Validating NREL’s Cybersecurity Framework for Distributed Energy

February 15, 2016 by Jeff Shepard

ViaSat Inc.has successfully completed vulnerability assessment, penetration testing and secure network implementation for the U.S. Department of Energy's National Renewable Energy Laboratory (NREL) distribution grid management (DGM) system test bed that is being used to develop an end-to-end empirically validated cybersecurity architecture for smart grid applications.

NREL performs research in different types of renewable energy and other Distributed Energy Resources (DER) to learn how these energy resources can be reliably and securely integrated to the electric grid at the transmission, distribution and end-use levels. With support from ViaSat and a select group of partners, NREL set out to develop an end-to-end cybersecurity architecture for a distribution system with DER.

To accomplish this, NREL created an end-to-end DGM system test bed capable of emulating a variety of power systems, use cases involving core distribution system assets and DER assets. ViaSat thoroughly tested, assessed and helped improve the cybersecurity of the DGM system through stringent penetration tests, which initially exposed a critical operational technology vulnerability that could be used to disrupt power delivery in a real-world scenario.

Prior to a second penetration test, ViaSat assisted NREL by hardening the test bed. These improvements increased the overall security posture of the DGM 2.0 network, which proved capable of withstanding multiple exploits through successive layers of security, keeping the critical energy control system assets protected.

"The introduction of new technologies like smart meters and renewable energy resources requires the energy grid to move from a centralized architecture to one that is highly distributed, ultimately creating new security vulnerabilities," said Jerry Goodwin, chief operating officer, Government Systems Division, ViaSat. "For the past 20 years we've helped the Department of Defense transition from a stove-piped security architecture to a secure networked battlefield, and that experience has proved extremely valuable in helping NREL establish best practices for securing distributed energy systems."

"We are working to address the need to create an action plan that U.S. energy utilities can implement to make our Nation's distributed energy infrastructure more resilient to cyber-attacks," said Dr. Erfan Ibrahim, director of the Cyber Physical Systems Security and Resilience Center, under NREL's Energy Systems Integration Directorate. "Individual energy utilities can use the empirically validated cybersecurity specifications developed through this partnership to improve distribution system resiliency and better protect against internal and external cybersecurity threats of any level of severity."