Selected Projects for the Cyber Research, Development, and Demonstration Funding Opportunity

The projects below were selected by the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) to receive funding to develop tools and technologies to reduce cyber risks to energy infrastructure. 

Topic Area 1 – Automated Cyberattack Prevention and Mitigation 

• General Electric Company (Niskayuna, NY) will develop a small form-factor, secure compute platform that will be connected to the operational technology network for natural gas compressor stations, which are important for maintaining proper gas flow to fuel nearly 40% of all electricity generation in the United States. 

Topic Area 2 – Security and Resiliency by Design 

• Electric Power Research Institute, Inc. (EPRI) (Palo Alto, CA) will develop an advanced artificial intelligence and data processing capability to detect and respond to cybersecurity incidents in control system endpoints at the grid edge. 
• General Electric, GE Research (Niskayuna, NY) will strengthen the security of communication protocols used in generation, transmission, and distribution; and will validate, harden, and standardize a new protocol to replace the non-secure protocol currently in use. 
• EPRI (Palo Alto, CA) will research, develop, and demonstrate zero trust architectures for a secure and private 4G LTE and 5G communications network designed to meet the unique needs of electric power systems, primarily focusing on integrating Distributed Energy Resources (DER) and microgrids. 
• General Electric, GE Research (Niskayuna, NY) will develop an innovative ability using quantum communication to securely communicate time-sensitive coordination messages that are important to the resiliency of the power grid.  
• Georgia Tech Research Corporation (Atlanta, GA) will develop GridLogic, a framework for cyber-physical security of the electricity grid and DERs that will impede cyber-attackers and even a malicious insider operator from taking actions that are detrimental to the electricity grid. 
• Iowa State University of Science and Technology (Ames, IA) will develop technical solutions to be incorporated within the initial stages of future DER-integrated grid infrastructure development lifecycle for a more resilient operation of critical control functions. 

Topic Area 3 – Authentication Mechanisms for Energy Delivery Systems 

• EPRI (Palo Alto, CA) will develop and/or accelerate two communications standards to perform centralized management of authentication and authorization services in a zero-trust architecture. 
• Texas A&M University-Kingsville (Kingsville, TX) will research, develop, and demonstrate a zero-trust authentication mechanism with post-quantum cryptography to reduce the cyber-physical security risks to DER devices and networks. 
• Kansas State University (Manhattan, KS) will address the security vulnerabilities of existing standards by integrating authentication, secret key establishment, and encryption-based secure communication mechanisms with existing standards for reliable authentication and communication between smart grid nodes, inverters’ gateways, and other grid-edge devices. 

Topic Area 4 – Automated Methods to Discover and Mitigate Vulnerabilities 

• EPRI (Palo Alto, CA) will revolutionize vulnerability detection, classification, and exploitability determination techniques within control system software to bolster cybersecurity measures in the energy sector.   
• Georgia Tech Research Corporation (Atlanta, GA) will develop “DerGuard,” a framework utilizing artificial intelligence (AI) techniques for automated vulnerability assessment, discovery, and mitigation in DER devices. 
• New York University (NYU) (New York, NY) will develop an integrated and scalable digital twin for security and code verification, called “DISCOVER,” that will detect and mitigate vulnerabilities and malware with a focus on ransomware introduced through software/firmware in the power system supply chain. 

Topic Area 5 – Cybersecurity through Advanced Software Solutions 

• EPRI (Palo Alto, CA) will apply digital twins to detect attacks in power generation assets that focus on malicious modification of the operational technology (OT) system.

Topic Area 6 – Integration of New Concepts and Technologies with Existing Infrastructure 

• GE Packaged Power, LLC D/B/A GE Vernova Advanced Research (Niskayuna, NY) will demonstrate GE's Attack Detection and Accommodation (ADA) technology within five targeted industries: natural gas power generation plant, onshore wind farm, hydro power generation, grid substation, and natural gas pipeline distribution. 
• The Research Foundation for the SUNY, Stony Brook University (Stony Brook, NY) will demonstrate encryption of data in the power grid network, while also allowing smart network nodes to have access to the encrypted data and enable desired functions such as false data injection detection. 

Read the press release announcing these selectees or the original funding opportunity announcement. 

For more information about DOE’s efforts to secure and protect America’s energy sector, visit www.energy.gov/ceser.