Skip to main content

Wind Cybersecurity

NREL's technical experts work on safeguarding our nation's wind fleet against cyber threats through advanced research, utilities, and cross-sector collaboration.

Aerial view of Flatirons Campus with wind turbine in the foreground.

Building on NREL's long history of advancing wind energy technology research worldwide, our cybersecurity research seeks to advance security by identifying challenges, building reference architectures and validation platforms to evaluate cyber threats, quantifying cyber risk, developing advanced intrusion detection systems, and leading stakeholder engagement.

Capabilities

To ensure the resilience and security of the U.S. grid, NREL's researchers explore improvements to technologies and energy systems to prevent and react quickly to any cyberattack.

Capabilities include:

  • Modeling, simulation, and emulation of wind turbines and controllers
  • Best-in-class research platforms to develop and prototype cybersecurity technologies
  • Machine learning for advanced anomaly and intrusion detection systems
  • Cyber risk assessment, evaluation, and quantification.

Projects

Funded by the U.S. Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response and led by NREL, the Renewable Energy and Storage Cybersecurity Consortium (RESCue) analyzes and addresses cybersecurity concerns for wind, solar, and energy storage systems. RESCue is an evolution from the Wind Cybersecurity Consortium, which focuses on evaluating cybersecurity threats against the U.S. wind fleet. The project brings together experts from industry, federal entities, and national labs to create methodologies, architectures, metrics, and training programs that address cybersecurity for renewable energy sectors. By taking a holistic, systemwide approach, RESCue aims to build cyber-resilient energy infrastructure through research, education, and collaboration.

Funded by the U.S. Department of Energy's Wind Energy Technology Office (WETO), this project aimed to develop a reference architecture of an individual wind turbine, built on the existing plant reference architecture developed by researchers from Idaho National Laboratory and Sandia National Laboratories. A holistic plant and turbine reference architecture and simulation was developed using the Advanced Research on Integrated Energy Systems (ARIES) Cyber Range, which can be used to demonstrate the impacts of various cyber threats.

With funding from WETO, NREL researchers are expanding vendor-neutral conceptual reference architecture (building on the existing land-based version), cybersecurity standard guidelines, and threat assessment reports for integration of wind energy with the grid. As part of this ongoing project, NREL will develop a roadmap for accelerated, secure deployment of offshore wind infrastructure.

Funded by WETO and led by Sandia National Laboratories, the WindWeasel project is developing a host-based intrusion detection system for wind turbine controllers. For this project, NREL is focusing on developing cybersecurity validation platforms and machine learning based algorithms for wind turbine and plant control systems to identify vulnerabilities and intrusions. By using ARIES research platforms—a 1.5-MW turbine at the Flatirons Campus—the project is safely evaluating attack vectors, developing protection mechanisms, and analyzing malware impacts within a contained system. The goal is to improve cyber protections and system resilience for wind energy generation assets through proactive detection of cyber intrusions.

Funded by WETO, the Wind Security, Health, Integrity, Engineering, and Learning (WindSHIELD) program at NREL improves wind turbine cybersecurity through cross-sector research and development initiatives. WindSHIELD convenes industry, academia, and national labs to establish best practices for monitoring, detecting, responding to, and mitigating cyber threats specific to the wind generation sector. By taking a holistic approach, WindSHIELD strengthens the cyber resilience and security posture across the wind energy ecosystem.

Funded by WETO and led by Sandia National Laboratories, the Machine Learning for Network Intrusion Detection Systems project is developing advanced network monitoring capabilities tailored for wind power plant network environments to identify malicious activity. NREL is focusing on creating the validation environments to generate the data required to develop advanced machine learning algorithms and physics-informed machine learning mechanisms to enhance the accuracy of these algorithms.

Resources and Tools

Cybersecurity tools

Advanced Research on Integrated Energy Systems (ARIES) Research Platform (at NREL's Flatirons Campus)

Explore more of NREL's wind energy facilities and data and tools.

View all wind publications.

Partner With Us

Learn more about how to work with us.

Contact


Share

Last Updated Sept. 24, 2025