Cybersecurity Guide for Distributed Wind
August 2021

**EnerNex contributed to this report with Idaho National Laboratory (INL)**

Distributed wind sits at the intersection of grid-connected, off-grid, and behind-the-meter cyber-physical electric energy systems. The physical properties and communications requirements for distributed wind systems mean that there are unique cybersecurity considerations, but there is little to no existing guidance on best practices for cybersecurity. This document is intended to be a starting point for distributed wind stakeholders including manufacturers, installers and integrators, and operators (facility, aggregator, or utility). We discuss common distributed wind architectures and describe their role in the larger power system, pointing out some of the key connections to be aware of.

Cybersecurity cannot exist in a vacuum, but rather must consider the entire system and all its connections holistically. The role of distributed wind and the functions it can serve are described to gain understanding of the full range of capabilities. The purpose and application of relevant standards that may apply to certain distributed wind systems are presented. These standards may not apply to all installations, but even for systems that are not required to meet these standards, they can be a good reference for best practices. A holistic threat perspective is used to describe the adversaries, threats, and potential impacts of cyberattacks, with special emphasis on what sets distributed wind systems apart from other distributed energy resources (DER).

Finally, we present recommendations for cybersecurity, both in terms of needs of the system and roles that specific stakeholders should fulfill. Distributed wind systems can come in a variety of architectures and applications, so there is no one-size-fits-all approach to cybersecurity. However, this document contains the relevant information for stakeholders to identify the cybersecurity needs of their system, refer to relevant standards, and apply best practices in a manner most consistent with their security and operational goals.


Sean Morash
Principal Consultant


Brian Smith
Principal Consultant