Cybersecurity Research, Development and Demonstration (RD&D) for Energy Delivery Systems

You are here

Game-changing RD&D to develop resilient energy delivery systems

Background

Cybersecurity solutions for critical energy infrastructure are imperative for reliable energy delivery. In today's highly connected world, with an increasingly sophisticated cyber-threat, it is unrealistic to assume energy delivery systems are isolated or immune from compromise. OE works closely with its private and public partners to accelerate the research, development and demonstration (RD&D) of next-generation cyber-resilient energy delivery systems and components. 

Cybersecurity for the power grid must be carefully engineered to not interfere with energy delivery functions. For instance, the power grid has some legacy devices that are decades old, with limited computational resources and communications bandwidth to support cybersecurity protections. Control and protection devices are widely distributed, and some are in unmanned, remote substations or on top of poles in publicly accessible areas. Access controls are important and must not jeopardize normal operations or emergency responses.

Cybersecurity for the modernized grid is bringing together two communities that until recently have spoken different languages. Information technology (IT) speaks the language of computers and networks that support utility business administrative processes. Operational technology (OT) speaks the language of electronic devices with embedded operating systems streamlined to support energy delivery functions, and operational networks. Utility IT and OT differ in important ways, making it necessary to develop tailored cybersecurity protections for OT systems. However, each has benefits that can be gained from the other.

IT is increasingly being adapted to support OT in utilities so that operating systems, computer platforms, and networks commonly used in IT are now found in some OT architectures. The increasing use of IT computers and networks in OT architectures brings the need to protect these systems against malware developed to attack IT systems.

RD&D is a multidisciplinary area where partnerships are critically important - for example, computer scientists and power systems engineers work together to develop solutions that support energy delivery processes. Most importantly, the tools and technologies developed through these partnerships must not interfere with these processes; for instance, cybersecurity measures must not slow down communications when timeliness is critical.

These multidisciplinary partnerships have resulted in cybersecurity tools and technologies, some of which have had impact across the nation and been deployed in every state. The success of the program is determined by the number of tools and technologies that have been transitioned to practice and are now available to the energy sector, reducing the risk that a cyber-incident can disrupt energy delivery.

Cybersecurity for Energy Delivery Systems (CEDS) R&D Program

OE’s Cybersecurity for Energy Delivery Systems (CEDS) R&D program aligns all activities with Federal priorities as well as the strategy and milestones articulated in the energy sector’s Roadmap to Achieve Energy Delivery Systems Cybersecurity that envisions resilient energy delivery control systems designed, installed, operated, and maintained to survive a cyber incident while sustaining critical functions.

OE designed the CEDS R&D program to assist the energy sector asset owners by developing cybersecurity solutions for energy delivery systems through a focused research and development effort. OE co-funds projects with industry partners to make advances in cybersecurity capabilities for energy delivery systems. These research partnerships are helping to detect, prevent, and mitigate the consequences of a cyber-incident for today’s and tomorrow’s energy delivery systems.  

Since 2010, DOE-OE has invested more than $240 million in cybersecurity research, development and demonstration projects that are led by industry, universities and National Labs. Since then, more than 35 new tools and technologies that OE investments helped support are now being used to further advance the resilience of the Nation’s energy delivery systems. More information about these projects and others is available HERE.

Every two years, OE conducts a peer review of research partnerships that provides researchers, stakeholders, and management with an expert, unbiased assessment of strengths, weaknesses, and specific recommendations for improvement.  OE receives high-quality technical input to assist in making decisions and setting priorities for the program’s future direction.  Importantly, the peer review process provides public accountability for the use of public funds.

CEDS R&D also provides funds for selected projects led by Federally Funded Research and Development Centers (FFRDCs) such as the DOE-sponsored National Laboratories: Argonne National Laboratory (ANL), Brookhaven National Laboratory (BNL), Idaho National Laboratory (INL), Lawrence Berkeley National Laboratory (LBNL), Lawrence Livermore National Laboratory (LLNL), Los Alamos National Laboratory (LANL), National Renewable Energy Laboratory (NREL), Oak Ridge National Laboratory (ORNL), Pacific Northwest National Laboratory (PNNL), and Sandia National Laboratories (SNL).

CEDS R&D also funds academic collaborations, in partnership with DHS S&T, to bring together institutions with the expertise and vision needed to develop and transition innovative technologies that will help utilities to survive a cyber incident while sustaining critical functions. This initiative is focused on creating teams of academic institutions with expertise in power systems engineering and the computer science of cybersecurity. The teams are developing and implementing multi-disciplinary research plans to produce new cybersecurity tools and technologies and make them available to the energy sector. Utilities and suppliers of energy delivery systems and components are engaged at all stages, from the earliest research through the eventual transition to use by the energy sector. Lessons learned will be shared through academic outreach to ensure that the technical knowledge also transitions to the energy sector.

For more information regarding any of these research projects, please refer to the fact sheets.

When CEDS R&D funding opportunities become available, these can be found at the NETL Solicitations and Funding Opportunities website.

Related Links

Roadmap to Achieve Energy Delivery Systems Cybersecurity

CEDS Fact Sheets

CEDS 2016 Peer Review

CEDS 2014 Peer Review

CEDS 2012 Peer Review

CEDS 2010 Peer Review

Energy Sector Cybersecurity Framework Implementation Guidance

The Industrial Ethernet Book: SDN for purpose-engineered, active defense cyber security

The Electricity Journal: Cybersecurity and the Smarter Grid

Cybersecurity Procurement Language for Energy Delivery Systems

Presidential Proclamation: Critical Infrastructure Security and Resilience Month, 2013

Vulnerability Analysis of Energy Delivery Control Systems