Figure 1 - uploaded by Jay Johnson
Content may be subject to copyright.
Source publication
Cybersecurity for internet-connected Distributed Energy Resources (DER) is essential for the safe and reliable operation of the US power system. Many facets of DER cybersecurity are currently being investigated within different standards development organizations, research communities, and industry committees to address this critical need. This rep...
Citations
... Smart Inverter Profile (CSIP) clients and servers using Authorized Test Laboratories for years, but is now in the process of rolling out a SunSpec DER Cybersecurity Certification program. This is a multi-staged certification program for DER equipment based on requirements from several source documents, including IEEE P2030.5 and Sandia DER cybersecurity recommendations [60,61]. Level 1 testing is anticipated to begin with ATLs in 2024. ...
There is increasing industry interest and government pressure to establish cybersecurity certification for Distributed Energy Resources (DER), such as solar inverters, energy storage systems, bidirectional electric vehicle chargers, and engine-generators. The challenge with device cybersecurity certification programs is that they need to accurately evaluate the security postures of a wide range of product software and hardware architectures, logical and physical interfaces, and fielded implementation use cases. Several device certification programs already exist for product security-for instance ISA/IEC 62443, ISO 27017, and UL 2900 series-but these are not tailored to DER operations, interfaces, or systems. As a result, several organizations are working to establish a set of cybersecurity requirements and certification test protocols tailored to the DER industry. In this report, we review DER certification programs, cybersecurity device and cloud testing programs, and pathways to create a DER cybersecurity certification test procedure. Certification is anticipated to be done on a voluntary vendor basis to start, but certifications could be required at a national, state, or other jurisdictional level in the future.
... It applies when there is a requirement for more than one person to complete a task [67] . • Symmetric This is the highest level of RBAC deployment and has all the requirements of Constrained RBAC along with a feature of support for permission-role review [68] . • Temporal This extends the RBAC model and supports the enabling and disabling of roles [69] . ...
Access Control is a crucial defence mechanism organizations can deploy to meet modern cybersecurity needs and legal compliance with data privacy. The aim is to prevent unauthorized users and systems from accessing protected resources in a way that exceeds their permissions. The present survey aims to summarize state-of-the-art Access Control techniques, presenting recent research trends in this area. Moreover, as the cyber-attack landscape and zero-trust networking challenges require organizations to consider their Information Security management strategies carefully, in this study, we present a review of contemporary Access Control techniques and technologies being discussed in the literature and the various innovations and evolution of the technology. We also discuss adopting and applying different Access Control techniques and technologies in four upcoming and crucial domains: Cloud Computing, Blockchain, the Internet of Things, and Software-Defined Networking. Finally, we discuss the business adoption strategies for Access Control and how the technology can be integrated into a cybersecurity and network architecture strategy.
... Core cybersecurity principles embedded in traditional large generating plant Supervisory Control and Data Acquisition (SCADA) control networks must be accomplished in new ways in the case of DER, as the underlying communication architectures are different [29]. Specifically, there are multiple entities within the non-federated DER ecosystem with varying roles and responsibilities, each needing specific levels of access to DER data and/or control modes [30]. For instance, DER vendors will likely push firmware updates and may advise maintenance schedules by monitoring operations; grid operators need to change the operating modes of the DER equipment, but DER owners only need access to a subset of operational data like solar generation power and DER status. ...
... To the best of our knowledge, this is the first research work in which an RBAC model is implemented and evaluated for the DER environment to selectively provide access to users to the equipment control settings or data. Prior work by the SunSpec/Sandia DER Cybersecurity Workgroup concluded that RBAC was a natural design choice for the DER AC ecosystem because there are distinct roles for the users based on their operational responsibilities defined by their job position and company of employment [30]. We introduce two fullstack, end-to-end, Proof of Concepts (PoCs) that provide ecosystem-wide authorization mechanisms. ...
... Based on these roles, each user acquires the corresponding set of permissions, which can be described as read/write operations to the registers of the DER devices with respect to the DER communication protocols. For example, a user is assigned to the Aggregator role and has direct read/write access permissions to the DER Modbus registers, IEEE 1815 analog and binary outputs, or IEEE 2030.5 server on the DER vendor portal to provide grid services to the utility [30]. Figure 2 shows the considered RBAC model. ...
A global transition to power grids with high penetrations of renewable energy generation is being driven in part by rapid installations of distributed energy resources (DER). New DER equipment includes standardized IEEE 1547-2018 communication interfaces and proprietary communications capabilities. Interoperable DER provides new monitoring and control capabilities. The existence of multiple entities with different roles and responsibilities within the DER ecosystem makes the Access Control (AC) mechanism necessary. In this paper, we introduce and compare two novel architectures, which provide a Role-Based Access Control (RBAC) service to the DER ecosystem’s entities. Selecting an appropriate RBAC technology is important for the RBAC administrator and users who request DER access authorization. The first architecture is centralized, based on the OpenLDAP, an open source implementation of the Lightweight Directory Access Protocol (LDAP). The second approach is decentralized, based on a private Ethereum blockchain test network, where the RBAC model is stored and efficiently retrieved via the utilization of a single Smart Contract. We have implemented two end-to-end Proofs-of-Concept (PoC), respectively, to offer the RBAC service to the DER entities as web applications. Finally, an evaluation of the two approaches is presented, highlighting the key speed, cost, usability, and security features.
