The U.S. Department of Energy (DoE) announced Tuesday $34 million in proposed funding for 12 projects aimed at enhancing the reliability and resilience of U.S. energy infrastructure against cybersecurity threats.
The projects cover energy sector organizations in nine states through the DoE Office of Electricity Delivery and Energy Reliability’s Cybersecurity of Energy Delivery Systems (CEDS) program. They are aimed at educating energy sector professionals on cybersecurity and research and development of tools to strengthen American energy infrastructure form cyber attacks.
The cybersecurity project focus on five topic areas: the ability to detect and respond to cyberattacks designed to avoid detection by exploiting routine operations; making the integration of renewables on the power grid at generation, transmission, or distribution levels be more secure from cyber attacks; reducing the exposure of energy delivery systems to cyber attacks; detecting hostile hardware, firmware, or software introduced during manufacturing of energy delivery systems; and identifying gaps in the DoE’s Roadmap to Achieve Energy Delivery Systems Cybersecurity, a plan to improve energy sector cybersecurity.
The department expects the technologies covered by the projects to have a broad applicability to the U.S. energy delivery “sector by meeting the needs of the energy sector in a cost-effective manner with a clear path for acceptance by asset owners and operators and through commercialization by solution providers,” the announcement’s fact sheet said.
The 12 projects are:
- ABB, Inc. in Cary, N.C., will develop a security domain layer system that enables power systems to defend themselves against hacker and insider attacks that aim to disrupt electric power service.
- ABB will also research and demonstrate a cyber-physical control and protection architecture for the secure integration of multi-microgrid systems that can maintain stable performance during disruptive events such as cyber attacks.
- Cyabti in Bloomington, Ill., will develop a cybersecurity educational program on energy delivery systems that target energy sector professionals, and college and high school students. The program will greatly simplify the educational constraints of a physical laboratory setup, cyber-engineering demonstration, and simulated scenario needed for users to build, break, and secure control systems by using kinetic models, software-defined networking, and virtualized industrial devices.
- General Electric [GE] in Niskayuna, N.Y., will develop and demonstrate an automatic cyberattack anomaly detection and accommodation (ADA) system for power plants that will detect and respond to cyber-disruptions caused by cyber-attacks, and attacks against the cyber-physical interface. The system will localize where an attack occurred at critical interfaces and accommodate the system by maintaining uninterrupted operation in normal or degraded condition.
- Intel Federal, LLC in Fairfax, Va., will develop a security architecture solution to securely connect energy infrastructure devices to the cloud to allow the devices to interact with each other. Intel will demonstrate that the cyber-attack surface of energy delivery control systems can be continuously and autonomously reduced in a way that does not impede normal critical energy delivery functions.
- Iowa State University in Ames, Iowa will develop a comprehensive framework that continually assesses and autonomously reduces the attack surface for the power grid control environment by spanning substations, the control center, and the SCADA network to significantly reduce the risk of cyberattacks.
- National Rural Electric Cooperative Association (NRECA) in Arlington, Va., will develop and demonstrate technology for the rapid identification of anomalies in electric utility control communications as an indicator of cyber compromise to support expedited remediation by utility operators.
- Qubitekk, Inc. in Bakersfield, Calif., will advance an innovative technology that will enable multiple devices to communicate in a network that is more secure from eavesdropping and computing attacks.
- Schweitzer Engineering Laboratories, Inc. in Pullman, Wash., will develop a technology that will detect adversarial manipulation of energy delivery control systems by allowing control system operators to automatically identify undesired behavior, contain the affected network areas, and re-route critical information to keep systems operational.
- Schweitzer will also develop algorithms and electronics to further strengthen cybersecurity of precise synchronized timing used in energy delivery.
- Texas A&M University Engineering Experiment Station in College Station, Texas will develop detection methods and tools to further strengthen cybersecurity of precise synchronized timing to help ensure the resiliency of synchrophasor applications and legacy energy management systems.
- United Technologies Research Center (UTRFC) in East Hartford, Conn., will develop an open-source, advanced cybersecurity platform that uses machine learning to more securely integrate legacy and emerging behind-the-meter Distributed Energy Resources (DERs).