Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry.

Responsible Cybersecurity Vulnerability Disclosure Practices for the DER Industry


Vulnerability disclosure is the practice of reporting security flaws in computer software or hardware. Security researchers and others examine software and hardware products to find flaws. When flaws are found, and to preempt bad actors from finding and exploiting the flaws themselves, individuals inform vendors of the affected products so that defects can be eliminated. Sounds easy, right?

Unfortunately, vulnerability disclosures can be tricky. While vendors often prefer to wait until they know a problem is solved before disclosing to their customer bases, customers–whose data or systems may be at risk–prefer quick public disclosure and immediate resolution.

How can we balance these divergent interests, get the word out in a responsible and timely manner, and keep the energy grid going? In this one hour session, our panel of experts will explore this topic and describe how practitioners can manage disclosure in a responsible way.

Our panelists include Tom Tansy, Jay Johnson and special guests from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Mitre Corporation.


Tom Tansy
CEO of DER Security Corp
Chairman of SunSpec Alliance


Jay Johnson

Principal Member of Technical Staff at Sandia National Laboratories


Sign up for our newsletter!


Recent Posts

Latest news from our blog

Patent Office Invalidates Tigo Energy, Inc.’s Patent Claims

Patent Office Invalidates Tigo Energy, Inc.’s Patent Claims in Response to SunSpec Alliance IPR Challenge SAN JOSE, CA – January 30, 2023 – The SunSpec Alliance, the open information standards  and certification organization for the Distributed Energy Resources (DER)...

Position Opening: Director of Member Services

The SunSpec Alliance is hiring a new Director of Member Services. This position became available when the previous director was promoted to Executive Director. The individual in this role will be a partner to the Executive Director on virtually all aspects of the...

SunSpec Alliance Webinar: 2023 Work Group Project Road Map

We will discuss the 2023 SunSpec Work Group Roadmap to recruit expert contributors for the next phase of DER standards development. When: Tue, January 31, 2023, 8:30 AM – 9:30 AM PSTWhere: Online The SunSpec Alliance, and the over 170 Contributing Members that...

SunSpec & Sandia DER Cybersecurity Webinar

Using artificial intelligence to provide situational awareness and determine the cyber-physical impacts on DER networks. When: Thu, January 26, 2023, 9:00 AM – 10:00 AM PST Where: Online Ransomware attack and forensics on DER inverters Abstract Ransomware attacks are...

Announcement: Sunspec Alliance Membership Dues Increase! 

Dear Members and prospective Members!  Starting April 2023, the price of Contributing Membership will increase from $4,000 to $5,000 per year. SunSpec is updating our annual membership fee to bring you more great services. With this change, SunSpec is expanding the...

SunSpec Alliance is the information standards and certification organization for the Distributed Energy Resource (DER) industry. SunSpec communication standards address operational requirements of solar and energy storage on the smart grid.

Powered By MemberPress WooCommerce Plus Integration