skip to Main Content

NERC Webinar on Inverter Disturbances

On February 15, NERC hosted the first in a series of webinars titled “Inverter-Based Resource Disturbance Analysis Key Findings and Recommendations” which highlights the work of NERC’s Inverter Based Resource Performance Task Force (IRPTF). The webinar focused on the IRPTF’s analysis of two recent system events in Southern California.

GridSME has prepared a short summary of the webinar and report, which you can read here.

CAISO’s RIMS5 Changeover

Does your organization interact with CAISO?

If so, you may be aware that CAISO is updating its interconnection process and making the Resource Interconnection Management System v5 (“RIMS5”) the sole location for the transmittal of information pertaining to interconnection applications, interconnection studies, meter installation and maintenance projects (that are not Scheduling Quality Meter Data (SQMD) or Distributed Energy Resource Provider (DERP) projects), and New Resource Implementation (NRI) projects.

What does this mean to you?

You will no longer be able to email, mail, or physically deliver to CAISO documents or information related to the project types noted above. The transmittal of those documents will need to be done through RIMS.

When is this change effective?

December 31, 2017

If you aren’t ready for this change, don’t panic. GridSME can help.

Read the full write-up here

Kaspersky NERC Alert: Free Verification Tool

In response to the recent NERC Alert, GridSME compiled a tool that functions as a relatively quick way of identifying if Kaspersky software is on a system or verifying that Kaspersky is no longer installed after using their product removal tools. The tool recursively hashes the contents of the directory you tell it to, and compares each file hash to the NIST NSRL database of known Kaspersky file hashes , which is included in the zip archive available for download below. It can also be used “offline” by using a txt hash input list that is then compared to the NSRL database.

DISCLAIMER: By downloading this tool, user agrees and accepts that GridSME grants no express or implied warranty or guarantee of any kind, including, but not limited to, warranty of quality, merchantability, or fitness for a particular use or purpose. GridSME makes no representations as to the effectiveness of the tool. GridSME is not liable for any damage this tool may cause to your systems. While GridSME tested and verified the usage of this tool on its own systems, scanned with anti-virus tools, and provided integrity verification methods, GridSME strongly recommends that users take the appropriate precautions before introducing into any critical or production environment to ensure both security and compliance requirements are upheld.

If you have any questions about the NERC Alert, mitigation strategies, or need help using the tool, don’t hesitate to reach out to security@gridsme.com

Instructions

Tool download

Signature verification

GridSME To Feature At PV O&M USA 2017
GridSME to feature at PV O&M USA 2017
October 9, 2017

GridSME to feature at PV O&M USA 2017

We’re excited to announce that GridSME team members Matt Barnes and John Franzino will be joining the likes of EDF, 8minutenergy, PG&E, Nautilus Solar, RES, Lendlease, MidAmerican, and many more at PV O&M USA 2017.

Matt will be exploring the business case and revenue streams for solar+storage projects with a panel of industry experts.

John will be explaining how to leverage available data to drive cyber security decision making for PV facility operations.

More information on the event, agenda, speakers, and attendees can be found here.

If you are interested in attending the 4th Annual PV O&M USA 2017 conference & exhibition this Nov 2-3 in San Jose CA, GridSME has a $200 discount code (GRIDSME200) for affiliates to utilize. To register at this rate, members need only quote the code when they register online or message Kerr Jeferies directly at kerr@newenergyupdate.com ahead of Oct 27 to secure this discount before the early bird rates also expire.

The Recent Attacks on U.S. Nuclear Plants – Perspective for Your Environment

Throughout the first two weeks of July, news articles with sensational headlines warning of cyber attacks targeting nuclear plants were found throughout news outlets across the world. Keen readers may have noticed some parallels between those articles and the recent NERC Alert regarding the advanced persistent threat (APT) detected by the FBI and DHS—if you assumed both were describing the same threat, you were right.

So if the threats are credible, and they are in fact targeting nuclear plants on U.S. soil, why shouldn’t you be freaking out just yet?

Read the full post here.

NERC Alert – Advanced Persistent Threat – Remediation Recommendations

When it rains, it pours—and its pouring in the cyber security world right now. Below is the first of many detailed cyber security recommendations and implementation guidelines we are releasing to help raise awareness, share information, and collectively improve our security posture as an interconnected grid. We are taking these threats seriously and we hope you are too.

An advanced persistent threat (APT) has been identified by the FBI and DHS, and documented in both a Joint Analysis Report (JAR) and the NERC Alert issued June 30, 2017.

Read the full post here.

NERC Alert – Crash Override – Challenging Beliefs

A NERC Alert issued June 13, 2017 advises on the Crash Override malware found to be behind the December 2016 attack on the Ukrainian power grid. While the NERC Alert provides many great details on the malware’s technical characteristics, the fact of the matter is Crash Override is among the most sophisticated ICS-specific malware variants ever detected, with the ability to “cause loss of visibility, loss of control, manipulation of control, interruption of communications, and deletion of local and networked critical configuration files.” Perhaps most concerning is the malware’s ability to be easily tailored to specific ICS environments, communication protocols, and devices.

This type of sophisticated malware forces us to rethink some common predisposed cybersecurity beliefs:

Read the full post here.

Curtailment Mitigation Strategies
Curtailment Mitigation Strategies
June 14, 2017

Curtailment Mitigation Strategies

Curtailments and energy imbalances can be costly for any generator, whether you are a new market entrant, such as solar PV, or an industry veteran, such as hydro. Generators used to be able to set it and forget it when it comes to scheduling and operations. There may have been a rare occurrence when the CAISO instructed your generator to curtail through an exceptional dispatch. And the occasional forced outage was inevitable, but nothing to fret over. However, more recently, generators are experiencing frequent instances of curtailment, and greater imbalance uncertainty due to the more intermittent profile of the generation fleet and higher market price volatility.

Read More
Back To Top