Dive Brief:
- Facing a growing threat to the nation’s power grid, the U.S. Department of Energy on Wednesday announced it will direct $45 million to support up to 15 “next-generation” cybersecurity research, development, and demonstration projects.
- The DOE will make funding available through its Office of Cybersecurity, Energy Security, and Emergency Response and will “focus on developing new cybersecurity tools and technologies designed to reduce cyber risks for energy delivery infrastructure,” according to the announcement.
- The North American Electric Reliability Corp. in July said that reports of cyber incidents — including vulnerabilities, phishing, malware, denial of service and others — “increased significantly” in 2021. While reliability was maintained, the organization warned that nation-state adversaries and organized cyber criminals have the ability to disrupt critical infrastructure.
Dive Insight:
The electric grid is becoming more automated as clean energy technologies are deployed, DOE said, making cybersecurity a priority.
“Researchers will aim to develop tools and technologies that enable energy systems to autonomously recognize a cyberattack, attempt to prevent it, and automatically isolate and eradicate it with no disruption to energy delivery,” the agency said.
The funding announcement lays out six proposed areas for research, including automated prevention and mitigation solutions that would “enable energy systems to autonomously recognize and prevent cyberattacks from disrupting energy.”
Other topics of study include:
- Security by design
- Stronger energy sector authentication mechanisms
- Automated discovery of vulnerabilities in energy delivery control system applications
- Advanced software solutions
- The integration of new concepts with existing infrastructure, which “will require applicants to partner with energy asset owners and operators to validate and demonstrate cutting-edge cybersecurity technology can be retrofitted into existing infrastructure,” DOE said in the funding opportunity announcement.
“As DOE builds out America’s clean energy infrastructure, this funding will provide the tools for a strong, resilient, and secure electricity grid that can withstand modern cyberthreats and deliver energy to every pocket of America,” Energy Secretary Jennifer Granholm said in a statement.
Concept papers are due Sept. 12 and full applications must be submitted by Dec. 5, according to the funding announcement. DOE hopes to make final awards in June.
NERC’s State of Reliability report last month noted that “going forward, industry must continue to integrate cyber and physical security considerations with conventional power system planning, operations, design, and restoration practices.”
Cyberattacks “routinely” targeted the digital supply chain in 2021, but so far the industry’s security has held up, the report said.
“We’re doing a good job at our hygiene and setting certain standards for good cyber performance,” NERC’s Director of Reliability Assessment and Performance Analysis John Moura said. The cybersecurity landscape “relentlessly evolves, and presents continuing challenges to the electric industry.”