Attack Vectors On Distributed Energy Resources (DER)

Stage 2

Distributed Energy Resources (DERs) are changing how the grid functions. Consumers are integrating more IoT (including high wattage). This session provides granular modeling of how these two new factors can be targeted/leveraged in tandem to cause the “worst bad” attack scenario.

In the past decade, adoption of DERs, such as solar power, have significantly increased in the United States. These DERs have begun to fundamentally alter the fabric of the national power grid, which previously remained largely unchanged since its original creation. In addition to creating new operational challenges, the addition of DERs also presents new benefits and challenges to protecting the grid from a diverse array of cyber threats. As threat actors increasingly target critical infrastructure, and energy assets specifically, it is vital to understand how emerging technologies are altering the threat landscape of power systems.

Firstly, distributed renewables may offer key benefits to maintaining localized power integrity and stabilization during short-term malicious events. When deployed as part of a larger aggregated system, DERs possess the potential to offer crucial resiliency resources during incidents affecting centralized power assets. For instance, photovoltaic (PV) systems, commonly referred to simply as solar, may provide important contingency options for maintaining the integrity of system frequency during events affecting generation and transmission systems.

However, threat actors may also leverage DER characteristics which increase system fragility to imbalances in generation and demand. High regional penetration of DERs can cause high system variability, lower system inertia, and decreased dispatch control. When combined, these factors adversely affect grid controller’s ability to respond to unforeseen fluctuations in generation and demand.  Threat actors capable of procuring botnets of high consumption devices may leverage these factors in high penetration regions in an attempt to degrade and disrupt service to consumers. The coordination of a high wattage IoT load manipulation in coordination with peak load times in such a region could result in power outages or blackouts.

Attacks and Attackers