NREL researchers in the Distributed Energy Resource Cybersecurity Framework (DER-CF) have developed two application tools that streamline cybersecurity processes and enable visualization of cybersecurity resilience and compliance.
Download the DER-RM Fact Sheet
Distributed Energy Resource Risk Manager
Compliance with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) is required by most federal facilities and practiced by many other organizations. It requires cyclical self-evaluation, which helps maintain a high level of system security, but also demands ongoing time and attention.
To help organizations navigate and implement this framework, NREL created the Distributed Energy Resource Risk Manager (DER-RM) tool. The DER-RM lightens the workload for organizations by streamlining and managing the NIST-RMF process in an easy-to-use, downloadable application.
The DER-RM is an extension of NREL’s DER-CF and specifically focuses on NIST-RMF compliance—a major undertaking for federal sites and a critical framework for secure operations.
How It Works
The DER-RM walks users through NIST-RMF compliance step-by-step, automating the process and providing risk management recommendations where applicable. The tool populates common attacks on distributed energy resource controls to test the system's security and then offers tailored strategies and control recommendations derived from NIST standards.
Distributed Energy Resource Virtual Emulator
The DER-CF project team is currently working to integrate the Distributed Energy Resource Virtual Emulator (DER-VE) tool with the National Renewable Energy Laboratory’s cyber range. This integration will enable visualization of cybersecurity resilience and compliance and will enhance the accessibility of the DER-CF for federal facility energy managers and planners Learn more about this effort in the technical report.