DOE funds six University-led projects, with intention of improving cybersecurity of energy systems

The U.S. Department of Energy (DOE) announced funding of US$12 million to support six University-led projects that are set to enhance cybersecurity within American energy systems. The target is also to lead research, development, and demonstrations (RD&D) of new cyber technology. The funding also supports the U.S. Administration’s commitment to safeguarding critical infrastructure and advancing the energy sector’s cybersecurity capabilities nationwide.

The Universities involved in the proposed project include Florida International University, Iowa State University, New York University, Texas A&M Engineering Experiment Station, the University of Illinois at Chicago, and Virginia Polytechnic Institute and State University. Each of the projects has been allocated an award of around US$2,000,000, with a plan to develop cutting-edge cyber-physical platform tools and technologies that detect and mitigate incidents in energy delivery systems. 

“Investing in cutting-edge cyber security technology keeps us at the forefront of global innovation and protects America’s power grid in the face of increasing cyber threats from abroad,” Jennifer Granholm, U.S. Secretary of Energy, said in a recent media statement. “This funding will bolster our commitment to a secure and resilient clean energy future by fortifying American electricity systems and building a stronger grid.” 

Through its Office of Cybersecurity, Energy Security, and Emergency Response (CESER), the DOE will fund six university teams to perform cybersecurity RD&D to advance anomaly detection, artificial intelligence, machine learning, and physics-based analytics to strengthen the security of next-generation energy systems. These systems include components placed in substations to detect cyber intrusions more quickly and automatically block access to control functions.  

As part of the project, Florida International University will develop AI-based detection tools and design effective cyber threat mitigation strategies using these technologies. Its partners will include North Carolina State University (NCSU), the University of North Carolina (UNC), Raytheon Technologies Research Center (RTRC), and Duke Energy. 

The Iowa State University project will enable defense-in-depth security and resilience for cyber-physical systems using AI-integrated, attack-resilient, and proactive system technologies and solutions. The partners involved are the University of Texas at El Paso (UTEP), Electric Power Research Institute (EPRI), Duke Energy, Alliant Energy, Google, OSISoft, and SEL. 

The New York University will partner with SRI International, New York Power Authority, and Consolidated Edison. The project will develop a program called Tracking Real-time Anomalies in Power Systems (TRAPS) to detect and localize anomalies in power grid cyber-physical systems. 

Texas A&M Engineering Experiment Station project will leverage AI and machine learning to develop techniques and scalable prototypes for intrusion response against advanced cyber-physical threats to power systems. The partners involved are Rutgers University, Oregon State University, Network Perception, TDi Technologies, PSC Consulting, and Electric Power Engineers. 

The University of Illinois at Chicago project will develop a resilient, next-generation solid-state power substation, integrating cybersecurity considerations. The partners include the Iowa State University, University of Arkansas, Illinois Institute of Technology (IIT), Electric Power Research Institute (EPRI), NextWatt LLC, Eaton, and ENER-i. 

The Virginia Polytechnic Institute and State University will create a program called Cyber REsilience of SubsTations (CREST), a two-part system to detect and mitigate cyber incidents while maintaining secure communication and critical functions. The partners involved are the University of Michigan-Dearborn, Southern Company Services, and GW Grid Solutions LLC. 

In a related move, industrial cybersecurity company Dragos entered into an initiative with the DOE to bolster security and increase visibility among the nation’s critical energy infrastructure community through Dragos Neighborhood Keeper. The step builds on the company’s February action of entering into a public-private initiative with the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA). The move will use the company’s Neighborhood Keeper technology across ICS/OT (operational technology) networks to strengthen security and visibility across the nation’s critical infrastructure installations.

As part of the latest deal, the CESER under a Trusted Advisor role will use Dragos Neighborhood Keeper. DOE analysts will be able to gain visibility into ICS/OT cyber threats facing the industrial infrastructure community participating in Neighborhood Keeper, Dragos said. This takes place without sharing any company data or sensitive identifying information, representing a unique capability of anonymous, real-time information sharing with OT stakeholders, including the government, on OT networks.

Specifically, DOE analysts will be able to view anonymized, aggregate information about threat analytics, indicators of compromise (IOCs), and the prevalence of vulnerabilities and asset types across Neighborhood Keeper participants, according to Dragos. This enables analysts to not only understand what threats could be impacting the industrial community but also understand the possible exposure to existing and emerging supply chain risks, it added.

“Seeing Neighborhood Keeper grow to serve organizations across the range of critical infrastructure sectors is a testament to what public agencies and industrial communities can achieve together to enhance national security while respecting and protecting data integrity and identity,” Robert M. Lee, CEO and co-founder at Dragos, said in a media statement. “Having DOE come full circle to join as a Neighborhood Keeper Trusted Advisor—just as NSA and CISA did recently as well — shows the government’s commitment to collaborate by using technologies the industry has already voluntarily adopted,” he added.

Last June, Dragos entered into a joint initiative with the North American Electric Reliability Corporation‘s (NERC) Electricity Information Sharing and Analysis Center (E-ISAC) for using the Dragos Neighborhood Keeper technology. The deal works towards strengthening collective defense and community-wide visibility for industrial cybersecurity in the North American electricity industry.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.