Abstract
As part of a multiyear effort, the National Renewable Energy Laboratory (NREL) has dedicated resources to understand and identify cybersecurity weaknesses in distributed energy resources (DERs) by performing assessments. Due to a lack of standardization and rapidly increasing adoption of DERs, there is a critical need to address cybersecurity needs for DER systems in an interactive way. Furthermore, federal agencies, which are required to obtain an authority to operate, are challenged by the complexities of including their DERs. To help meet this need, in early 2020, NREL released the Distributed Energy Resources Cybersecurity Framework (DERCF) and accompanying Web application. This process is supported by the Risk Management Framework (RMF) developed by the National Institute of Standards and Technology. This project, referred to as the DERCF RMF application, expands on the existing DERCF work to include methods that support walking a user through the seven RMF steps. The tool will be available for download at no cost from [link ]. The purpose of this paper is to describe the steps the DERCF team at NREL took to understand Steps 1-5 of the RMF process. Additionally, this document will identify future work on the first five steps as well as a plan for Steps 6 and 7.
Original language | American English |
---|---|
Number of pages | 14 |
DOIs | |
State | Published - 2022 |
NREL Publication Number
- NREL/TP-5R00-78436
Keywords
- cybersecurity
- distributed energy resource
- Distributed Energy Resources Cybersecurity Framework
- risk management framework