it is better protected and equipped to meet the transformational changes that are rapidly underway,” Singh concludes.

The research is funded by DOE’s Office of Electricity; Office of Energy Efficiency and Renewable Energy (EERE); and Office of Cybersecurity, Energy Security, and Emergency Response (CESER).

This work is being done in partnership with Washington State University and the Electric Power Research Institute. The project is supported by DOE’s Grid Modernization Initiative, an initiative primarily funded by the DOE’s Office of Electricity and Office of Energy Efficiency and Renewable Energy. It is also supported by DOE’s Office of Cybersecurity, Energy Security, and Emergency Response.