Idaho National Laboratory is developing an action plan with the National Institute of Standards and Technology to ensure utility companies and the rest of the energy sector use cyber-informed engineering when connecting to the electric grid.
The action plan will build on the National Cyber-Informed Engineering Strategy released by the Department of Energy in June and ask organizations what they can do to help secure the grid of the future and contribute to standards bodies and frameworks. The strategy sets out the department’s core priorities for protecting the energy industry.
Idaho National Laboratory is one of the Department of Energy’s national labs, and is managed by the Battelle Energy Alliance. Historically the laboratory has been involved with nuclear research.
DOE committed $16 million in 2021 to connecting solar and wind energy sources and electric vehicle charging stations to the electric grid, but previously cybersecurity was an afterthought. As a result, the Office of Cybersecurity, Energy Security and Emergency Response now plans to fund pilots migrating clean water systems to the cloud, municipal utilities and rural cooperatives, and threat-information sharing through a forthcoming Energy Threat Analysis Center.
“How do we use the inherent properties of the grid, in terms of sensors and analytics, and marry it up with cyber intelligence?” said Puesh Kumar, director of CESER, during an AFCEA Bethesda event Thursday. “That is a big effort that we’re undertaking.”
CESER works with more than 3,000 electric utilities; heat, oil and natural gas companies; and renewable energy companies to prepare for, mitigate and respond to threats from natural disasters to cyberattacks.
At the same time DOE is providing intelligence and forensic analysis services to its four Power Marketing Administrations (PMAs), which sell hydropower to utilities serving 65 million people across 35 states.
“Right now Western Area Power Administration is working with us to enable their resilience through putting some of their services and monitoring in the cloud,” said Ann Dunkin, chief information officer at DOE. “Historically that’s all been on premise, so we’re piloting moving that to the cloud.”
The Federal Energy Regulatory Commission will ultimately determine if those pilots are a success before greenlighting their expansion.
CESER is able to push cyber capabilities DOE develops with the PMAs out to industry. While operational technology was “neglected” in the past, DOE is working with the PMAs to ensure their OT is well-instrumented to obtain quality data that can be combined with threat intelligence and shared broadly, Dunkin said.
The goal is to use PMA data as “warning systems” for other parts of DOE and international partners, she added.
“If you think about who’s attacking DOE, many of the people who are going to go after the PMAs first may see them as potentially a softer target,” Dunkin said. “Even if they’re not, they may perceive them that way.”