The Rise of Renewable Energy and the Cybersecurity Challenges Ahead
As the world increasingly turns to renewable energy sources like wind and solar power, the benefits are clear: reduced greenhouse gas emissions, decreased reliance on fossil fuels, and a more sustainable future. However, this transition also brings new challenges, particularly in the realm of cybersecurity. Manimaran Govindarasu, a distinguished professor of electrical and computer engineering, is at the forefront of addressing these vulnerabilities through two innovative research projects funded by the Department of Energy’s (DOE) Office of Cyber Security, Energy Security and Emergency Response (CESER).
The Need for Enhanced Cybersecurity
The integration of renewable energy sources into power grids is not without its complications. As more solar farms and wind turbines connect to the grid, the attack surface for potential cyber threats expands. Govindarasu emphasizes the urgency of this issue, stating, “The complexity of the grid increases as more renewable energy is being integrated, creating more entry points for cyberattacks.” This complexity necessitates robust cybersecurity measures to protect critical infrastructure from malicious activities that could lead to widespread disruptions.
CyDERMS: Enhancing Cyber Situational Awareness
One of Govindarasu’s projects, known as the Cybersecurity for Distributed Energy Resource Management Systems (CyDERMS), aims to enhance cyber situational awareness in renewable energy grids. Set to commence in the summer of 2024, this two-year initiative will leverage artificial intelligence (AI) and machine learning (ML) to monitor and detect cyber threats in real time. By developing advanced anomaly detection systems, the project seeks to identify potential threats before they can escalate into serious attacks.
The collaborative nature of the CyDERMS project is noteworthy. It involves a team of four co-principal investigators, several students from Iowa State University, and partnerships with DOE national labs such as Argonne National Laboratory and the National Renewable Energy Laboratory. Industry partner General Electric (GE) Vernova also plays a crucial role. Together, they aim to create systems that can swiftly detect and respond to malicious activities, ensuring the integrity of the renewable energy grid.
Training the Next Generation of Cybersecurity Experts
In addition to addressing immediate cybersecurity concerns, the CyDERMS project places a strong emphasis on workforce development. It aims to train students and professionals in cybersecurity for operational technology (OT) systems, which control the physical operations of the grid. Unlike traditional IT systems, OT systems face unique challenges, including real-time operational constraints and the presence of legacy technologies. Govindarasu’s initiative seeks to equip the next generation of engineers with the skills necessary to navigate these complexities.
PhD student Souradeep Bhattacharya, who is working on the CyDERMS project, explains the rigorous testing process involved. “First, the developed models are tested offline with realistic datasets collected from simulated normal and attack scenarios,” he says. “Then, these would be implemented in our hardware-in-the-loop (HIL) cyber-physical testbeds for real-time testing and validation.” This hands-on approach ensures that the solutions developed are both practical and effective.
ZT-CARD: Implementing Zero Trust Architecture
The second project, which began in August 2024, takes a different approach to securing the renewable energy grid by implementing Zero Trust Architecture (ZTA). Known as ZT-CARD (Zero Trust Cybersecurity Architecture for Renewable Distributed Systems), this three-year initiative operates on the principle of “never trust, always verify.” By continuously reauthenticating devices and reauthorizing access, ZT-CARD aims to ensure that only authorized entities can interact with the infrastructure.
This project incorporates advanced security solutions, such as moving target defense, which dynamically alters IP addresses and communication paths to confuse potential attackers. This method creates a controlled chaos that complicates the hacker’s ability to pinpoint targets without disrupting operational performance. Shaurya Purohit, a participant in the ZT-CARD project, emphasizes the practicality of their work, stating, “These aren’t just ideas on paper—they’re designed to create solutions that improve the security and resiliency of critical systems.”
The Growing Cybersecurity Landscape
Both the CyDERMS and ZT-CARD projects arise from the increasing reliance on renewable energy and the corresponding growth in cyber vulnerabilities. As more wind, solar, and microgrid systems are integrated into the grid, the infrastructure becomes more interconnected—and thus, more exposed to cyberattacks. Govindarasu warns that hackers could manipulate control systems, potentially leading to blackouts or other critical failures. “The attack surface is growing, and we must ensure that the systems protecting our grid can evolve as well,” he asserts.
Collaborative Efforts for a Secure Future
The success of these projects hinges on collaboration among leading universities, DOE national labs, and industry partners. Institutions such as Arizona State University, the University of Minnesota, the University of Illinois Urbana-Champaign, and Michigan Tech contribute essential expertise in renewable energy infrastructures and grid security. Govindarasu highlights the importance of involving both undergraduate and graduate students in these initiatives, providing them with hands-on experience in cybersecurity and renewable energy research.
Conclusion: A Critical Investment in Cybersecurity
The DOE’s funding for these projects underscores the critical importance of cybersecurity in the renewable energy sector. Govindarasu explains that both projects were selected through a competitive process, reflecting the innovative nature of the proposals and the expertise of the teams involved. As the world continues to embrace renewable energy, ensuring the security of these systems will be paramount. By developing tools that can monitor and mitigate cyber threats, Govindarasu and his team are paving the way for a more secure and resilient energy future.