Most people don’t think about how electricity reaches their home; they flip a switch and a light comes on. But behind that simple action lies a vast network of power plants, conductors, sensors and control rooms stretching across the United States. This is the electrical grid and is responsible for supplying electricity to almost every home and business in the country.
For much of its history, the electrical grid functioned in a simple manner. Large power plants generated electricity, which then moved from the power plant in one direction, through transmission lines to neighborhoods and cities. The equipment that powered this process was built for a closed environment in an analog era.
Over the past decade, the U.S. energy landscape has changed dramatically as electricity increasingly comes from distributed energy resources (DERs), such as rooftop solar, residential energy storage systems, and electric vehicles that can feed power back into the grid. These technologies rely on constant digital communication with each other and with the power grid, creating a level of real-time interconnection that the power grid was never designed for. While this decentralization improves resilience and supports decarbonization, the integration of millions of internet-connected devices has also introduced significant cybersecurity vulnerabilities.
In 2015attackers found a way to access the digital tools that operators in Ukraine used to run the electricity system and cut electricity to hundreds of thousands of people in the dead of winter. In the US, critical infrastructure has also come under attack, with cyber attacks on utilities increase by 75% between 2023 and 2024. The lesson is clear: exposed digital systems can be exploited to cause real disruption.
As DERs become newer, they are integrated into daily network operations, and their secure performance becomes essential. The power of the modern electrical system now depends as much on the reliability of the digital components as it does on the physical components. Protecting these systems is critical to ensuring that electricity remains stable, reliable and available when people need it.
How local energy sources are reshaping the electricity grid
Because DERs are close to the homes and businesses that use their electricity, they reduce transmission losses and make energy delivery more efficient. They also shift the electrical grid away from reliance on a small number of large power plants and toward millions of smaller devices that generate and manage electricity in real time, which can help keep the electricity flowing even if individual components fail.
Many of these devices operate using inverter-based sources, or IBRs, which have become essential to modern grid stability. These inverters convert the direct current produced by technologies such as solar panels and batteries into the alternating current used in commercial and residential buildings, but their role extends far beyond that basic function.
The current inverters actively regulate the voltage, adjust the output power and help correct fluctuations on the network. If the control settings on even one device are misconfigured (or intentionally changed), conditions such as overvoltage can occur. That’s when electricity flows at levels higher than the equipment was designed for. Backfeeding, where power moves in the wrong direction, is another risk. These problems can overload equipment, damage components or cause outward failures.
It is expected that renewable energy will yield approximately 45% of US electricity in 2030increased today from about 22 to 23%. As adoption continues to grow, the network is increasingly dependent on DERs and IBRs to support stable operations. Because these devices now play such a central role, their safe and reliable performance has become integral to maintaining a resilient electricity system.
When modern grid technology creates new vulnerabilities
The proliferation of DERs has introduced new cybersecurity expectations that many existing devices were never built for. For decades, features like strong authentication, encrypted data exchange, or regular software updates were rarely needed. As these devices connect to networks, the lack of this security can leave them exposed to unauthorized access. Without uniform protection, even routine communications between devices can become a potential weak point.
A central challenge is that existing cybersecurity standards have not yet been widely adopted or tailored to the unique requirements of DERs and IBRs. Existing standards, such as NERC CIPare designed for isolated, centralized systems and lack essential security features such as encryption when exposed to the Internet. As states across the country adopt ambitious renewable energy targets and utilities increasingly rely on DERs and IBRs to stabilize the electric grid, this slowdown in security development is critical as the attack surface rapidly expands.
Closing the cybersecurity gap will require proactive collaboration across the energy sector. Strong protections – such as authentication, authorization, encryption, etc. – must be built into both the hardware and software from the start. Establishing clear, widely accepted requirements will help ensure that all devices, regardless of manufacturer or deployment, can function securely within a more interconnected and digitally controlled network.
Designing distributed energy systems with safety in mind
The number of devices involved in managing electricity continues to grow, and many of them perform functions that directly impact the way energy flows. To keep these systems reliable, cybersecurity must be embedded during the design phase of DER and IBR devices.
One effort that supports this need is UL 2941the standard for cybersecurity of distributed energy and inverter-based resources. It provides a framework to evaluate whether DERs meet certain cybersecurity expectations and helps customers understand how devices meet these requirements. UL 2941 focuses on network-attached endpoint devices that manage significant energy flows and that, in large numbers, could pose a total risk to the stability of the electrical grid. It also provides comprehensive cyber-related requirements intended to help protect power systems from threats and support safe, reliable operations.
As a result, renewable energy suppliers can specify and/or use well-defined and scientifically proven requirements to demonstrate compliance. Utilities and integrators gain confidence that the devices they adopt follow a consistent security approach. And at the industry level, shared expectations help build a foundation for resilience, consistency and consensus as more DERs and IBRs come online. By combining security-by-design with clear, standardized guidelines, the energy industry can scale distributed resources in a way that supports both energy goals and the secure operation of the network.
Improving reliability as decentralized energy grows
Distributed energy is changing not only how energy is generated, but also how it is managed, and protecting those systems is now a core part of supporting decentralized energy. Cybersecurity should be considered as fundamental as voltage and frequency control. Protecting digital components is now an essential part of keeping electricity reliable.
Progress in this direction will require a coordinated effort. Manufacturers, utilities, code authorities and standards bodies all play a role in setting consistent expectations for device security. Shared frameworks – such as those developed to evaluate the cybersecurity of DERs and IBRs such as UL 2941 – provide a blueprint for creating more uniform protections that support reliable deployment at scale. When security expectations vary widely, the entire system becomes more difficult to manage; when expectations are aligned, reliability increases.
Ultimately, protecting the future of energy means designing systems that are not only connected and efficient, but also safe and reliable. Integrating cybersecurity into distributed technologies helps ensure they continue to function properly as they expand. The only effective time to meet these needs is before a disruption or attack occurs, not after.
Authors: Michael Slowinske and Sjoerd Willemsen
Michael Slowinske: Senior Director & Regional GM (Americas), UL Solutions Michael leads engineering and sales for the Energy and Industrial Automation division. With 30 years of experience, he has led technical activities and served on international standards committees. Previously, he was director of Principal Engineering, focusing on the safety of emerging technologies. A licensed professional engineer, Michael holds a degree in environmental engineering from Washington University and an MBA from Northwestern’s Kellogg School.
Sjoerd Willemsen: Chief Engineer, UL Solutions Based in Arnhem, Netherlands, Sjoerd specializes in cybersecurity and interoperability for power systems and industrial communications. He has a degree in Embedded Systems Automation and actively contributes to several IEC committees, including TC 57 (power systems management) and TC 2941 (DER cybersecurity). He also covers digital innovation and the Metaverse via IEC/ISO JSEG 15.
The views and opinions expressed in this article are those of the author and do not necessarily reflect those of the author pv magazine.
This content is copyrighted and may not be reused. If you would like to collaborate with us and reuse some of our content, please contact: editors@pv-magazine.com.
