DOE awards $28M to 11 cybersecurity projects
- The U.S. Department of Energy (DOE) has announced $28 million in funding for 11 research partnerships that aim to develop technologies to help prevent, detect and mitigate cyber attacks on an increasingly interconnected and distributed grid.
- The funding will come through the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), which is a DOE office created by President Trump earlier this year.
- Four national laboratories and several large electric utilities signed on as research partners with the various companies and organizations proposing the projects
While the United States has so far avoided any widespread impacts from a cyberattack, stopping them has become "top national priority," according to a statement by U.S. Secretary of Energy Rick Perry.
Hacking attempts aimed at the U.S. electric grid are becoming more sophisticated and will require a new generation of security technology that is apparent on the DOE's list of winners. From new network types to machine-learning energy management systems, the 11 projects emphasize communication and cloud-based operations.
The teams will redesign the current architecture, which leaves the grid vulnerable. The goal is to enable energy delivery systems to identify intruders while maintaining critical functions, the DOE said in a statement.
United Technologies Research Center is helping to develop WISP — Watching grid Infrastructure Stealthily through Proxies. WISP is an open-source tool that will use publicly available metadata — real time energy prices, for instance — to detect and alert operators that "information has been manipulated with the intent to disrupt energy delivery system operations," according to DOE's description.
Cybersecurity firm Dragos will work with three utility partners to develop a cloud-enabled sensor network which will integrate available technologies to "facilitate real-time and actionable information to reduce cyber risk."
On the utility side, Dragos will work with Ameren, First Energy and Southern Co. Also on board are Idaho National Laboratory and North American Electric Reliability Corporation's Electricity Information Sharing and Analysis Center (E-ISAC).
E-ISAC runs GridEx, the biennial exercise put on for utilities to work through their response plans to a cybersecurity attack. Last year, more than 5,000 people participated including utilities, Homeland Security, local law enforcement the FBI and officials in Canada and Mexico.
Three years ago, hackers caused widespread blackouts in Ukraine, a high-profile event that raised fears among the U.S. utility sector. More than three-quarters of utility executives in North America believe the country faces at least a moderate risk of a cyberattack on the electric grid in the next five years, according to a 2017 report from Accenture.
Follow Robert Walton on Twitter