New tool to advance hydropower plant cybersecurity through AI


Hydro Review

New Tool to Enhance Hydropower Plant Cybersecurity through AI

By Elizabeth Ingram – 8.29.2024

The saying is: A cyberattacker only needs one win, but a security team needs to win 100% of the time.

A new cybersecurity tool for hydropower plants is being developed at the National Renewable Energy Laboratory (NREL) to achieve a high level of protection. This data-driven and hardware-agnostic tool, known as the Cybersecurity Situational Awareness Tool for Hydropower (CYSAT-Hydro), comes amidst two key trends in the energy sector.

First, there’s a rapid increase in internet-connected distributed energy resources. These can integrate with larger generation sources, like hydroelectric plants, which poses cybersecurity risks for their digital interfaces on the grid. Secondly, notable cyberattacks, such as the May 2021 ransomware attack on the Colonial Pipeline, have highlighted the vulnerabilities within energy systems, costing operators millions and disrupting gas supply for many Americans.

Analyzing the Threat Landscape

Over the past 10 to 15 years, there has been a marked increase in malicious attacks targeting critical infrastructure, such as the power grid. According to Vivek Kumar Singh, a senior cybersecurity researcher at NREL, these threats are often sponsored by nation-states seeking significant impact and monetary gain.

Modernizing the U.S. power grid has been a priority, incorporating new technologies like smart meters and advanced communication systems. Hydropower plants are increasingly part of the smart grid trend, with operators linking small facilities to energy storage systems for reliable power supply.

However, these new technologies also create additional entry points for potential hackers. CYSAT-Hydro is designed to secure these vulnerabilities, actively ensuring the grid’s reliability.

The Need for Enhanced Protection

Cyber threats faced by the grid can be covert and require minimal knowledge to execute. Examples include denial-of-service attacks, which may involve easy access to basic system information. Specific threats targeting hydropower-integrated battery storage systems could encompass both unauthorized tripping of relays and tampering with regulation signals.

The CYSAT-Hydro tool specifically addresses these vectors, using AI to detect unusual activities within the operational technology networks. The system sends real-time alerts about attacks while also providing analytics to help operators restore grid functionality swiftly.

Singh emphasizes the potential financial losses caused by cyberattacks. “If an attack shut down a hydro plant for five hours, it might cost you a huge amount as the operator, affecting flood control and local ecosystems. This tool could help prevent such issues.”

User-Friendly Interface

CYSAT-Hydro features a user-friendly application programming interface compatible across different operating systems. It includes a visualization dashboard for comprehensive monitoring of grid operations, network traffic, and security breaches.

Being open source, CYSAT-Hydro can be easily adopted across various grid technologies and critical infrastructure sectors, such as water and gas pipelines.

As the tool approaches completion, Singh anticipates its adaptability will foster future growth. Plans for field demonstrations and further case studies are in discussion to enhance its effectiveness.

Conclusion

NREL, a national laboratory of the U.S. Department of Energy, is committed to advancing the state of cybersecurity in clean energy systems with initiatives like CYSAT-Hydro. By addressing the increasing threats in the energy domain, this new tool aims to safeguard essential services and promote a more resilient power infrastructure.

© Singularity Chamber of Commerce (SChamber) All Rights Reserved.