Solar

University of Arkansas leads DOE project to enhance solar inverter cybersecurity

University of Arkansas leads DOE project to enhance solar inverter cybersecurity
(Image by stanthonys solar from Pixabay)

In an initiative led by the University of Arkansas, several universities, laboratories, and industry partners have joined forces on the U.S. Department of Energy’s Solar Energy Technologies Office (SETO) project that aims to fortify the cybersecurity measures of solar inverters.

Solar inverters are pivotal in converting the direct current (DC) generated by solar panels into alternating current (AC) for use in households and the energy grid. However, as the solar energy landscape evolves, so do associated cybersecurity threats.

In the project, researchers dismantled conventional commercial solar inverters, stripping away their existing controls and technology. Next, they integrated their partners’ work and implemented custom-designed controls with multiple layers of cybersecurity protocols.

Field testing was the next step to test the efficacy of the revamped solar inverters. The UA Power Group team entered solar farms, subjecting the modified inverters to real-world conditions to validate and demonstrate the viability of the enhanced cybersecurity measures in practical settings.

The collaborative partners for this project were the University of Georgia, Texas A&M Kingsville, University of Illinois Chicago, Argonne National Laboratory, National Renewable Energy Laboratory, General Electric Research, Ozarks Electric, and Today’s Power Inc.

Episode 67 of the Factor This! podcast features Ryan Quint, who oversees engineering and security integration for the North American Electric Reliability Corporation, which oversees the reliability of the bulk power system. Subscribe wherever you get your podcasts.

SETO’s research and development projects in cybersecurity seek to develop more secure ways to operate solar and other DER that will enable grid operators to rapidly detect physical and cyber‐based disturbances and use solar energy generation to recover quickly from power outages at critical infrastructure sites.

In 2017, SETO funded Sandia National Laboratory’s Roadmap for Solar Cybersecurity, which helps guide research in this area within SETO and other DOE offices. In 2020, the Energy Efficiency and Renewable Energy (EERE) Office published a Multi-Year Program Plan that includes strategies to improve cybersecurity in renewable energy, manufacturing, buildings, and transportation research and development. 

In 2022, the Office of Energy Efficiency and Renewable Energy, along with the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), developed the Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid report, which provides recommendations for the distributed energy resources industries, energy sector, and government to secure current and future systems.

The North American Electric Reliability Corp (NERC) held a session in 2023 that emphasized that the challenges surrounding inverter-based resources are not due to technology shortcomings, but rather the “shortcomings of processes and the lack of harmonized comprehensive standards” that can be applied during the interconnection process and then throughout the project’s lifecycle. 

“The lack of uniformity, clarity, consistency, enforcement, and detail in interconnection requirements and processes has led to unreliable operation of inverter-based resources that are connected to the bulk power system and the widespread abnormal performance of resources during grid disturbances,” the session summary said.

The summary read that the rapid integration of bulk power system (BPS)-connected inverter-based resources ranks as the most significant grid transformation driver across North America.

Specific concerns included the growing level of DERs that often are connected directly to the internet as well as unregistered inverter-based resources on the grid that are also not subject to the NERC CIP Standards; the introduction of DER aggregators, their control of many DERs across a large footprint, and their lack of applicability to the NERC CIP Standards; the prevalence of vendor or manufacturer remote access and potential cross-border control center operations; and securing the “overall electricity ecosystem for this vastly changing” resource mix. 

Tags