S|A contributed the command register to the CRADA solution. The command register is a new concept featured in the practice guide. It captures the sequence of events related to DER management across all DERs connected to, monitored, and controlled by a distribution control system. Its purpose is to provide an immutable record of transactions/communications among a distribution control system and the control systems managing the DER, verify the integrity of information exchanges, and provide a comprehensive audit trail of information exchanges.
Jim McCarthy, NCCoE senior security engineer, added, “Distributed energy resources are playing a larger role in the nation’s energy supply. This NCCoE cybersecurity practice guide demonstrates how to use commercially available technology to enhance the trust and integrity of the data and communication flows from these grid-edge devices and networks.”
NIST does not evaluate commercial products under this consortium and does not endorse any product or service used. Additional information on this consortium can be found at https://www.nccoe.nist.gov/projects/iiot.
About the National Cybersecurity Center of Excellence
As part of NIST, the NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity issues. This public-private partnership enables collaboration in the creation of practical cybersecurity solutions for specific industries, as well as for broad, cross-sector technology challenges. Through consortia under CRADAs, including technology partners, from Fortune 50 market leaders to smaller companies specializing in information technology and operational technology security, the NCCoE applies standards and best practices to develop modular, and easily adaptable example cybersecurity solutions by using commercially available technologies. The NCCoE documents these example solutions in the NIST Special Publication 1800 series, which maps capabilities to the NIST Cybersecurity Framework and details the steps needed for another entity to re-create the example solution. The NCCoE was established in 2012 by NIST in partnership with the State of Maryland and Montgomery County, Maryland. Information is available at https://www.nccoe.nist.gov.