Foundational Cybersecurity Sciences

To prepare for a future of advanced cyber threats and diversifying operational systems, NREL works to advance the core science of cybersecurity and transmit breakthroughs into field-ready solutions.

Lens view of a city next to an ocean with a connected technology web hovering above it.

Capabilities

Artificial Intelligence

The promise and peril of artificial intelligence (AI) for cybersecurity is undeniable, providing many powerful applications in cybersecurity for both adversaries and security practitioners. For adversaries, AI can automate attacks and analysis of target systems. For security practitioners, AI can adaptively learn to identify and automatically neutralize attacks while also helping operators interpret and respond to emerging threats.

Our research is focused on building strong defenses that take full advantage of advancements in AI for the security of future energy systems, while also countering AI-assisted attacks in an expanding attack surface. Major challenges in this space include designing AI-based cybersecurity for systems that have distributed ownership and privacy, deploying tools to simplify and clarify system security, and progressively advancing AI methods to identify changing threats. Current areas of research interest include:

  • Reinforcement learning for automated cyber response and recovery
  • Adversarial learning for enhancing cyber resilience
  • Federated learning approaches for privacy-preserving cyber resilience
  • Explainable AI to enable the adoption and deployment of AI-based cybersecurity tools.

Formal Methods for Cybersecurity of Future Energy Systems

Formal methods refer to a field of study that combines formal logic, computer science, and mathematics to create automated frameworks to guarantee system properties (e.g., cyber resilience) and verify system behaviors (e.g., cyber controls). These can be expressed in a formal language and systematically and rigorously proven using computer assistance. NREL is working on formal methods for developing tools and approaches for verifiable operational technology cybersecurity, which features increasing complexity and interconnectedness, including:

  • Cybersecurity for high-assurance applications
  • Formal verification for cybersecurity requirements and tools
  • Formal requirements analysis for cybersecurity.

Cryptographic Approaches for Cybersecurity of Future Energy Systems

NREL is developing fundamental cryptographic approaches that support zero-trust security in operational systems. The NREL team has explored novel techniques such as zero-knowledge proofs to develop cyber-resilient grid controls and communications that are robust in a post-quantum world. In addition, the team has developed a validated and system-ready tool, Module-OT, that sits between system assets as a bump-in-the-wire security appliance, cryptographically protecting both modern and legacy devices. Other ongoing work in this area includes:

  • Zero-knowledge proofs for operational technology cybersecurity
  • Quantum-resistant algorithms.

Cyber Resilience by Design

Engineered systems should incorporate security and resilience from initial concept and design so that these are primary features rather than afterthoughts. NREL promotes this concept through various approaches, including cyber-informed engineering, which works to update engineering certifications and education with cybersecurity principles, including:

  • A cyber resilience-by-design framework for the assessment of cyber-physical systems
  • An AI framework to enable cyber resilience leveraging cyber-physical network topologies.

NREL is coleading the Cyber-Informed Engineering program with Idaho National Laboratory to advance cyber-informed engineering in the interest of designing secure, clean energy systems.

Projects

NREL has launched and advanced research in autonomous energy systems, which creates tools and solutions for the real-time control and optimization of distributed energy resources. We are working with power systems researchers to design cybersecurity into the automated decision-making methods of autonomous energy systems.

Autonomous energy systems use methods that dynamically reorganize energy networks into optimally resilient, stable, or economic configurations. Our work ensures that these dynamically arranged systems maintain privacy and security despite the difficulties of distributed data collection, ownership, and access.
NREL is supporting the Mitigation via Analytics for Grid-Inverter Cybersecurity project, which aims to develop AI tools for detecting and mitigating attacks on groups of distributed energy resources. The project is sponsored by the U.S. Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response and involves Lawrence Berkeley National Laboratory, Siemens Corporate Technologies, Cornell Tech, and the National Rural Electric Cooperative Association Research. NREL will assess vulnerabilities in the AI models by conducting adversarial exercises in a cyber testing range.
The CySAT-Hydro project will result in a tool for hydropower operators to monitor and interpret cybersecurity data. The online tool will feature visualizations and threat detections and will be easily integrated into standard system operations. This project is funded by the U.S. Department of Energy's Water Power Technologies Office.

Digital Twin-Driven and Federated Learning-Based Cybersecurity for Distributed Energy Resources is an NREL-formulated project to develop digital twin cybersecurity models for distributed energy resource-integrated grid operations. These models will better represent cyber and physical characteristics compared to current static models, helping researchers to design data-driven and robust local and global cybersecurity solutions for the grid network. The project will ultimately result in the development of AI-assisted anomaly detection and mitigation approaches that will be integrated into the Advanced Research on Integrated Energy Systems Cyber Range.

Selected Publications

Verifying the Computational Integrity of Power Grid Controls With Zero-Knowledge Proof, IEEE Xplore (2023)

A Randomization-Based, Zero-Trust Cyberattack Detection Method for Hierarchical Systems, IEEE Xplore (2023)

Reinforcement Learning Environment for Cyber-Resilient Power Distribution System, IEEE Xplore (2023)

A Survey of Cyber-Physical Power System Modeling Methods for Future Energy Systems, IEEE Xplore (2022)

Contact

Richard Macwan

Manager, Cyber Resilience Science Group

richard.macwan@nrel.gov
303-275-4579

Share