DOE’s CECA expands scope, joins with cybersecurity solution providers to secure electric grid, introduce tested solutions

The U.S. Department of Energy’s (DOE’s) Clean Energy Cybersecurity Accelerator (CECA) center is aligning with cybersecurity solution providers to accept applications that offer strong authentication for distributed energy resources to protect the modern electrical grid and expedite bringing tested solutions to market.

The CECA is expected to select “up to five participants in the first cohort, with the application portal now open as of June 6, 2022, and closing on July 6, 2022, at 11:59 p.m. MT,” according to a DOE statement. Participants must be based in the U.S. and offer innovations around the cybersecurity topic priority. These participants will take part in a three-to-12-month incubation period, sharing ideas and threat intelligence before validating solutions in the lab, it added.

The initiative is managed by the DOE’s National Renewable Energy Laboratory (NREL) and sponsored by DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) and utility industry partners, in collaboration with the Office of Energy Efficiency and Renewable Energy (EERE).

Introduced last October, the CECA program comes when cybersecurity threats to critical infrastructure are evolving fast—and as the nation works towards a zero-emissions future. While new grid devices are rapidly being connected to the Internet of Things, which benefits consumers through choice, opportunity, and clean energy resources, such innovations can expose new risks and vulnerabilities that are not yet well understood. A disruptive approach to rapidly infuse cybersecurity innovation into renewable energy systems, without delaying time-to-market, is needed to outpace the speed of emerging threats to our evolving energy infrastructure. 

The CECA program is designed to facilitate the development of new technologies that utilities can employ while identifying and solving the most urgent security gaps in modern energy systems, the DOE said. Intending to strengthen cybersecurity technologies, CECA sets out to identify critical security gaps in the modern electrical grid and expedite disruptive solutions to market. It also builds security into new technologies at the earliest stage, when appropriate security mechanisms can play a larger role and be more effective and efficient, it added.

The introduction of technologies and architectures to legacy systems frequently adds complexity and potential for new cyber vulnerabilities to emerge. The CECA recognizes that now is the time to ‘infuse rapid cyber innovation into our nation’s energy systems to ensure we outpace evolving threats.’

One of the characteristics of the CECA initiative is its partnerships with utilities, which provide destinations for the technologies tested and outlets that will immediately benefit from their new technologies. 

“Not only will the utilities receive connections to a pipeline of innovative cybersecurity technologies, but they also will benefit from access to NREL’s unique testing and evaluation capabilities, including its Advanced Research on Integrated Energy Systems (ARIES) cyber range, developed with support from EERE,” the DOE said. The ARIES cyber range provides one of the most advanced simulation environments with unparalleled real-time situational awareness and visualization to evaluate renewable energy system defenses, it added. 

Utilities will also receive shared insights on the latest cyber challenges, best practices, trends, and the ability to understand cyber technology solutions, the DOE added.

“We look forward to the application period and the first cohort of cyber solution providers through the Clean Energy Cybersecurity Accelerator,” Puesh Kumar, CESER director, said. “With world-class capabilities at NREL, technology innovators will have a platform to develop and deploy renewable, cost-effective, and secure grid technologies with a pathway to technical validation and demonstration. The program brings together federal capabilities and expertise, energy sector asset owners, and technology innovators to develop and deploy modern grid technologies that are not only cost-competitive but also demonstrate the highest level of security by design.”

“If we are to be successful in the deployment of clean energy technologies at scale, we must also ensure that our energy systems are secure and resilient to disruption,” Kelly Speakes-Backman, principal deputy assistant secretary for energy efficiency and renewable energy, said. “Through this testing platform, solutions providers will have the opportunity to test and validate technologies against the highest priority cyber threat scenarios, aiding in our efforts to outpace the speed of emerging threats to our evolving energy infrastructure.”

Last month, the Cybersecurity Manufacturing Innovation Institute (CyManII), an inclusive national research institute, unveiled its broad vision for cybersecurity in U.S. manufacturing for the next five years, delivering awareness of the cyber risks associated with manufacturing processes. The DOE had earlier in April announced funding of US$12 million to support six University-led projects that are set to enhance cybersecurity within American energy systems. The target is also to lead research, development, and demonstrations (RD&D) of new cyber technology.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.