DOE R&D plan targets ‘fast threat’ hackers current to renewable power applied sciences

DOE R&D plan targets 'immediate risk' hackers present to renewable energy technologies

Diving letter:

  • The US Department of Energy has released a multi-year plan designed to guide cybersecurity research and development (R&D) for efficiency and renewable energy applications. This is intended to improve the resilience of operational technologies and raise stakeholder awareness of vulnerabilities, the ministry announced on Wednesday.
  • DOE announced the Cybersecurity Multiyear Program Plan, launched last month by the Office for Energy Efficiency and Renewable Energy (EERE) aims to strengthen systems that are critical to renewable energy, manufacturing, buildings and transportation, “which are increasingly interconnected and vulnerable to cyberattacks”.
  • The German government warns of increasing cyber attacks on energy technologies and related industrial control systems. In July, the Department of Homeland Security’s agency for cybersecurity and infrastructure security recommended that utilities develop plans to manually operate devices that could be compromised by an attack.

Dive Insight:

As complex energy systems become more integrated with other critical infrastructure operations, DOE officials say an overarching plan is needed to manage cybersecurity in the utility sector.

EERE’s growing focus on cybersecurity is the result of “recent advances in functionality and interoperability” in renewable and efficient technologies, “which are now making cybersecurity a more pressing concern,” the report said. New technologies, including advanced solar inverters, “must be developed with cybersecurity as a requirement”.

As part of the multi-annual program plan, the agency is “pursuing a holistic and unified strategy to advance cybersecurity research and development and readiness in the areas of renewable energy, energy efficiency and transport,” said Daniel Simmons, EERE deputy secretary, in a statement .

The strategy aims to accelerate “cyber resilience research and development” for efficiency and operating technologies for renewable energy and to raise stakeholder awareness of security threats and issues. EERE said its activities will help mitigate common threats and vulnerabilities in hardware and software across its portfolio, including power electronics, sensors, control systems, and information communication technology.

“Coupled with a solid commitment and partnership with industry, academia and government stakeholders, the R&D activities in this plan will strengthen the cybersecurity of new technologies across the EERE portfolio,” said Simmons.

The agency said the strategy will also enable greater collaboration with industry, academia and other government agencies “to ensure that EERE’s early-stage research achieves its goals without duplicating efforts”.

EERE’s plan includes examples of recent projects in support of the security approach, including a new tool from the Federal Energy Management Program that depicts potential cyber tactics and techniques that an attacker has officially reported could be used by an attacker if vulnerabilities are not addressed will. DOE is also committed to protecting EV smart charging stations from attacks through its Vehicle Technologies Bureau, where it has incorporated security requirements into recent project funding.

Technologies developed by EERE are part of DOE’s strategy to secure American energy, according to the report. “As EERE technologies become more affordable as they go to market, integrating these technologies into the nation’s energy systems will become a priority,” the report said.

EERE suggests researching and developing vulnerability assessments to help stakeholders quantify, evaluate and test the effectiveness and timeliness of various cybersecurity vulnerability mitigation technologies and strategies. Solutions are also being developed to enable stakeholders to proactively instrument and monitor systems “to take effective action to respond and mitigate”.

“Cyber ​​threats targeting EERE technologies pose an immediate risk to the integrity and availability of energy infrastructure and other systems that are critical to the country’s economy, security and well-being,” said Alex Fitzsimmons, deputy Deputy Secretary for Energy Efficiency, in a statement. “New technologies must be developed with cybersecurity as a prerequisite.”


Please enter your comment!
Please enter your name here