Skip to main content

About the Distributed Energy Resource Cybersecurity Framework

NREL developed the Distributed Energy Resource Cybersecurity Framework (DERCF) to evaluate the cybersecurity posture of federal sites that employ distributed energy systems or plan to implement distributed energy resources (DERs) for day-to-day operations.



As increasing amounts of DERs are introduced to the bulk power system, the electric grid is transforming. Compared to a grid powered by a small number of large, centralized generation facilities, the modern grid is becoming more reliant on smaller, decentralized generation. It requires careful coordination of such resources to maintain stability. As a result, utilities and customers are seeing progressively complex and interconnected communications networks—a modern grid that is evolving to be more data- and communications-driven.

These changes naturally increase the cyberattack surface. Further complications arise from the fact that a significant portion of DERs will be owned and controlled by consumers and third parties who may not be aware of the need for rigorous cybersecurity.

While smart meters and advanced metering infrastructure have already expanded the utility's attack surface, DER deployment presents additional risks due to:

  • The distributed nature of DERs
  • Control and communication requirements for DERs
  • The large number of devices and access points that operate outside a utility's administrative domain.

NREL developed the framework to expand upon existing cybersecurity frameworks, including the U.S. Department of Energy's Cybersecurity Capability Maturity Model (C2M2), the National Institute of Standards Technology's' cybersecurity framework, and other standards established by the U.S. Department of Homeland Security, the Department of Defense, and the International Electrotechnical Commission.

With no existing cybersecurity framework that addresses this need, the DERCF tool allows federal agencies to improve the protection of their energy networks—which have direct impact on information and operational technology networks—against the rising potential of cyberattacks.

January 14, 2016 - Brian Miller, Maurice Martin, Randy Hunsberger, and Ivonne Pena, with the Cyber-Physical Systems Center, work through a scenario in the NREL Cyber Test Bed at the ESIF.
Photo by Dennis Schroeder / NREL
November 17, 2016- Josh Eichman, NREL, discusses the Business Case Analysis of an NREL and Idaho National Laboratory (INL) electrolyzer grid integration demonstration in the control room of the Energy Systems Integration Facility (ESIF), using Real-Time Digital Simulators (RTDS) connecting grid simulations at the two labs to investigate the value of hydrogen electrolyzer refueling stations for providing grid services. The audience was made up of industry and utility representatives attending the H2@Scale Workshop.
Photo by Dennis Schroeder / NREL

The Team

Researchers with NREL's Cyber-Physical Security group developed the DERCF with support from the U.S. Federal Energy Management Program.

Learn about the project team