Securing a grid with high distributed energy resource (DER) penetration will require a multi–faceted approach. Security must be addressed at every level—from components to high–level system architecture. For this project, researchers with the cybersecurity and resilience group are developing the holistic Distributed Energy Resource Cybersecurity Framework (DERCF), a tool designed to evaluate the cybersecurity posture of federal sites that already employ DER systems or plan to implement DER as a source of energy for day–to–day operations.
The DERCF tool will focus on DER in the following example categories:
- Solar photovoltaic generation;
- Wind turbine generation;
- Electric Vehicles charging stations; and
- Electrical battery storage.
Facility managers, designers, planners, and operators from federal facilities and industry will make use of the DERCF tool through a web–based application. The web application will present users with questions regarding security controls and practices pertaining to their DER use and application. Topics covered by these questions will include DER security controls and practices in the following categories: cyber governance (business process), cyber–physical technical management, and physical security.
The DERCF web application will draw from a user's responses to generate a score that indicates the current state of DER cybersecurity and prioritize recommended improvements. Input, calculation, presentation, and storage of this data through the web application will be handled securely in compliance with the National Institute of Standards Technology standard 800-53.
Tami Reynolds, Project Leader, National Renewable Energy Laboratory (NREL) Read Bio
Tami Reynolds is a project leader at the National Renewable Energy Laboratory (NREL). She is the laboratory lead for NREL's Federal Energy Management Program's (FEMP) cybersecurity program. She has led the cybersecurity assessment work at NREL since 2016. Her background is in business, and she is the program controller for the Energy Security and Resilience center.
Upon completion of this workshop, attendees will understand how:
- The benefit of using DERCF to assess cybersecurity at a federal site;
- The resources used for the development of the DERCF tool;
- How to use the interactive DERCF tool; and
- How to read the scoring system and retrieve reports from the DERCF tool.