DERs Face Increasing Cybersecurity Challenges

According to North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards, the mandatory cybersecurity standards for bulk power systems apply to various NERC entities — different categories of electric utilities — such as generation owners and operators,...

Full description

Saved in:
Bibliographic Details
Published inTransmission & Distribution World
Main Author Suh-Lee, Candace
Format Journal Article Trade Publication Article
LanguageEnglish
Published Nashville Endeavor Business Media 03.01.2018
Subjects
Collaboration
Computer science
Confidentiality
Cybersecurity
Cyberterrorism
Data encryption
Data integrity
Data security
Electric power
Electric power supply
Electric power transmission
Electric utilities
Electricity distribution
Electricity generation
Embedded systems
Energy industry
Homeowners
Information technology
Internet
Power lines
Privacy
Public Key Infrastructure
R&D
Research & development
Research centers
Security management
Online AccessGet full text

Cover

More Information
Summary:According to North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards, the mandatory cybersecurity standards for bulk power systems apply to various NERC entities — different categories of electric utilities — such as generation owners and operators, transmission owners and operators, distribution providers and balancing authorities. Ownership over power system assets gives a utility full control over the assets and cybersecurity controls associated with them. Because a utility generates revenue through operation of the assets and has full control over them, it is logical for the utility to have responsibility for the security of the assets. Or, is it the regulator’s responsibility to provide and enforce cybersecurity guidelines to all types of active market participants? [...]this is just one security concern regarding vulnerability management and patching. DERs’ exposure to cyber-physical risk occurs because their settings can be changed remotely, and, if settings change erroneously, it could cause some malfunction of the devices. [...]an attacker can carefully plan an attack by eavesdropping and analyzing the traffic for a sufficient time. The impact of DERs to overall grid operations is a subject of active investigation by many experts. [...]that information is available, it will be difficult to predict the impact a cyberattack could have on the reliability of the grid.
ISSN:1087-0849