The electrical grid in the U.S. is a network of power generation plants, transformers, wires, sensors, and poles that carry electricity far and wide. When we have power, we don’t give the grid much thought. But that is changing. Much of the nation’s grid is old, with the average age of power plants being over 30 years old and most transmission lines and transformers are over 25 years old. In that time period, much new technology has been added to the grid including solar and energy storage.
The U.S. Department of Energy (DOE) is taking seriously the potential threat of cyberattacks on our energy resources. In a speech at the State Department in early February, President Joe Biden announced an “urgent initiative” to improve U.S. capability, readiness, and resilience in cyberspace.
(Read “‘We have a real adversary’: Work intensifies to safeguard solar from cyber attacks.”)
The Solar Energy Industries Association (SEIA) is continuing its effort to shore up the solar industry’s resilience against cybersecurity threats. Recently, SEIA and the Department of Energy Solar Energy Technologies Office (SETO) hosted a half-day virtual summit on the state of cybersecurity in the industry, with emphasis on how these threats must be taken into account from the initial design phase.
SEIA advises that it is more cost-effective to mitigate risks now than to pay the price after the fact by taking just a few, simple, low-cost steps for businesses to take to strengthen their cybersecurity and prevent future attacks, including password protection solutions, multi-factor authentication, and keeping software up to date.
Furthermore, SEIA advises that companies should proactively implement a strong data governance strategy. Data can fall into the wrong hands if it isn’t handled properly, and it is recommended companies dispose of older, unnecessary data. Tips for small business security can be found in the Cybersecurity and Infrastructure Security Agency’s (CISA) cyber security toolkit.
What is needed is an industry-wide approach. SunSpec and the Sandia National Laboratories lead a distributed energy resource (DER) Cybersecurity Workgroup to create an industry standard for cybersecurity from the competing frameworks. Interested companies can join the working group to contribute to the development of these critical industry standards and best practices.
Clean energy companies can join a public-private partnership to work together with other businesses and the government to identify vulnerabilities, triage cyber issues, and develop scalable solutions to secure the grid. The Department of Energy’s (DOE) Cyber Testing for Resilient Industrial Control Systems (CyTRICS) is one such partnership between many of the national labs and private businesses.
This content is protected by copyright and may not be reused. If you want to cooperate with us and would like to reuse some of our content, please contact: email@example.com.
In 1993, I installed a backup KEY switch where a supervisor could insert the key and turn it and go back to the tried-and-true manual operation and take the computer and PLCs off line in case of a failure or cyber-attack. The engineers said it was un necessary yet it was used time and again when the PLCs failed or the main computer would freeze up. Mostly used by the night shift personnel when all the engineers were off and could not come it to fix the PLC or computer glitches. With a backup system in place, you do not worry about cyber-attacks or ransomware. Bypass, purge, reset and go.
By submitting this form you agree to pv magazine using your data for the purposes of publishing your comment.
Your personal data will only be disclosed or otherwise transmitted to third parties for the purposes of spam filtering or if this is necessary for technical maintenance of the website. Any other transfer to third parties will not take place unless this is justified on the basis of applicable data protection regulations or if pv magazine is legally obliged to do so.
You may revoke this consent at any time with effect for the future, in which case your personal data will be deleted immediately. Otherwise, your data will be deleted if pv magazine has processed your request or the purpose of data storage is fulfilled.
Further information on data privacy can be found in our Data Protection Policy.