TDi and its ConsoleWorks product, which manages privileged-user access and permissions, participated in the National Cybersecurity Center of Excellence (NCCoE) practice guide. The practice guide is available here along with the project fact sheet here.
The NCCoE, a part of the National Institute of Standards and Technology (NIST), has developed cybersecurity guidance that explores how information exchanges between commercial- and utility-scale distributed energy resources (DERs) and the electric distribution grid can be monitored, trusted, and protected.
“Securing DER communications and data will be vital to protecting the distribution grid,” NCCoE senior security engineer Jim McCarthy said. “This guide shows how several cybersecurity capabilities can be applied to enhance data integrity, protect distributed end points, and reduce the IIoT attack surface for DERs.”
As a collaborator, TDi worked with NIST’s NCCoE in their Securing Distributed Energy Resources project to develop practical, interoperable cybersecurity approaches that address real-world needs of distributed energy resource environments.
“NCCoE is the tip of the spear for this research. We want to learn from these experts and learn how our technology can be a part of that solution,” CEO of TDi Technologies Bill Johnson said. “Our goal is to support research activities in these industries and create efficiencies, while validating and learning additional challenges that take our product in directions resulting in more value to our customers.”
This practice guide aims to help organizations:
- Remotely monitor and control utility-owned and customer-managed DER assets
- Protect and trust data and communications traffic of grid-edge devices and networks
- Capture an immutable record of control actions across DERs
- Support secure edge-to-cloud data flows, visualization, and continuous intelligence
Challenges for Distributed Energy Resources Infrastructures
Small-scale DERs are growing rapidly and transforming the power grid. The distribution grid is becoming a multisource grid of interconnected devices and systems driven by two-way data communication and power flows.
These data and power flows often rely on IIoT technologies that are connected to wired and wireless networks, given a level of digital intelligence that allows them to be monitored and tracked, and share data on their status and communicate with other devices.
A distribution utility may need to remotely communicate with thousands of DERs—some of which may not even be owned or configured by the utility—to control the operating points and monitor the status of these devices. Many companies are not equipped to provide secure access to DERs and monitor and trust the rapidly growing amount of data coming from them or flowing into them.
Securing DER communications will be critical to maintain the reliability of the distribution grid. Any attack that can deny, disrupt, or tamper with DER communications could prevent a utility from performing necessary control commands and could diminish grid resiliency.
ConsoleWorks’ Continued collaboration with NIST’s NCCoE
This is TDi’s 10th collaboration with the NCCoE, having collaborated with the agency and other vendors frequently in the past to develop practice guides that aim to help organizations understand and tackle cybersecurity challenges with effective solutions.
TDi’s previous participation in September was for the NIST Special Publication 1800-10, Protecting Information and System Integrity in Industrial Control System Environments.