Standards for electric vehicles and the grid

The IEC is paving the way for standards on EVs used as DERs for the grid, meaning that EVs can charge electricity from the grid but also discharge energy to it when required. Are there any new standards in that area?

There has been a lot of progress, some of it in the IEC and some of it outside of the IEC. An IEC milestone is the publishing of IEC 63584 in 2024, based on an important protocol, the open charge point protocol or OCPP. In the past, OCPP provided support only for the charging of EVs. However, in response to grid management requirements for the discharging of EVs, the protocol now offers interoperable communications between charging stations (EVSEs) and different flexibility operators or aggregators, thus able to support different vendors and the many different regulatory requirements. The protocol itself is being updated for it to meet the IEC 63460 recommendations developed in the IEC Systems Committee for Smart Energy (SyC SE), which include EVs acting as DERs when charging as well as when discharging to the home or the grid. This standard has only just been published. In future additions, IEC 63584 will include more of the DER functionalities, including limiting charging and discharging, responding autonomously to frequency and voltages, and being managed just like any other DER.

Another standard in that area is ISO 15118-20, which extends the communications from the EVSE to the EVs themselves, as necessary. This protocol is also being actively updated to reflect the requirements for EVs to act as DERs.

Are all these standards complementary or competing?

They all work at different levels. The ISO 15118-20 Standard is used to communicate between the EVSE and the EV. The IEC 63584 Standard is used to communicate between the EVSEs and the external systems, for instance the electricity aggregators. Both are used in conjunction with each other to communicate the data exchanges required to meet the power system functional requirements of IEEE 1547.

How did different technical committees work together on this?

IEC TC 57 published IEC 61850-7-420, which defines the semantic information models (data object names and meanings) that are necessary to manage DERs. The IEC 61850 data object names and their meanings are being used by the following six DER-related communication protocols: IEC 61850-7-420, IEEE 2030.5, IEEE 1815.2 (DNP3), SunSpec Modbus, OCPP, and ISO/IEC 15118-20. This means that IEC 61850-7-420 has really become the source of data names and meanings, and is the golden nugget at the heart of all standards dealing with the interaction of the grid with DERs.

Experts in TC 69, which publishes standards on electrical energy transfer systems for EVs, therefore realized that the IEC 61850-7-420 Standard was the appropriate basis for communication with EVs plugging into the grid. They have a joint working group (JWG11) with TC 57, which deals with  the management of EV charging and discharging infrastructures. Another joint working group (JWG15) includes both TC 57 and TC 120, which prepares standards for energy storage systems. JWG15 addresses the use cases and data requirements between flexibility operators, aggregators, and EV charging stations.

The SyC SE identifies the gaps in the work being done by these groups. IEC 63460 “EVs as DER” suggests methods for resolving them. This effort from the SyC, along with the work of the many IEC and ISO experts in this EV field, has been critical to the updating of OCPP and ISO/IEC 15118-20, and helped with the recognition that EVs are just another source of stored energy for supporting the grid (and their owners!).

With the huge growth in EV sales in 2024, were utilities keen for these standards to be published to help them accommodate the growing electricity demand from EVs?

Yes. I will give you the example of California in the US, which has the largest number of EVs in this country. The utilities were initially stalling on interconnecting the larger charging stations because they could not accommodate the surge in demand without upgrading the grid to handle them. But legislators in the state issued regulations pushing them to act. And all of a sudden, as soon as the legislation was passed, utilities acted really fast to make way for these new usages. They naturally had some caveats, and are introducing regulatory requirements limiting the rate of charging during high demand times, valid until the grid upgrades will be installed. In addition, for homes and smaller businesses, the time-of-use rates have been modified to encourage consumers to charge during low demand time, such as after midnight. The point is that the existing standards landscape helped them to adapt rapidly and make way for these new uses. You need to have communications between the utility, the aggregator, the home or business, the devices in the home and the EV itself, which are both seamless and secure and that is what standards enable.

Can you tell us more about IEC cyber security standards for the grid and DERs?

Yes. There are the ongoing efforts by my working group inside TC 57 which develops the IEC 62351 cyber security standards, which I call the “ How to do it”  standards. The IEC has also developed the IEC 62443 Standards which tell you “ What you need to do”, but not how to do it. The IEC 62443 Standards are being extended to include horizontal cyber security requirements, meaning that different areas like energy and medical equipment are modifying the base IEC 62443 Standards to reflect their more specific needs. We are working on the cyber security requirements for substations right now and will be working on DER-specific requirements. IEC 62443-4-2 can also be used for testing the cyber security of devices, such as DERs.

Outside of the IEC, IEEE 1547.3 provides recommendations for cyber security in DERs, which can be used as a guide by utilities. In addition, UL Solutions, a US-based product safety and certification organization, is developing the UL 2941 Standard for testing the cyber security of DERs.

What are the challenges to address on the cyber security of substations and DERs?

Substations and DERs are very different with respect to their cyber security requirements. Substations are 100% controlled by the utility, which has complete command over what measures they should take to protect them. DERs, on the contrary, have different owners, aggregators, manufacturers, installers, and even different utilities. For DER cyber security, you would need to get an agreement between all these different entities on what level of security and what protocols to use, and that type of agreement can be quite problematic. The manufacturers of EVs want us to stay out of their world – they don’t want utilities, for instance, to tell them what to do.

Substations are critical pieces of equipment for the electrical grid which can be attractive to attackers because of their visible role in providing electrical power, a critical infrastructure. However, attacking a single DER could irritate its owner, but not much more. Only if the attack affects many DERs would it rise to being a critical threat. Most substations have some form of physical security: they have fences, gates, and padlocks and sometimes even cameras, while DERs are rarely protected physically.

From a communications perspective, DER systems utilize the internet, which can be insecure, and manufacturers usually deploy Modbus, which has no security, within their DER systems. So even if more secure protocols are used externally, DER sites are particularly vulnerable. One of the areas of disagreement between utilities and DER manufacturers is on where the security should start and who is responsible for securing which equipment – and who responds to which types of security attacks. So that’s some of the issues we are dealing with.

Can you damage the grid by hacking a DER?

The risk is with the communication channel. If a DER is linked to the grid through a communication channel, and the malware goes through the communication channel all the way to other DERs, to the aggregator and even the utility, and gives control commands to turn the systems on and off randomly and repeatedly, that is going to wreak havoc on the grid. It is one of our major concerns.

What are the main areas of focus for TC 57 and the SyC SE in the future?

In the short term, we need to make sure that all the different protocols in the EV space meet the same requirements. In the longer term, we would require the regulatory environment to change its perspective on the role of utilities. Utilities are required to serve all electricity loads in the current regulatory environment. But in the future, we can see that there will be more of a balance between the users and the utility, with more communication and more understanding between them. In the future, utilities should become like orchestra conductors, with users importing and exporting power to the grid in a flexible way based on constraints if necessary and on incentives where possible. The utility will be managing the network as a cyber secure and reliable system. We are still quite some way from that. But we are thinking along those terms. Artificial intelligence will most probably help us all to achieve these goals.

Frances Cleveland is a graduate in electrical engineering and applied physics from Harvard University and a post-graduate in electrical engineering and computer science from the University of California at Berkeley.

She has managed and consulted on smart grid information and control system projects in the electric power industry for over 35 years.  Her expertise has focused primarily on smart grid information interoperability standards, cyber security issues, resilience of the power grid, smart inverter functionalities for distributed energy resources (DERs) and integration of systems, including DERs, plug-in electric vehicles, advanced metering infrastructures, distribution automation, substation automation and energy market operations.

Leggi l’articolo originale pubblicato su E-Tech