Deeper penetration of interoperable cyber-physical distributed energy resources (DER) and their utility-wide remote monitoring and control drastically increases cybersecurity attack surface. Utilities require to adopt the DER interconnection and communication standards to a range of autonomous, advanced and curve-based grid-support functions to securely monitor and control DER devices for ensuring power quality, voltage, and system frequency. In this paper, we present DER monitoring and control (DERMC) cyber-physical system (CPS) architecture including standard communication protocols such as IEEE 2030.5 [1] and discuss various stealthy cyber attack vectors that affect communications and operations of DER. We propose a hardware-in-the-loop (HIL) CPS security architecture and testbed design with industry-grade software and hardware systems and a real-time digital simulator for high-fidelity grid impact characteristic analysis against cyber attack vectors. We use the testbed to demonstrate impact characteristics for modified IEEE 13 bus system including 11 solar photovoltaic units. The experiments demonstrated significant results by 100% real-time performance and zero overruns.