Cybersecurity guidance for distribution system operators to protect grid edge devices has been published by the US National Institute of Standards and Technology (NIST), writes smart-energy.com. As the number and variety of grid edge devices grow so too does the cybersecurity threat. Indeed, protecting these devices is arguably one of the more difficult tasks in cybersecurity, with the wide variety of devices and their intelligence, data sharing and communication capabilities, according to the NIST.
For example, a distribution utility may need to remotely communicate with thousands of devices, many of which may not even be owned or configured by the utility, to monitor their status and control the operating points. Thus, securing the integrity of the data, communications and control is key to maintaining not only the reliability of the grid but also the trust and relationship of customers.
The guidance, developed by the NIST’s National Cybersecurity Center of Excellence (NCCoE) with input from the industry, is mapped to security standards and guidelines including NIST’s recently updated framework and roadmap for smart grid interoperability standards.
The key capabilities of a solution are:
- Authentication and access control to ensure that only known, authorised systems can exchange information
- Communications and data integrity to ensure that information is not modified in transit
- Malware detection to monitor information exchanges and processing to identify potential malware infections
- Command register that maintains an independent, immutable record of information exchanges between distribution and distributed resource operators
- Behavioural monitoring to detect deviations from operational norms
- Analysis and visualisation processes to monitor data, identify anomalies and alert operators
In addition to the integrity of the communications, the solution should thus also assist organisations to capture an immutable record of control actions across distributed resources, support secure edge-to-cloud data flows, visualisation and data sharing and remotely monitor both utility and non-utility resources.