The National Renewable Energy Laboratory (NREL) launched its Cybersecurity Program Office (CPO) to accelerate NREL’s strategy to secure renewable energy technologies and distributed energy systems.
The program office comes at a time when scientific advances to ensure the security of modern power systems are critical. As the U.S. electric grid transforms into one that is highly distributed and increasingly integrated with renewable energy resources, security challenges will arise that are different from the existing energy system vulnerabilities, according to a press statement. NREL’s expertise in renewables will be essential to assessing and mitigating these challenges and to laying the foundation for more secure future energy systems.
NREL is a national laboratory of the U.S. Department of Energy, Office of Energy Efficiency and Renewable Energy, operated by the Alliance for Sustainable Energy. It advances the science and engineering of energy efficiency, sustainable transportation, and renewable power technologies, and provides the knowledge to integrate and optimize energy systems.
The CPO will be led by Jonathan White, former manager of NREL’s Secure Cyber-Energy Systems Group. As the head of the CPO, White will serve as laboratory program manager to the U.S. Department of Energy Office of Cybersecurity, Energy Security and Emergency Response, and will foster new relationships with diverse sponsors to advance NREL’s research in grid security for distributed energy systems.
“This new program office will position NREL to play a lead role in developing cybersecurity technologies that keep pace with today’s evolving energy infrastructure and provide a pathway to secure tomorrow’s energy system,” said Juan Torres, NREL associate laboratory director for Energy Systems Integration. “Under Jon’s leadership, we will be increasing our cybersecurity impact for federal and industry partners.”
“In line with NREL’s core expertise of systems integration toward a modern grid, CPO will be dedicated to technology R&D, policy, and training needed for leading-edge cybersecurity innovations,” White said. “We’re envisioning solutions that autonomously identify and respond within distributed energy systems comprising a hybrid mix of renewable energy technologies, such as wind, solar, storage, and hydropower.”
When it comes to cybersecurity for the electric grid, researchers at the NREL are looking ahead. New energy technologies are entering the market daily, leading to the transformation of the grid to one that is more dynamic, distributed, and autonomous.
While these advancements continue to create new opportunities for innovation and a modern energy infrastructure, they can also introduce new unknowns, potential vulnerabilities, and greater access to electric grids by nefarious actors. Such changes are transforming the electric grid to become increasingly composed of distributed energy resources (DERs). This involves more connection points between solar inverters, electric vehicles, home batteries, and other home energy devices.
A DER is any resource on the distribution system that produces electricity, consisting of small-scale units of local generation connected to the grid at distribution level.
Since the launch of NREL’s Energy Security and Resilience Center initiative two years ago, the laboratory’s research portfolio in grid security and resilience has grown rapidly. Various projects that have mobilized NREL’s cybersecurity research portfolio include the Distributed Energy Resources Cybersecurity Framework (DERCF), establishment of new cybersecurity industry standards for DERs, and more recently, leveraging data from cable television networks to help detect cyber anomalies on the electric grid.
“Security is a journey,” said Torres, in a statement last October. “Threats will continue to evolve—adversaries as well as their capabilities. It will be critical to continue building more intelligence and more security within today’s evolving energy systems—and to always be looking ahead.”
Building on this growth, CPO will lead NREL’s cybersecurity research strategy and provide recommendations for future staffing, capabilities, and facilities necessary to support a leading, internationally recognized cybersecurity program.