Q&A with Daniel Bennett: Retired U.S. Army Colonel Brings His Cybersecurity Experience to NREL
June 1, 2020
A retired U.S. Army colonel and former director of research for the U.S. Army Cyber Institute at West Point, Daniel Bennett joined the National Renewable Energy Laboratory (NREL) in September 2019 as the senior technical advisor for NREL’s Energy Security and Resilience (ESR) Center. Bennett spent some time with us to talk about bringing his military experience to support research on cybersecurity capabilities with fifth generation (5G) wireless and NREL’s cyber emulations of large energy systems to analyze and improve grid infrastructure security and resilience.
How did your career as a U.S. Army colonel lead you to NREL?
The U.S. Army was a 25-year journey. I started off as a communications officer, which is like an AT&T operator for the battlefield, and then a network engineer. When I got to West Point, the Army was creating a cyber branch and looking for people with backgrounds in information technology (IT) networking and military intelligence, and I became a cyber officer. The Cyber Institute was developed as a think tank for Army cyber operations.
I was debating between retiring or not from the Army, and then I heard about a job opportunity at NREL. One thing led to another, and I ended up coming back home to Colorado. It made the decision to retire and return to my roots little bit easier.
Tell me about your work in NREL’s Energy Security and Resilience Center.
I am the senior technical advisor for the Center and help advise with our strategic initiatives and have also spent some time helping to expand our U.S. Department of Defense and Department of Homeland Security portfolio. I also have a background in communications, so I have been particularly interested in digging into where the laboratory is going with 5G. I see that at NREL, a big confluence could take place between our interest in where the grid is evolving toward grid-edge resources and devices and where telecommunications is evolving toward 5G. That space could be a huge opportunity for NREL.
What are the 5G pros and cons for cybersecurity and the grid?
5G is going to facilitate everything being more and more connected. Consider your home, for instance. In many cases, your home’s internet access could be powered through 5G versus a fiber or cable connection, and some interconnected technologies might externally connect directly to a 5G base station. For example, if you have photovoltaic (PV) cells on your home, that information could exchange directly with the local 5G base station and not touch your home network. From a cybersecurity point of view, we need to be certain those PV-associated devices are protected because they regularly touch the grid in some form, along with many other home devices; however, 5G’s capabilities also provide a lot of additional capabilities to better help secure them.
How does 5G impact cybersecurity?
In many cases, people see the additional vulnerabilities that 5G will bring from a cybersecurity perspective. And that is true; with more devices connected, there is a higher chance for these devices to be compromised. But 5G gives you the ability, with capabilities such as “network slicing,” to virtually separate these networks so that you don’t have “one big network,” having to traverse one to get to the other. They can just be logically separated. Risks are inherent to things remaining static, which allows time for people who intend to do harm to gain more understanding of how your network is configured and can gain footholds and pivot from those. With 5G, you can change the network dynamically as much as you want. And so, each time somebody tries to understand the vulnerabilities in your network, it could continually be changing. I look at 5G as an opportunity for greater cybersecurity because it can give the people managing it more control.
What projects are you excited about at NREL?
I am excited about NREL’s Cyber-Emulation Energy (CEE) Platform, which can emulate highly connected and dynamic distribution-level energy systems. When I was in Afghanistan working with operational forces, and we needed to make changes to the network, I couldn’t say, “Hey, we need to take down the network in order to make this large change or to test this capability,” while in the middle of combat operations. Instead, we had to figure out how to safely test any changes first on a sandbox (testing environment) copy of the network. It’s the same idea with the CEE Platform and the energy grid. We don’t want to do science experiments on live, critical infrastructure. But we can use the platform to copy large energy systems and test different capabilities and improvements.
For example, NREL created this “digital twin” of the smart grid system at the U.S. Marine Corps Air Station Miramar. We ran different scenarios to show how the system would react given various scenarios like losing connection to the grid. The CEE Platform can also help inform infrastructure upgrades for these and other organizations amongst the many capabilities that it has.
Looking forward, what are the biggest challenges you anticipate when it comes to ESR research?
A key challenge with cybersecurity is not just patching vulnerable holes in our systems but getting ahead of threats and baking security measures into energy systems. We also need to get the system itself to recognize when something bad is going on and then isolate that aspect while keeping the rest of the system running and picking up the slack—essentially, self-healing. We see that 5G can help facilitate these aspects in many ways.
What are your interests outside of NREL?
I am from Colorado originally, and I like doing outdoors stuff like skiing, fishing, and watching my kids’ sports. My two older kids are at the University of Colorado, Boulder, and my wife and youngest daughter are still back in New York while my daughter finishes middle school. So, we are in a transition period. I love being back in Colorado with the 300-plus days of sunshine and back to the big, open skies.