Electrical standards provider along with the U.S. Department of Energy “National Renewable Energy Laboratory (NREL)” developed new cyber security standards UL 2941. This protocol basically furnishes a substructure for the inverters, EV chargers, wind turbines, fuel cells, and other resources operating within a grid interconnection.
UL 2941 will foster cybersecurity standards across all new inverter-based resources (IBR) and distributed energy resource (DER) systems. The UL will also emphasize the cybersecurity of systems that deals with high-penetration inverter technology,
A flood in new DER resources, tied to the grid nowadays can be seen in the U.S. This is because of the increase in ransomware attacks and the Russian invasions of Ukraine in 2022.
The DOE’s Solar Energy Technologies Office is also supporting this new protocol of NREL. The product that fulfills the requirement of UL 2941 will be eligible for UL certifications. This protocol is an extension of the existing testing standard UL 1741. This standard was used to test the power inverters, converters, controllers, and interconnection systems.
Why Cyber Security Standards Are Essential?
A SETO report “Securing Solar for the Grid” suggested guidelines for the distribution of energy resources in 2022. While in the same way, a DOE report demands DER market to define the rules for cyber security standards as well.
As a rule of thumb, it is crystal clear that as the installation of rooftop solar PV modules, batteries, and other DERs augments increase, the chances of cyber-attacks on them also get high. According to the DOE report, currently DERs capacity is standing at a total of 90 GW of energy capacity in the U.S. This capacity is likely to sprout to a whopping total of 380 GW by 2025.
Moreover, a cyber-attack can happen in two ways. First, the striker can send ransomware to control the multiple DERs simultaneously. Second, the attacker can send directions and updates to the DERs to interrupt the operations completely.
In both scenarios, a botnet will empower the attacker to swing the grids in his favor by infecting enough DERs with malware. Or the striker can dispatch a “worm” to a higher-level distributed energy resource management (DERM) system. This will eventually transmit a false instruction to multiple DERs which can prompt power instability in the grids. In order to curtail such situations, cyber security standards are essential now more than ever.