DOE allocates $39 million for grid modernization projects, cybersecurity included

The U.S. Department of Energy (DOE) announced up to US$39 million for projects across its national laboratories to help modernize the electricity grid. These funds come from the 2023 Grid Modernization Initiative (GMI) lab call which is set to support the development and deployment of concepts, tools, and technologies needed to measure, analyze, predict, protect, and control the grid of the future while incorporating equity and the best available climate science. The modernization efforts will also focus on enhancing cybersecurity posture. 

The project includes support from Idaho National Laboratory, Los Alamos National Laboratory, Lawrence Livermore National Laboratory, National Energy Technology Laboratory, and dozens of public and private sector partners. It works with public and private partners to develop the concepts, tools, and technologies needed to measure, analyze, predict, protect, and control the grid of the future. 

The cybersecurity-focused projects include the assessment and coordination of distributed energy resources (DER) cyber security standards, assessment of communication architectures for energy systems (ACAES), and assessment and coordination of Electric Vehicle Supply Equipment (EVSE) cybersecurity standards.

The portfolio of GMI’s work will help integrate all sources of electricity better, improve the security of the nation’s grid, solve challenges of energy storage and distributed generation, and provide a critical platform for U.S. competitiveness and innovation in a global energy economy. The grid of the future will deliver resilient, reliable, flexible, secure, sustainable, and affordable electricity.

These projects are funded by DOE’s offices of Cybersecurity, Energy Security, and Emergency Response; Electricity; Energy Efficiency and Renewable Energy; Fossil Energy and Carbon Management; and the Grid Deployment Office. GMI is also supported by DOE’s offices of Economic Impact and Diversity, Nuclear Energy, Science, and Technology Transitions, as well as the Grid Modernization Laboratory Consortium, a partnership between DOE’s National Laboratories to bring together experts, technologies, and resources to collaborate on the goal of modernizing the nation’s grid.

When it comes to assessing and coordinating DER cyber security standards, the team led by the National Renewable Energy Laboratory (NREL) will work to assess, develop, refine, implement, and harmonize the multiple, potentially conflicting cybersecurity requirements established by standardization bodies for the distributed energy ecosystem. 

The project will also coordinate with the U.S. administration’s National Standards Strategy for Critical and Emerging Technology to enhance safe and secure distributed energy systems providing clean power nationwide. The end products of this effort will be a cybersecurity certification program and standard, along with a standardized set of testing requirements for distributed energy resources.

Earlier this year, the DOE and the NREL announced a call for applications for the second Clean Energy Cybersecurity Accelerator (CECA) cohort. It gives participants in the Cybersecurity Accelerator Program work to advance cyber innovation and address grid vulnerabilities while supporting the transition to a clean energy future. 

When it comes to the assessment of communication architectures for energy systems (ACAES), the team led by Pacific Northwest National Laboratory (PNNL) will analyze to identify and suggest ways to mitigate gaps in technology, standards, and processes for communications across the electric grid. The team will also create a large library of potential cyber-attack scenarios, including their operational consequences, to support, and future cybersecurity training and planning. 

Additionally, the team will use this information to provide recommendations for new and improved technology, standards, and practices to address potential risks and help ensure a grid with high DER penetration is secure.

On the assessment and coordination of Electric Vehicle Supply Equipment (EVSE) cybersecurity standards, the DOE outlined that the project led by Sandia National Laboratories will work to implement and harmonize cybersecurity requirements and testing across the electric vehicle (EV) charging ecosystem. 

“In coordination with the Biden Administration’s National Standards Strategy for Critical and Emerging Technology, this project will work with the National Electric Vehicle Infrastructure (NEVI) Formula Program, the DOE/DOT Joint Office of Energy and Transportation, and states, Puerto Rico, and the District of Columbia to introduce new cybersecurity requirements related to EV chargers,” according to the DOE. “The end products of this effort will be a standardized set of testing requirements for EVSE equipment and a ‘Security Star’ EV Charging System Cybersecurity Certification Program (inspired by ‘Energy Star’).

Earlier this week, the DOE announced its Advanced Cybersecurity Technology (ACT) 1 Prize Competition, which is part of the Rural and Municipal Utility Cybersecurity (RMUC) Program, established by the Biden-Harris Administration’s Bipartisan Infrastructure Law (BIL). The ACT 1 Prize ($8.96 million) is the first in a series of prizes from the RMUC Program, which will provide $250 million over five years to strengthen the cybersecurity posture of cooperative, municipal, and small investor-owned electric utilities.  

These energy providers serve nearly one in six Americans, and in many cases, are responsible for performing their critical defense installations. With nation-states like China threatening to compromise our nation’s critical energy infrastructure, these smaller utilities must receive the funding they need to defend against evolving cybersecurity attacks.

Last month, the DOE collaborated with the Cybersecurity Manufacturing Innovation Institute (CyManII) and issued Thursday a new request for proposal (RFP) for up to US$4.7 million. The move aims to enhance the cybersecurity landscape within American manufacturing. The RFP is soliciting projects within three critical industry use cases (IUCs), including industrial control systems (ICS), secure industrial digitalization, and industrial additive manufacturing.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.