NIST’s
National
Cybersecurity Center of Excellence (NCCoE) has posted for
comment a Preliminary Draft of Special
Publication (SP) 1800-32, Volumes A and B, on Securing the Industrial Internet of Things: Cybersecurity
for Distributed Energy Resources.

The
use of small-scale distributed energy resources (DERs), such as wind and
solar photovoltaics, are growing rapidly and transforming the power grid.
In fact, a distribution utility may need to remotely communicate with
thousands of DERs and other grid-edge devices—many of which are not owned
by them.  Any attack that can deny, disrupt, or tamper with DER
communications could prevent a utility from performing necessary control
actions and could diminish grid resiliency.

In
this practice guide, the NCCoE applies standards, best practices, and
commercially available technology to protect the digital communication,
data, and control of cyber-physical grid-edge devices. The guide
demonstrates an example solution for monitoring and detecting unusual
behavior of connected industrial internet of things devices and building a
comprehensive audit trail of trusted IIoT data flows. 

By
releasing Volumes A and B as a preliminary draft, we are sharing our
progress made to date, using the feedback received to shape future drafts
of the practice guide, and featuring technologies and practices that
organizations can use to monitor, trust, and protect information exchanges
between commercial- and utility-scale distributed energy resources (DERs). 

The public comment period is open through May 24, 2021. See
the publication
details for a copy of the draft volumes and instructions for
submitting comments.

NCCoE
homepage:
https://www.nccoe.nist.gov/

Publication
detail:
https://csrc.nist.gov/publications/detail/sp/1800-32/draft

Project
homepage:
https://www.nccoe.nist.gov/projects/use-cases/energy-sector/iiot