... These distributed, internet-connected energy devices are vital for power system operations without being subject to utility cybersecurity requirements of larger penetration plants, like those defined in the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards [28]. However, creating and proposing DER security recommendations is challenging, since there is a large number of entities needing different levels of access to DER data and/or DER control modes [29]. Thus, the need to establish a robust and dynamic RBAC management policy to ensure security and compliance is of paramount importance. ...
... , u, . . . , |U|}, e.g., DER owners, vendor personnel, etc. [29]. The object set O = {1, . . . ...
Role-based access control (RBAC) is adopted in the information and communication technology domain for authentication purposes. However, due to a very large number of entities within organizational access control (AC) systems, static RBAC management can be inefficient, costly, and can lead to cybersecurity threats. In this article, a novel hybrid RBAC model is proposed, based on the principles of offline deep reinforcement learning (RL) and Bayesian belief networks. The considered framework utilizes a fully offline RL agent, which models the behavioral history of users as a Bayesian belief-based trust indicator. Thus, the initial static RBAC policy is improved in a dynamic manner through off-policy learning while guaranteeing compliance of the internal users with the security rules of the system. By deploying our implementation within the smart grid domain and specifically within a Distributed Energy Resources (DER) ecosystem, we provide an end-to-end proof of concept of our model. Finally, detailed analysis and evaluation regarding the offline training phase of the RL agent are provided, while the online deployment of the hybrid RL-based RBAC model into the DER ecosystem highlights its key operation features and salient benefits over traditional RBAC models.
... Those systems fall under the DER class, however, might be owned by smaller organizations that cannot support specialized cybersecurity functions or even by end consumers. Therefore, those systems are not subject to the same rigorous cybersecurity requirements of utility-scale BESS [69]. ...
... RBAC has been advocated as an appropriate solution for DER applications [69]. RBAC is a popular method in complex organizations where assigning permissions for each system user individually is a labor-intensive process. ...
... The underlying idea of RBAC is that the need to access or modify information depends on the function each user needs to perform in the systems [216]. The same access control policy has been used in IEC's family of standards for securing power system communications (IEC 62351-8) [69]. ...
This paper presents a literature review on current practices and trends on cyberphysical security of grid-connected battery energy storage systems (BESSs). Energy storage is critical to the operation of Smart Grids powered by intermittent renewable energy resources. To achieve this goal, utility-scale and consumer-scale BESS will have to be fully integrated into power systems operations, providing ancillary services and performing functions to improve grid reliability, balance power and demand, among others. This vision of the future power grid will only become a reality if BESS are able to operate in a coordinated way with other grid entities, thus requiring significant communication capabilities. The pervasive networking infrastructure necessary to fully leverage the potential of storage increases the attack surface for cyberthreats, and the unique characteristics of battery systems pose challenges for cyberphysical security. This paper discusses a number of such threats, their associated attack vectors, detection methods, protective measures, research gaps in the literature and future research trends.
... For reasons such as multiparty contractual policies and mitigating single points of failure, many real-world systems require a joint decision-making process where multiple parties are involved. For example, for grid-connected distributed energy resources (DER) systems, the conventional way of having single proprietary connections to secure grid assets will no longer be sufficient due to the business model change [12,27]. Instead, smart devices like solar inverters will have multiple parties, including customers, manufacturers, grid operators, who need to access and send remote commands, often over the public Internet. ...
... Recently, Named Data Networking (NDN) [29] started being explored to provide secure networking support for DER systems. The diversity and number of stakeholders and DER service provider business models [12] require a multiparty trust model with expressive and flexible trust policies. While NDN has developed supporting mechanisms to secure producer-consumer communications by using crypto signature schemes such as RSA and ECDSA, there is no existing work on multiparty authentication and authorization support. ...
Modern digitally controlled systems require multiparty authentication and authorization to meet the desired security requirement. This paper describes the design and development of NDN-MPS, an automated solution to support multiparty signature signing and verification for NDN-enabled applications. NDN-MPS suggests several changes and extensions to the existing NDN security solutions. First, it introduces a new type of trust schema to support signing and verification for multiple signers under complex policies such as threshold schemes. Second, it extends the NDN signature format to accommodate multisignature schemes such as BLS signature. Third, it introduces a signature collection protocol to solicit signatures securely from multiple signers. We further evaluate NDN-MPS by assessing its security properties and measuring its performance.
