Distributed Energy Resources (DERs), such as solar photovoltaic (PV) systems, wind turbines, and energy storage systems, offer many benefits, including increased energy efficiency, sustainability, and grid reliability. However, their integration into the smart grid also introduces new vulnerabilities to cyber threats. The smart grid is becoming more digitalized, with advanced technologies like Internet of Things (IoT) devices, communication networks, and automation systems that enable the integration of DER systems. While this enhances grid efficiency and control, it creates more entry points for attackers and thus expands the attack surface for potential cyber threats. Protecting DERs from cyberattacks is crucial to maintaining the overall reliability, security, and privacy of the smart grid. The adopted cybersecurity strategies should not only address current threats but also anticipate future dangers. This requires ongoing risk assessments, staying updated on emerging threats, and being prepared to adapt cybersecurity measures accordingly. This paper highlights some critical points regarding the importance of cybersecurity for Distributed Energy Resources (DERs) and the evolving landscape of the smart grid. This research study shows that there is need for a proactive and adaptable cybersecurity approach that encompasses prevention, detection, response, and recovery to safeguard these critical energy systems against cyber threats, both today and in the future. This work serves as a valuable tool in enhancing the cybersecurity posture of utilities and grid-connected DER owners and operators. It allows them to make informed decisions, protect critical infrastructure, and ensure the reliability and security of grid-connected DER systems in an evolving energy landscape.

Calitz, J. & Wright, J., 2021. Statistics of utility-scale power generation in South Africa in 2020, South Africa: http://hdl.handle.net/10204/11865.

Dzobo, O., Malila, B. & Sithole, L., 2011. Proposed framework for blockchain technology in a decentralised energy network. Protection and Control of Modern Power Systems, 6(3), pp. 1 - 11.

ENA, 2020. Distributed Energy Resources – Cyber Security Connection Guidance. [Online] Available at: https://www.energynetworks.org/publications/distributed-energy-resources-(der)-cyber-security-connection-guidance [Accessed 21 July 2023].

EPRI, 2020. CoNEd and Duke Energy Evaluate Cyber Security with Technical Assessment Methodology. [Online] Available at: https://www.epri. com/research/products/3002017786 [Accessed 20 July 2023].

EUAC, 2012. Appropriate security measures for smart grids, 2012. [Online] Available at: https://www.enisa.europa.eu/ publications/appropriate-security-measures-for-smart grids [Accessed 20 July 2023].

EUAC, 2013. Smart grid threat landscape and good practice guide. [Online] Available at: https://www.enisa.europa. eu/publications/smart-grid-threat-landscape-and-good-practice-guide [Accessed 20 July 2023].

Faquir, D., Nestoras, C., Kalopoulou, O. & Maglaras, L., 2021. Cybersecurity in smart grids, challenges and solutions. AIMS Electronics and Electrical Engineering, 5(1), p. 24–37.

Gunduz, M. Z. & Das, R., 2020. Cyber-security on smart grid: Threats and potential solutions. Computer Networks, Volume 169(107094), p. 1–17.

He, H, Maple, C, Watson, T, Tiwari, A, Mehnen, J, Jin, Y & Gabrys, B, 2016. The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing & other computational intelligence. Vancouver, Canada, 24 – 29 July 2016, IEEE Congress on Evolutionary Computation.

Jansen, C. & Jeschke, S., 2018. Mitigating risks of digitalization through managed industrial security services. AI and Society, 33(2), pp. 163-173.

Kitchenham, B. & Charters, S., 2007. Guidelines for performing systematic literature reviews in software engineering, Keele University and Durham University Joint Report: Technical Report EBSE 2007-001.

Kobara, K., 2016. Cyber physical security for industrial control systems and IoT. IEICE TRANSACTIONS on Information and Systems, E99-D (4), pp. 787-795.

Langer, L., Smith, P. & Hutle, M., 2015. Smart grid cybersecurity risk assessment. Vienna, Austria, 2015 International Symposium on Smart Electric Distribution Systems and Technologies (IEEE).

Marron, J., 2021. Mapping of NIST Cybersecurity Framework v1.1 to NERC CIP Reliability Standards, National Institute of Standards and Technology. [Online] Available at: https://doi.org/10.18434/mds2-2348 [Accessed 21 July 2023].

Martins, J., Gomes, V. & T, M., 2018. On the use of IEC 61850-90-7 for smart inverters integration. 9th International Conference on Intelligent Systems 2018, 25 - 27 September, pp. 722-726.

Miessler, D., 2015. Securing the internet of things: Mapping attack surface areas using the OWASP IoT top 10. San Fransisco, USA, RSAConference2015.

Mishra, S, Anderson, K, Miller, B, Boyer, K & Warren, A, 2020. Microgrid resilience: A holistic approach for assessing threats, identifying vulnerabilities, and designing corresponding mitigation strategies. Applied Energy, Volume 264(C).

