Control systems for critical infrastructure are becoming increasingly interconnected while cyber threats against critical infrastructure are becoming more sophisticated and difficult to defend against. Historically, cyber security has emphasized building defenses to prevent loss of confidentiality, integrity, and availability in digital information and systems, but in recent years cyber attacks have demonstrated that no system is impenetrable and that control system operation may be detrimentally impacted. Cyber resilience has emerged as a complementary priority that seeks to ensure that digital systems can maintain essential performance levels, even while capabilities are degraded by a cyber attack. This paper examines how cyber security and cyber resilience may be measured and quantified in a control system environment. Load Frequency Control is used as an illustrative example to demonstrate how cyber attacks may be represented within mathematical models of control systems, to demonstrate how these events may be quantitatively measured in terms of cyber security or cyber resilience, and the differences and similarities between the two mindsets. These results demonstrate how various metrics are applied, the extent of their usability, and how it is important to analyze cyber-physical systems in a comprehensive manner that accounts for all the various parts of the system.
In designing a security module for inverter communications in a DER environment, it is critical to consider the impact of the additional security on the environment as well as what types of security is required for the various messages that must pass from the inverter to and from a utility. Also, since cyber security is more than just preventing an unauthorized user from viewing data, mechanisms for proving identity and ensuring that data cannot be altered without such a modification being discovered are needed. This is where the security principles of confidentiality, integrity, and availability come into play. For different types of communications, these different security principles may be important or not needed at all. Furthermore, the cost and constraints for applying cryptography for securing DER communications must be considered to help determine what is feasible within this environment and what will be the impact and cost of applying common cryptographic protections to inverter communications.
Penetration of distributed energy resources (DERs) is rapidly increasing in the bulk power system (BPS); they are growing to be a significant portion of generation. As such, grid-support capabilities are being developed and implemented; IEEE Std. 1547 mandates new interconnection and interoperability standards to achieve these capabilities and allow remote users to change behaviors to many devices. However, as their presence increases, the impact of DERs on the BPS also increases. Therefore, if a disturbance occurs in the DER system, its effects could propagate throughout the BPS. These disturbances could range from equipment malfunctions to resource variability to cyber attacks. This document will discuss general requirements needed for developing a distributed cryptography module for implementation in DER systems. First, we will examine the composition of DER systems in Section 2. Procedures to identify critical assets and the security of DERs is discussed in Section 3. Section 4 introduces cryptography concepts and Section 5 discusses implementation needs and options. Finally, practical considerations are provided in Section 6 and conclusions are provided in Section 7.
Penetration of distributed energy resources (DERs) is rapidly increasing in the bulk power system (BPS); they are growing to be a significant portion of generation. As such, grid-support capabilities are being developed and implemented. However, as their presence increases, the impact of DERs on the BPS also increases. Therefore, if a disturbance occurs in the DER system, its effects could propagate throughout the BPS. These disturbances could range from equipment malfunctions to resource variability to cyber attacks.