Cryptography Considerations for Distributed Energy Resource Systems

Flora, Lai, Christine; Cordeiro, Patricia; Hasandka, Adarsh; Jacobs, Nicholas; Hossain-McKenzie, Shamina; Jose, Deepu; Saleem, Danish; Martin, Maurice

doi:10.1109/peci.2019.8698907

Cited by 7 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The defense methods for DERs can be categorized into hardware-based and software-based methods. The hardwarebased methods utilize the hardware components, such as trusted execution environments (TEEs) [12], cryptography module [13], and device statistical features [14]. Nevertheless, the hardware-based methods have limitations due to poor scalability and less administrative control over DERs.…”

Section: B Der Cybersecuritymentioning

confidence: 99%

Fairness-Guaranteed DER Coordination Under False Data Injection Attacks

Hu,

Xian,

Jin

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

The development of the Internet of Energy (IoE) is facilitated by the integration of information technology and the growing utilization of distributed energy resources (DERs). The usage of DERs, particularly photovoltaic systems and battery energy storage systems, in IoE has revealed the potential for DERs to be leveraged for grid control. To encourage DER owners to participate in grid management, grid operators must coordinate DERs with guaranteed fairness. However, the fairness of DER coordination is now endangered due to the growing concerns about cyber attacks on DERs. This paper considers false data injection attacks (FDIAs), where attackers can tamper with measurements sent to the grid operator. We study the impact of FDIAs on the fairness of the DER coordination and develop an algorithm that guarantees fairness in the presence of FDIAs. DER coordination is formulated as an optimal power flow problem that reduces voltage fluctuations and attack impacts, increases DER revenues, and ensures system-wide fairness. To achieve fair DER coordination, we propose an analog definition of fairness for different DER types and incorporate the fairness measures into DER coordination. Additionally, a robust Least Absolute Shrinkage and Selection Operator regularizer is designed to forecast the actual values of fraudulent measurements and mitigate the attack's impacts. Using a distribution feeder from the Southern California Edison system, we demonstrate the effectiveness of the proposed approach: fairness is assured both with and without attacks. Additionally, the proposed algorithm's efficiency is justified by an average execution time of 2.56s.

show abstract

Section: B Der Cybersecuritymentioning

confidence: 99%

Fairness-Guaranteed DER Coordination Under False Data Injection Attacks

Hu,

Xian,

Jin

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

“…Recently, several research works addressed the different security aspects of CPS: the different CPS security goals were listed and discussed in Chen [12] , Miller and Valasek [13] , Bou-Harb [14] , Sklavos and Zaharakis [15] ; maintaining CPS security was presented in Humayed et al [16] ; CPS security challenges and issues were presented in Yoo and Shon [17] , Alguliyev et al [18] ; some of the security issues were reviewed, including big data security [19,20] , IoT storage issues [21] , and Operating System vulnerabilities [22] ; several security and privacy solutions using cryptographic algorithms and protocols were discussed in Kocabas et al [23] , Lai et al [24] . However, none of the existing works presented a comprehensive view of CPS security in terms of threats, vulnerabilities, and attacks based on the targeted domain (cyber, physical, or hybrid).…”

Section: Related Workmentioning

confidence: 99%

“…In [23] Kocabas et al conducted their own survey which was dedicated to conventional and emerging encryption schemes which could be employed to offer secure data storage and sharing. In [24] , Lai et al reviewed and discussed prominent cryptographic authentication and encryption methods [275] to secure Distributed Energy Resources (DER) systems, while providing recommendations on applying cryptography to DER systems. In [276] , Ding et al presented an overview of recent advances on security control and attack detection of industrial CPS, especially against denial-ofservice, replay, and deception attacks.…”

Section: Cryptographic-based Solutionsmentioning

confidence: 99%

Cyber-physical systems security: Limitations, issues and future trends

Yaacoub

Salman

Noura

et al. 2020

Microprocessors and Microsystems

295

102

View full text Add to dashboard Cite

“…The report presents and discusses different types of cryptography algorithms, including symmetric encryption algorithms with different cypher block operation modes. Additionally, the report assesses the requirements from the SunSpec Common Smart Inverter Profile, California Rule 21, and IEEE 2030.5 for prioritizing functionalities within the Module-OT device (Jacobs et al 2019;Lai et al 2019).…”

Section: Practical Considerations Of Cryptography In Distributed Ener...mentioning

confidence: 99%

Modular Security Apparatus for Managing Distributed Cryptography for Command-and-Control Messages on Operational Technology Networks (Module-OT)

Saleem

Granda

Touhiduzzaman

et al. 2022

Self Cite

View full text Add to dashboard Cite

Modern energy systems are characterized by a shift toward diverse and distributed technologies-a blend of new and legacy energy resources interconnected by data and control networks. Increased interconnectivity improves communications and flexibility on the electric power system, but its effect on cybersecurity can pose challenges. More connections can create more options for cyberattacks, and many cybersecurity standards for devices are either outdated, unenforced, or simply nonexistent for some legacy devices. Such circumstances can leave energy systems unprotected, and a successful cyberattack on even one device-e.g., a photovoltaic (PV) inverter, electric vehicle charger, or an energy storage device-could potentially propagate to other connection points across a utility's network. As the electric power industry continues to adapt standards to include modern cybersecurity practices, the U.S. Department of Energy Office of Cybersecurity, Energy Security, and Emergency Response awarded funding to the National Renewable Energy Laboratory (NREL) and Sandia National Laboratories (Sandia) to develop a solution that protects distributed energy resources (DERs) and to advance the state of the art for modern cybersecurity. The project partners include the Public Service Company of New Mexico (PNM) and Yaskawa Solectria Solar (Solectria).This report describes a demonstrated solution to improve the overall cybersecurity posture of legacy and future DER systems without disrupting the existing infrastructure. The goal of the research was to develop a novel and cost-effective technology securing distributed communications across utility-owned DER systems. To achieve this, our approach was to design a flexible and lightweight cryptographic module for grid-edge devices focusing on end-to-end encryption. This provides integrity to the command-and-control messages in transit to and from DERs mitigating cyber threats, such as man-in-the-middle, and securing DER communications to the electric grid.The Modular Security Apparatus for Managing Distributed Cryptography for Command-and-Control Messages on Operational Technology Networks (Module-OT) (Hupp et al. 2020) improves the cybersecurity posture of DER systems in a holistic way by providing authentication, authorization, and data integrity to secure DER communications. Additionally, it performs key management, provides data security through whitelisting Internet Protocol addresses and ports, blocks unauthorized connections, controls user access, and allows serial or Ethernet connections for added flexibility. The core software is portable to various Linux-based operating systems and is developed to be customized by the developer and researcher communities. Module-OT is open source and available via GitHub to encourage active development and deployment.The development of Module-OT involved a comprehensive survey of existing cybersecurity and interoperability standards as well as a stakeholder workshop. Industry feedback came from a mix of utilities and technology vendors in addit...

show abstract

Cryptography Considerations for Distributed Energy Resource Systems

Cited by 7 publications

References 8 publications

Fairness-Guaranteed DER Coordination Under False Data Injection Attacks

Fairness-Guaranteed DER Coordination Under False Data Injection Attacks

Cyber-physical systems security: Limitations, issues and future trends

Modular Security Apparatus for Managing Distributed Cryptography for Command-and-Control Messages on Operational Technology Networks (Module-OT)

Contact Info

Product

Resources

About