The Department of Energy’s Office of Electricity Delivery and Energy Reliability (OE) is working closely with its private and public partners to address the growing cyber threat to the Nation’s energy delivery systems by developing game-changing solutions that will allow future energy systems to be inherently secure, resilient, and self-healing.

At DistribuTech earlier this year, we demonstrated new technologies that our Cybersecurity for Energy Delivery Systems (CEDS) program is supporting. These technologies, which are all available now or will be soon, are designed to help prevent, detect and mitigate the consequences of cyber-attacks that could disrupt energy delivery. Importantly, these technologies were designed from the earliest stages to work well within the strict operational requirements of energy delivery control systems. They will:

• Prevent by decreasing the cyber-attack surface, protecting what remains, and protecting supply chain integrity to avoid the introduction of new vulnerabilities.
• Detect attempted misuse that might cause the system to do something it should never do.
• Mitigate by understanding the nature and possible physical consequences of a cyber-attack, and developing the ability to respond with appropriate actions to avoid potential disruptions of energy delivery.

Among these projects are protective relays that detect, and mitigate by performing rapid physics-based simulation of how a received command might affect grid operations, and use the results to recognize and respond appropriately to malicious commands intended to destabilize the grid. Another product creates software defined operational networks that detect, prevent and mitigate by allowing for deny-by-default of any unexpected cyber-activity and pre-engineered network traffic shaping that adapts to identify, encapsulate and remove an adversary’s presence. Also included are technologies that enable power plants to use machine learning techniques to extract physical features from generator operations, and use this information to detect and accommodate for consequences of a cyber-attack while still powering the grid. Below are brief descriptions of the new technologies, along with links to fact sheets that describe the projects in more detail.

Chess Master provides system operators with a global view of their operational network, enabling them to set and view field network security policy and validate operational adherence to those policies. Schweitzer Engineering Laboratories (SEL) leads this project in partnership with Ameren Energy Resources, Sempra, and Veracity Security Intelligence.

Cyber Attack Detection and Accommodation for Energy Delivery Systems is developing an automatic cyber-attack/anomaly detection and accommodation (ADA) system to reduce the probability of a successful cyber attack.  General Electric Global Research leads this project in partnership with GE Power and Inland Empire Energy Center.

Cyber Attack Resilient High Voltage Direct Current (HVDC) Systems secures high voltage direct current (HVDC) transmission infrastructure by ensuring received commands do not jeopardize grid stability. The project is led by ABB Inc. in partnership with the University of Illinois at Urbana-Champaign, University of Idaho, Bonneville Power Administration, and Argonne National Laboratory.

Enhanced Security in Power System Edge strengthens cybersecurity of grid-edge devices as they interact with each other and “the cloud by implementing an enhanced cybersecurity gateway and a security management channel. Intel Federal leads this project in partnership with Schneider Electric and LiveData Utilities.

Integration of Green Renewable Energy Sources Securely with Buildings and Electric Power enhances building and grid resiliency to cyber-attacks and improves reliability by advancing state-of-the-art, model-based validation of control system traffic. The project is led by United Technologies Research Center in partnership with the University of Illinois at Urbana-Champaign and the Pacific Northwest National Laboratory.

Multi-layered Resilient Microgrid Networks provides cyber-resilient control and protection architecture for the deployment of microgrids in distribution networks. ABB leads this project in partnership with the University of Illinois at Urbana-Champaign.

Patch and Update Management Program for Energy Delivery Systems simplifies the process of patching and updating energy delivery system devices for end users and equipment vendors.  This project is led by FoxGuard Solutions.

Scalable Quantum Cryptography Network for Protected Automation Communication makes quantum key distribution available to critical energy infrastructure, securing communications between deployed automation equipment critical to the operation of the electrical grid. Qubitekk leads this project in partnership with SEL, EPB, University of Tennessee, and Oak Ridge National Laboratory.

Tempus is a time synchronization platform that protects energy delivery systems from GPS-based attacks. SEL leads this project in partnership with the Bonneville Power Administration.

Timing Intrusion Management Ensuring Resiliency manages Global Navigation Satellite System timing signals to avoid compromised situational awareness. The project is led by the Texas A&M Engineering Experiment Station in partnership with Idaho Power Company and the Pacific Northwest National Laboratory.