NCFSA, 2015. Government Gazette. State Security Agency, National Cybersecurity Framework for South Africa, Government Gazette, [Online] Available at: https://www.gov.za/sites/default/files/gcis_document/201512/39475gon609.pdf [Accessed 20 July 2023].

NERSA, 2017. NRS 097-2-1: 2017 Small-scale embedded generation Section 1: Utility Interface, South Africa: Eskom.

NERSA, 2019. Grid Connection for Renewable Power Plants (RPPs) connected to the Electricity Transmission System (TS) or Distribution System (DS) in South Africa: Version 3.0, South Africa: Eskom.

NESCOR, 2015. Electric Sector Failure Scenarios and Impact Analyses - Version 3.0, California, USA: EPRI.

NIST, 2014a. Guidelines for Smart Grid Cybersecurity: Vol.1, Smart Grid Cybersecurity Strategy, Architecture, and High-Level Requirements., USA: NIST.

NIST, 2014b. Guidelines for Smart Grid Cyber Security: Vol.2, Privacy and the Smart Grid., USA: NIST.

NIST, 2014c. Guidelines for Smart Grid Cybersecurity: Vol.3, Supportive Analyses and References., USA: NIST Interagency/Internal Report (NISTIR) - 7628 Rev 1, https://doi.org/10.6028/NIST.IR.7628r1.

NIST, 2018. Framework for Improving Critical Infrastructure Cybersecurity, April 16, 2018. [Online] Available at: https://nvlpubs.nist.gov/nistpubs/cswp/nist.cswp.04162018.pdf [Accessed 20 July 2023].

Notton, G, Nivet, M.L, Voyant, C, Paoli, C, Darras, C, Motte, F & Fouilloy, A, 2018. Intermittent and stochastic character of renewable energy sources: Consequences, cost of intermittence and benefit of forecasting. Renewable Sustainable Energy Reviews, Volume 87, p. 96–105.

Owusu-Mante, S., 2020. South Africa’s 2019 IRP renewable energy targets. [Online] Available at: https://www.climatepolicylab.org/communityvoices/2020/5/13/south-africas-2019-irp-renewable-energy-targets [Accessed 20 July 2023].

Pishva, D., 2017. Internet of Things: Security and privacy issues and possible solution. PyeongChang, Korea (South), 2017 19th international conference on advanced communication technology (ICACT)., pp. 797-808.

Radanliev, P, De Roure, D.C, Nicolescu, R, Huth, M, Montalvo, R.M, Cannady, S & Burnap, P, 2018. Future developments in cyber risk assessment for the internet of things. Computers in Industry, Volume 102, pp. 14-22.

RSA, 2013. Protection of Personal Information (POPI) Act 4 of 2013. [Online] Available at: https://www.gov.za/sites/default/files/gcis_document/201409/3706726-11act4of2013protectionofpersonalinforcorrect.pdf [Accessed 20 July 2023].

RSA, 2021. Cybercrimes Act 19 of 2020. [Online] Available at: https://www.gov.za/sites/default/files/gcis_document/202106/44651gon324.pdf [Accessed 20 July 2023].

Sadan, N. & Renz, B., 2020. New DER communications platform enables DERMS and conforms with IEEE 1547-2018 requirements. 2020 IEEE/PES Transmission and Distribution Conference and Exposition (T&D), 12 - 15 Oct, pp. 1 -5.

Stouffer, K, Lightman, S, Pillitteri, V, Abrams, M & Adam, H, 2014. NIST special publication 800-82, revision 2: Guide to industrial control systems (ICS) security, Maryland, United States: National Institute of Standards and Technology.

Sullivan, D., Luiijf, E. & Colbert, E. J. M., 2016. Components of Industrial Control Systems. In: Cyber-security of SCADA and Other Industrial Control Systems. AG Switzerland: Springer International Publishing.

Theron, P. & Lazari, A., 2018. The IACS Cybersecurity Certification Framework (ICCF). Lessons from the 2017 study of the state of the art, Luxembourg: Publications Office of the European Union.

Turner, H. A., White, J., Camelio, J. & Williams, C. B., 2015. Bad parts: are our manufacturing systems at risk 615 of silent cyberattacks? IEEE Security and Privacy, 13(3), pp. 40 - 47.

USA, 2021. United States of America government, Cyber-Attack Against Ukrainian Critical Infrastructure. [Online] Available at: https://www.cisa.gov/news-events/ics-alerts/ir-alert-h-16-056-01 [Accessed 20 August 2023].

Wu, D, Ren, A, Zhang, W, Fan, F, Liu, P, Fu, X & Terpenny, J, 2018. Cybersecurity for digital manufacturing. Journal of Manufacturing Systems, Volume 48, pp. 3 - 12.