Cybersecurity and Communication Protocols in Solar with Tom Tansy, Executive Director of SunSpec Alliance | view the full interview here | check out all the Solar Podcast content here.
by Ruth Fein Revell March 22, 2021
Recently, on the tail of the Texas grid collapse, The Solar Podcast took a deep dive with SunSpec Alliance Director Tom Tansy. With vivid visions of the Lone Star State in chaos alongside national headlines of cyberattacks across industry and government, he tells us what manufacturers and installers need to know now – to keep our energy infrastructure secure.
You may be mostly familiar with the not-for-profit SunSpec for its rapid shutdown certification program. In fact, cybersecurity is front and center along with communications, particularly as the alliance develops information standards for distributed energy.
“I think the energy business has the characteristic of being really the last bastion that has not been totally overtaken by the internet,” says Tom. Now, as new communications and security technology is coming out of the research lab, and through the regulatory framework, “it’s hitting the installers and the operators and asset owners in real time in terms of their responsibility to deploy it going forward.”
Decentralization: how distributed energy changes everything
In the past, because the energy grid was highly centralized, the need for internet-style connectivity was not so great. One thing that changes that is the popularity of distributed energy resources (DER) – any solar system, wind system, generator that attaches to the distribution grid, or energy storage, electric vehicles or charging infrastructure. Because there are millions of these systems out there, the latest update to the national IEEE 1547 electrical standard for interconnection (2018) added communications features, in order to manage, maintain and control them, Tom explains. “And so, we’re entering the internet age for energy. . .”
Here’s the challenge. You want the energy systems to be islanded from the internet, so they’re less vulnerable. At the same time, you want to be able to communicate with them and know what’s going on and update the software and control the assets, turning them off if there’s an emergency.
How do you minimize risk of a hack while allowing access to the various authorities, owners and operators to see what’s happening on the grid?
Tom believes that with the IEEE 1547 standard, the right elements are at play: a proper orientation of the standards so they can be cyber secured; proper orientation of the industry to look at security for what it is; and designed and built from the ground up, for easier management and implementation. “Then, ultimately, it’s the application of these technologies” in the field.
“Within 18 to 24 months, all 50 states will have to weigh in on this, either directly or tacitly by staying silent on it,” says Tom, as it becomes part of the interconnection process. Practically though, what goes along with the national IEEE 1547, 2018 “recommendations” is local jurisdictions determining how they deal with communication issues and cyber security.
What’s the bottom line?
“We’re moving to bring all (of DER) online, so we need to up our game substantially, and come up with uniform practices, such that if something untoward does happen, we have a way of diagnosing what happened and defining a countermove. We have standardized solutions put in place . . . and they’re coming to a jurisdiction near you.”
This complete interview and others can be viewed at Solar Podcast, and is brought to you by Continental Energy Solutions with host Tim Montague.