Clean Energy Cybersecurity Accelerator

The Clean Energy Cybersecurity Accelerator^TM (CECA) advances cyber innovation to defend modern, renewable energy technologies against high-priority cybersecurity risks to the energy sector.

Designed to bolster emerging technologies, CECA aims to identify the most urgent security gaps in the modern electrical grid and expedites disruptive solutions to market.

Technologies and architectures are introduced to legacy systems every day, adding complexity and potential for new cyber vulnerabilities to emerge. Now is the time to infuse rapid cyber innovation into our nation's energy systems to ensure we outpace evolving threats.

Leading Efforts To Secure the Clean Energy Grid

CECA is an important element of the White House's National Cybersecurity Strategy, a major milestone in the journey toward a more secure, connected, and resilient future for all Americans. See strategy Pillar 4: Invest in a Resilient Future for details.

Text version

Cohort 1 Summary Report

From December 2022 to May 2023, CECA convened its first cohort of solution providers to research and develop technologies. Those innovators delivered valuable insights into the efficacy and applicability of solutions in common system configurations under realistic threat scenarios.

The CECA Cohort 1 Summary Report highlights areas of future exploration and analysis in subsequent technology iterations. CECA’s evaluations are part of an ongoing conversation and collaboration between utilities and industry partners to bolster U.S. cyber resilience against current and future adversaries.

In addition to documenting the research process and outcomes, the report includes:

A summary of the theme and challenge of this first cohort
An introduction to the solution providers and their technologies
A description of the NREL cyber range
A list of the threat scenarios and key takeaways from the threat scenario results.

Cohort 2

Second Clean Energy Cybersecurity Accelerator Cohort Evaluates Solutions That Uncover Hidden Risks on Utility Networks

CECA's second cohort will focus on delivering solutions that identify industrial control system assets connected to a utility’s infrastructure—including unauthorized, unmanaged, or compromised assets requiring removal or remediation. Among Cohort 2's solution providers is exposure management organization runZero.

The solution is undergoing rigorous testing on a virtual and physical environment, including a representative architecture of operational technology hardware-in-the-loop, to assess the richness of identified asset information and the speed at which the information is gathered.

Program Eligibility

CECA follows a down-selection process to determine the topic of each cycle, which dictates the environment, tactics, procedures, and length of the evaluation. Cohorts go through an accelerator period of 3–12 months, sharing ideas and threat intelligence before validating solutions in the lab. To be eligible for the program, interested solution providers must:

Be based in the United States
Offer technology solutions focused on solving hidden risks due to incomplete system visibility and device security and configuration
Be at a Technology Readiness Level 4 or above as defined by the U.S. Department of Energy Technology Readiness Assessment/Technology Maturation Plan Process Guide (see appendix for definitions).

Cohort members will exit the program with competitive experience, new partnership opportunities, and professional evaluation related to the most urgent cybersecurity challenges facing modern energy systems.

This initiative is sponsored by the U.S. Department of Energy Office of Cybersecurity, Energy Security, and Emergency Response in collaboration with the Office of Energy Efficiency and Renewable Energy and NREL. Strategic direction and cost-sharing is provided by utility partners.

Cyber Range Technical Assessment

Program participants will use the Advanced Research on Integrated Energy Systems (ARIES) Cyber Range to evaluate the proposed cyber-risk solutions. With connection to more than 20 MW of energy system hardware, this environment subjects the technologies to realistic adversary scenarios, facilitated by NREL staff. ARIES users can evaluate technologies at scale through real-time visualization of proactive defense and automated response.

Subscribe to receive CECA email updates related to current and future cohorts.

Subscribe to NREL's Innovation and Entrepreneurship Center quarterly newsletter to learn how we are helping cleantech startups accelerate their paths to market.

Subscribe to NREL's Energy Systems Integration newsletter for monthly updates on energy security and resilience.

Contact

Contact the Clean Energy Cybersecurity Accelerator program administrator with questions.