A new report has recommended that more cybersecurity testing be carried out as part of improved cyber certification for distributed energy resources (DER) and inverter based resources (IBR).

renewable energy

The report was released by global safety science organisation, UL in partnership with the US Department of Energy.

Titled “Cybersecurity Certification Recommendations for Interconnected Grid Edge Devices and Inverter Based Resources”, the document is part of a precursor to the first cybersecurity certification standard for distributed energy resources.

With support from the US Department of Energy’s Solar Energy Technologies Office, UL has said it will continue working with the US government’s National Renewable Energy Laboratory (NREL) on developing requirements to support cybersecurity certification standards for DERs and IBRs.

The NREL and UL are currently working on an outline of investigation for a standard that will apply to energy storage and generation technologies on the distribution grid, including photovoltaic inverters, electric vehicle chargers, wind turbines, fuel cells and other resources essential to advancing grid operations.

These new requirements will prioritise cybersecurity enhancements for power systems dealing with high penetration inverter-based resources, including those interfacing with bulk power systems for periods of instantaneous high wind, solar and hybrid/storage generation. It will also help ensure cybersecurity is designed into new IBR and DER systems.

Kenneth Boyce, senior director for Principal Engineering, Industrial, group at UL, said:

“Currently, there are no cybersecurity certification requirements to which manufacturers and vendors can certify their DER and IBR devices against an established and widely adopted cybersecurity certification programme.

“The development of these new cybersecurity certification requirements will provide a single unified approach that can be taken as a reference for performing the testing and certification of DERs before being deployed and while in the field,” Boyce added.

“Drafting comprehensive certification requirements with peer review requires effective leadership and stakeholder participation. We are pleased to be working with NREL in this effort to bring additional performance-based security to electrical grid infrastructure,” Boyce continued.

Danish Saleem, senior researcher for energy cyber-physical system security at NREL, said:

“A national or international cybersecurity certification standard can aid industry stakeholders to evaluate and validate the cybersecurity posture of their DER or IBR devices before they are connected to the electric grid.

“UL supports the development of a cybersecurity certification program because, not only will robust cybersecurity be introduced to the electric grid, but it will also help to ensure the concept of security by design is being followed for new DER systems,” Saleem added.

“Drafting consensus-based cybersecurity certification standards requires effective leadership and regular participation from stakeholders. NREL and UL can streamline this effort by utilising in-house expertise and state-of-the-art testing facilities and by bringing industry experts to the UL Standards Technical Panel.

“By collaborating with UL on this technical report, we have established a valuable working relationship that will strengthen our ability to develop the forthcoming.

FinCrime Global

Financial Crime is a complex, multi-faceted and ever evolving global issue which has become increasingly sophisticated in nature.

FinCrime Global will return on 5th & 6th April 2022 for 2 days of expert insight, guidance and debate to help inform financial and banking professionals and senior practitioners working within the financial crime sector.

Bringing together over 50 thought-leaders that are committed to fighting financial crime and lead the way on how we can do this better, more efficiently and effectively.


FinCrime Global logo