Emerging energy technologies are transforming the electric grid by adding flexibility, reliability and expanded power generation, but can also increase cyber risk, since many legacy devices were not built to meet today’s cybersecurity expectations.
Credit: Titan Solar Power
UL Solutions has launched a new certification program that creates the first industry-wide cybersecurity baseline for distributed energy resources (DER) and inverter-based devices, such as microgrids, batteries, hydrogen systems and electric vehicle infrastructure. This certification program provides manufacturers, utilities, regulators and grid operators with a consensus-based framework for mitigating that risk.
“Our new cybersecurity testing and certification program brings clarity and common expectations by providing a standards-driven step to reduce cyber risk, which is critical for grid reliability, protecting infrastructure and growing public confidence in the new technologies that power communities,” said Ken Boyce, PV at UL Solutions. “By combining cybersecurity evaluation with safety testing, we help manufacturers embed security from the start and give buyers confidence in distributed energy and inverter-based products.”
Testing for this cybersecurity certification follows requirements in UL 2941, the “Standard for Cybersecurity of Distributed Energy and Inverter-Based Resources,” which sets cybersecurity requirements for networked, software-driven devices that handle significant energy flows and affect grid stability. The standard encompasses technical controls, such as access management and cryptography, as well as policy areas including the handling of sensitive data and documentation.
It is designed to complement existing safety testing, UL 1741, the “Standard for Inverters, Converters, Controllers and Interconnection System Equipment for Use With Distributed Energy Resources” — not replace it — giving manufacturers options for how to meet the required protections.
The new cybersecurity certification program evolved from fieldwork, including test cases published by the U.S. Department of Energy’s National Laboratory of the Rockies (NLR) in 2019, which focused on authentication, authorization, confidentiality and data integrity for microgrid communications. Those efforts highlighted the need for a dedicated cybersecurity standard that accommodates the diverse range of DER and inverter-based technologies and their complex ownership structures.
“As energy resources integrate with the grid, cybersecurity can no longer be an afterthought and must be built into device design and deployment,” said Danish Saleem, senior researcher in NLR’s Cybersecurity Research Center. “Certification to UL 2941 by UL Solutions gives the industry a rigorous, practical path to confirm those protections are in place, increasing confidence for utilities, owners and communities that depend on these resources.”
Learn more about the cybersecurity of distributed energy and inverter-based resources.
News item from UL Solutions
