Harness the Power of DERs for Secure Communications in Electric Energy Systems

TL;DR

This paper introduces DERauth, a security extension for DNP3, enhancing authentication in DER communication to prevent malicious commands and improve grid security.

Contribution

It presents a novel bolt-on authentication framework for DNP3, tailored for DER systems, using real-time DER measurements for improved security.

Findings

DERauth effectively secures DNP3 communications against malicious commands.

The framework leverages DER entropy for real-time authentication.

Testbed results show improved security without disrupting existing protocols.

Abstract

Electric energy systems are undergoing significant changes to improve system reliability and accommodate increasing power demands. The penetration of distributed energy resources (DERs) including roof-top solar panels, energy storage, electric vehicles, etc., enables the on-site generation of economically dispatchable power curtailing operational costs. The effective control of DERs requires communication between utilities and DER system operators. The communication protocols employed for DER management and control lack sophisticated cybersecurity features and can compromise power systems secure operation if malicious control commands are issued to DERs. To overcome authentication-related protocol issues, we present a bolt-on security extension that can be implemented on Distributed Network Protocol v3 (DNP3). We port an authentication framework, DERauth, into DNP3, and utilize real-time measurements from a simulated DER battery energy storage system to enhance communication security. We evaluate our framework in a testbed setup using DNP3 master and outstation devices performing secure authentication by leveraging the entropy of DERs.