Assessing DER network cybersecurity defences in a power-communication co-simulation environment

Increasing penetrations of interoperable distributed energy resources (DER) in the electric power system are expanding the power system attack surface. Maloperation or malicious control of DER equipment can now cause substantial disturbances to grid operations. Fortunately, many options exist to def...

Full description

Saved in:
Bibliographic Details
Published inIET Cyber-Physical Systems: Theory & Applications Vol. 5; no. 3; pp. 274 - 282
Main Authors Johnson, Jay, Onunkwo, Ifeoma, Cordeiro, Patricia, Wright, Brian J, Jacobs, Nicholas, Lai, Christine
Format Journal Article
LanguageEnglish
Published Southampton The Institution of Engineering and Technology 01.09.2020
John Wiley & Sons, Inc
Wiley
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:Increasing penetrations of interoperable distributed energy resources (DER) in the electric power system are expanding the power system attack surface. Maloperation or malicious control of DER equipment can now cause substantial disturbances to grid operations. Fortunately, many options exist to defend and limit adversary impact on these newly-created DER communication networks, which typically traverse the public internet. However, implementing these security features will increase communication latency, thereby adversely impacting real-time DER grid support service effectiveness. In this work, a collection of software tools called SCEPTRE was used to create a co-simulation environment where SunSpec-compliant photovoltaic inverters were deployed as virtual machines and interconnected to simulated communication network equipment. Network segmentation, encryption, and moving target defence security features were deployed on the control network to evaluate their influence on cybersecurity metrics and power system performance. The results indicated that adding these security features did not impact DER-based grid control systems but improved the cybersecurity posture of the network when implemented appropriately.
ISSN:2398-3396
2398-3396
DOI:10.1049/iet-cps.2019.0084