Clean Energy Cybersecurity Accelerator

The Clean Energy Cybersecurity Accelerator^TM (CECA) advances cyber innovation to defend modern, renewable energy technologies against high-priority cybersecurity risks to the energy sector.

Designed to bolster emerging technologies, CECA aims to identify the most urgent security gaps in the modern electrical grid and expedites disruptive solutions to market.

Technologies and architectures are introduced to legacy systems every day, adding complexity and potential for new cyber vulnerabilities to emerge. Now is the time to infuse rapid cyber innovation into our nation's energy systems to ensure we outpace evolving threats.

Leading Efforts To Secure the Clean Energy Grid

CECA is an important element of the White House's National Cybersecurity Strategy, a major milestone in the journey toward a more secure, connected, and resilient future for all Americans. See strategy Pillar 4: Invest in a Resilient Future for details.

Text version

Cohort 1 Summary Report

From December 2022 to May 2023, CECA's first cohort of solution providers delivered valuable insights into the efficacy and applicability of solutions in common system configurations under realistic threat scenarios.

The CECA Cohort 1 Summary Report highlights areas of future exploration and analysis in subsequent technology iterations. CECA’s evaluations are part of an ongoing conversation and collaboration between utilities and industry partners to bolster U.S. cyber resilience against current and future adversaries.

In addition to documenting the research process and outcomes, the report includes:

A summary of the theme and challenge of this first cohort
An introduction to the solution providers and their technologies
A description of the NREL cyber range
A list of the threat scenarios and key takeaways from the threat scenario results.

Cohort 2

Cohort 2 will assess solutions that actively identify all industrial control system assets connected to a utility's infrastructure, both physically and virtually, to understand the totality of assets that need to be monitored and protected within the environment. The solutions should support the identification of unauthorized, unmanaged, or compromised assets to be removed or remediated. The main features of the solution to be assessed include, but are not limited to, the accuracy and richness of the asset information identified and the speed at which the information is gathered.

Program Eligibility

CECA follows a down-selection process to determine the topic of each cycle, which dictates the environment, tactics, procedures, and length of the evaluation. Cohorts go through an accelerator period of 3–12 months, sharing ideas and threat intelligence before validating solutions in the lab. To be eligible for the program, interested solution providers must:

Be based in the United States
Offer technology solutions focused on solving hidden risks due to incomplete system visibility and device security and configuration
Be at a Technology Readiness Level 4 or above as defined by the U.S. Department of Energy Technology Readiness Assessment/Technology Maturation Plan Process Guide (see appendix for definitions).

The Cyber Range Technical Assessment

Cohort members will work with experts to use NREL's Advanced Research on Integrated Energy Systems (ARIES) cyber range to evaluate the proposed cyber-risk solutions. With connection to more than 20 MW of energy system hardware, this environment subjects the technologies to realistic adversary scenarios, facilitated by NREL staff. ARIES users can evaluate technologies at scale through real-time visualization of proactive defense and automated response.

Cohort members will exit the program with competitive experience, new partnership opportunities, and professional evaluation related to the most urgent cybersecurity challenges facing modern energy systems.

This initiative is sponsored by the U.S. Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response in collaboration with the Office of Energy Efficiency and Renewable Energy and NREL. Strategic direction and cost-sharing is provided by utility partners.

Read the news: First Clean Energy Cybersecurity Accelerator Participants Begin Technical Assessment

Subscribe to receive CECA email updates related to current and future cohorts.

Subscribe to NREL's Innovation and Entrepreneurship Center quarterly newsletter to learn how we are helping cleantech startups accelerate their paths to market.

Subscribe to NREL's Energy Systems Integration newsletter for monthly updates on energy security and resilience.

Contact

Contact the Clean Energy Cybersecurity Accelerator program administrator with questions.