TY - JOUR
T1 - Distributed Energy Resource Management System (DERMS) Cybersecurity Scenarios, Trends, and Potential Technologies: A Review
AU - Sugunaraj, Niroop
AU - Balaji, Shree Ram Abayankar
AU - Chandar, Barathwaja
AU - Rajagopalan, Prashanth
AU - Kose, Utku
AU - Loper, David
AU - Mahfuz, Tanzim
AU - Chakraborty, Prabuddha
AU - Ahmad, Seerin
AU - Kim, Taesic
AU - Apruzzese, Giovanni
AU - Dubey, Anamika
AU - Strezoski, Luka
AU - Blakely, Benjamin
AU - Ghosh, Subhojit
AU - Reddy, Maddikara
AU - Padullaparti, Harsha Vardhana
AU - Ranganathan, Prakash
PY - 2025
Y1 - 2025
N2 - Critical infrastructures like the power grid are at risk from increasing cyber threats due to high penetration of interconnected distributed energy resources (DER). Compromised DER endpoints can cause events, data breaches, communication loss, intentional device failures, and even cascading outages. To address these challenges, this paper explores cybersecurity issues in DER management systems (DERMS), including state-of-the-art reviews on architectures, communication protocols, access control privileges, data breaches, identity management policies, attacks such as false data injection, denial of service, distributed denial of service, malware, threats affecting data integrity, and network vulnerabilities. Realistic threat scenarios are outlined, followed by discussions on futuristic solutions like the zero trust framework. The paper presents new architectural patterns for recently released multi-level hierarchical framework as per IEEE 1547.3 standard to handle DERMS data and assets. The paper also discusses potential threats compromising the Confidentiality, Integrity, Availability, and Accountability (CIAA) properties at each level of the IEEE 1547.3 framework. This review is unique and comprehensive, as it covers existing research on cybersecurity challenges in DER-related assets and outlines the necessary capabilities to equip Intrusion Diagnostic Units (IDUs) in future DERMS technologies, all while ensuring compliance with IEEE 1547.3 standard requirements.
AB - Critical infrastructures like the power grid are at risk from increasing cyber threats due to high penetration of interconnected distributed energy resources (DER). Compromised DER endpoints can cause events, data breaches, communication loss, intentional device failures, and even cascading outages. To address these challenges, this paper explores cybersecurity issues in DER management systems (DERMS), including state-of-the-art reviews on architectures, communication protocols, access control privileges, data breaches, identity management policies, attacks such as false data injection, denial of service, distributed denial of service, malware, threats affecting data integrity, and network vulnerabilities. Realistic threat scenarios are outlined, followed by discussions on futuristic solutions like the zero trust framework. The paper presents new architectural patterns for recently released multi-level hierarchical framework as per IEEE 1547.3 standard to handle DERMS data and assets. The paper also discusses potential threats compromising the Confidentiality, Integrity, Availability, and Accountability (CIAA) properties at each level of the IEEE 1547.3 framework. This review is unique and comprehensive, as it covers existing research on cybersecurity challenges in DER-related assets and outlines the necessary capabilities to equip Intrusion Diagnostic Units (IDUs) in future DERMS technologies, all while ensuring compliance with IEEE 1547.3 standard requirements.
KW - advanced distribution management systems
KW - cybersecurity
KW - distributed energy resource management systems
KW - distributed energy resources
U2 - 10.1109/COMST.2025.3534828
DO - 10.1109/COMST.2025.3534828
M3 - Article
SN - 1553-877X
JO - IEEE Communications Surveys and Tutorials
JF - IEEE Communications Surveys and Tutorials
ER -