Attacks and Vulnerabilities
Critical infrastructure
News
Utilities: Energy & Power, Water, Waste

DOE announces $30 million funding for cybersecurity tools to protect clean energy infrastructure

January 17, 2024
DOE announces $30 million funding for cybersecurity tools to protect clean energy infrastructure

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) within the U.S. Department of Energy (DOE) has released a US$30 million funding opportunity (FOA) for research, development, and demonstration (RD&D) of cybersecurity tools and technologies to protect clean energy infrastructure. The Cyber RD&D FOA for Clean Energy Infrastructure supports CESER’s ongoing work to develop next-generation technologies to protect the nation’s clean energy infrastructure from increasing cyber threats. 

Earlier this month, the DOE announced that it has granted up to $70 million in funding to support research into technologies designed to increase resilience and reduce risks to energy delivery infrastructure from a variety of hazards, including cyber and physical threats, natural disasters, and climate-change fueled extreme weather events. The latest funding opportunities represent a significant, meaningful investment on the part of the Biden-Harris Administration in the security and resilience of America’s energy sector, both now and for the future, and in American innovation. 

“America’s energy delivery infrastructure is critical to our overall national and economic security,” David Crane, DOE Under Secretary for Infrastructure, said in a media statement. “This funding will drive the development of next-generation cyber technologies that keep our nation at the forefront of innovation while protecting our energy infrastructure from increasing cyber threats. This work could not be more important or timely as our nation transitions to the clean energy economy.” 

The CESER will fund the research and development of new tools and technologies to detect and mitigate cyber threats to clean energy delivery infrastructure, including cloud infrastructure that underpins modernization. 

“The U.S. energy sector continues to face increasing cyber threats from nation-states and criminal actors,” according to Puesh M. Kumar, CESER director. “This funding helps ensure that the next-generation clean energy infrastructure is built with cybersecurity in mind.”

CESER is making $30 million of federal funding available for new awards, subject to the availability of appropriated funds. CESER anticipates making approximately 10 awards under this funding opportunity. Individual awards may vary with an anticipated amount not to exceed $3 million in federal funding. 

Topic areas include:

  • Improving the ability to do forensic analysis of infected renewable energy field devices including components, smart meters, sensors, and control systems located in physically unprotected areas that are accessible to potential adversaries. Forensic analysis is critical for quickly identifying the source of a cyber attack and mitigating its impact.
  • Identifying and mitigating cyber threats to inverter-based resources (IBR), including wind and solar generation technology, as well as related energy storage and battery assets. While IBRs play an important role in delivering clean energy to consumers,  they have also become a new vector for cyber attacks. This RD&D effort will focus on applications and technologies to identify and mitigate these cyber vulnerabilities.
  • Improving the communications security of Distributed Energy Resources (DERs) and Distributed Energy Resource Aggregations (DERA) that could include multiple types of DERs (such as a combination of wind, solar, and storage). The deployment of secure communications between DERs, DERA, and the broader electric grid is necessary to ensure the operational stability and reliability of clean energy delivery systems.   
  • Strengthening the cybersecurity of virtual power plants (VPP) that offer deeper integration of renewables and more affordable power. Cybersecurity RD&D is necessary to reduce the cyber risk for VPP and to enable the secure operation and management of these cloud-based systems.

Last month, the CESER introduced a set of new tools as part of its Cybersecurity for the Operational Technology Environment (CyOTE) research program. These tools were showcased and received feedback from industry partners during a live demonstration session held at the Idaho National Laboratory (INL) in November.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings