The nation’s energy infrastructure has become a major target of cyberattacks over the past decade, with more frequent and sophisticated attacks on the rise. Today, a cyber incident has the potential to disrupt energy services, damage highly specialized equipment, and threaten human health and safety. This makes energy cybersecurity a top national priority that will require the federal government and the energy sector to work together to reduce cyber risks that could trigger a large-scale or prolonged energy disruption.
To address this priority, the U.S. Department of Energy (DOE) announced awards of up to $28 million to support the research, development and demonstration of next-generation tools and technologies to improve the cybersecurity and resilience of the nation's critical energy infrastructure, including the electric grid and oil and natural gas infrastructure. Among the 11 teams to receive an award is a team from the Texas A&M Engineering Experiment Station (TEES) led by Dr. Kate Davis.
Davis, assistant professor in the Department of Electrical and Computer Engineering at Texas A&M University, leads the team with project members from Pacific Northwest National Laboratory, Sandia National Laboratory, Sekurity, the University of Illinois, Urbana-Champaign and Vistra Energy.
The TEES project is titled “Deep Cyber-Physical Situational Awareness for Energy Systems: A Secure Foundation for Next-Generation Energy Management.” The project team will develop a next-generation secure energy management system that can detect malicious and abnormal events through fusion of cyber and physical data and algorithms, effective integrated analytics and visualization.
“The grant is about re-envisioning the next generation energy management system that considers the power system together with cyber communications,” Davis said. “The idea is to have a truly cyberphysical energy management system that provides visibility into the cyber side and analysis of the cyber side that is tightly coupled with the physical side.”
According to Davis, current energy management systems often are older technology that has been in place a long time, which makes them very hard to upgrade and make changes to because the focus is on the physical processes that can increase security risks.
“Because they're so hard to change and because they're so complicated, they tend to keep doing things the same way they've always done it, which is sort of the conventional applications for managing power systems,” Davis said. “There's a lot of old outdated protocols just like old technology still being used and it only considers the physical system. So what we're doing would consider the cyber system and the physical system together, which in our case is the power system.
“It's also going beyond that and thinking how do we design and build the system in such a way that we’re incorporating security by design,” Davis said. “How do we get away from problems that existing energy management systems have and how do we get away from using old outdated protocols and make sure the information we get out of our systems is trustworthy and has high integrity?”
The DOE’s Office of Electricity Delivery and Energy Reliability has prepared the DOE Multiyear Plan for Energy Sector Cybersecurity to improve cybersecurity and the resilience of the nation’s energy system. The plan aligns DOE’s distinct roles and programs with the efforts of government, energy owners and operators, and key energy stakeholders at all levels.
With funding provided by the Office of Cybersecurity, Energy Security and Emergency Response’s Cybersecurity for Energy Delivery Systems Division, research partnerships such as this will create and make available innovative technologies that help prevent, detect and mitigate cyberattacks.
Davis said the overall impact of a more secure energy management system would benefit everyone, from communications personnel to operators who can learn what types of risks they need to worry about, to education and outreach for everyone to make the different groups more aware of issues. She’s excited to be able to do her part.
“This is a project that’s the close to my heart,” Davis said. “These problems are the things that keep me up all night so I’m thrilled to have the opportunity to have this kind of impact.”
Davis, assistant professor in the Department of Electrical and Computer Engineering at Texas A&M University, leads the team with project members from Pacific Northwest National Laboratory, Sandia National Laboratory, Sekurity, the University of Illinois, Urbana-Champaign and Vistra Energy.
The TEES project is titled “Deep Cyber-Physical Situational Awareness for Energy Systems: A Secure Foundation for Next-Generation Energy Management.” The project team will develop a next-generation secure energy management system that can detect malicious and abnormal events through fusion of cyber and physical data and algorithms, effective integrated analytics and visualization.
“The grant is about re-envisioning the next generation energy management system that considers the power system together with cyber communications,” Davis said. “The idea is to have a truly cyberphysical energy management system that provides visibility into the cyber side and analysis of the cyber side that is tightly coupled with the physical side.”
According to Davis, current energy management systems often are older technology that has been in place a long time, which makes them very hard to upgrade and make changes to because the focus is on the physical processes that can increase security risks.
“Because they're so hard to change and because they're so complicated, they tend to keep doing things the same way they've always done it, which is sort of the conventional applications for managing power systems,” Davis said. “There's a lot of old outdated protocols just like old technology still being used and it only considers the physical system. So what we're doing would consider the cyber system and the physical system together, which in our case is the power system.
“It's also going beyond that and thinking how do we design and build the system in such a way that we’re incorporating security by design,” Davis said. “How do we get away from problems that existing energy management systems have and how do we get away from using old outdated protocols and make sure the information we get out of our systems is trustworthy and has high integrity?”
The DOE’s Office of Electricity Delivery and Energy Reliability has prepared the DOE Multiyear Plan for Energy Sector Cybersecurity to improve cybersecurity and the resilience of the nation’s energy system. The plan aligns DOE’s distinct roles and programs with the efforts of government, energy owners and operators, and key energy stakeholders at all levels.
With funding provided by the Office of Cybersecurity, Energy Security and Emergency Response’s Cybersecurity for Energy Delivery Systems Division, research partnerships such as this will create and make available innovative technologies that help prevent, detect and mitigate cyberattacks.
Davis said the overall impact of a more secure energy management system would benefit everyone, from communications personnel to operators who can learn what types of risks they need to worry about, to education and outreach for everyone to make the different groups more aware of issues. She’s excited to be able to do her part.
“This is a project that’s the close to my heart,” Davis said. “These problems are the things that keep me up all night so I’m thrilled to have the opportunity to have this kind of impact.”