The nation’s energy infrastructure, particularly the power grid, has become a major target, with more frequent and sophisticated attacks from nation-states and cyber criminals. Cyber incidents could disrupt energy services, damage highly specialized equipment, and threaten public health and safety. With 90 percent of the nation’s power infrastructure privately held, grid operators and utilities are responsible for protecting their systems from risk. The federal government and its national laboratories complement these efforts as part of their mission to protect national and economic security.

PNNL supports the Department of Energy’s cybersecurity goal of strengthening today’s energy delivery systems and creating more resilient, self-defending energy systems for the future. With more than 100 technical experts focused on cybersecurity infrastructure research and solutions, helping assure the reliability and security of the nation's power system is a key priority for PNNL.

Improving situational awareness

New cyber awareness strategies from PNNL and others are increasing the ability to share information about threats, vulnerabilities, and mitigation strategies with people who can put that information to work. An example is the nationwide Cybersecurity Risk Information Sharing Program (CRISP), managed by the Electricity Information Sharing and Analysis Center at the North American Electric Reliability Corporation (NERC). PNNL plays a lead role in CRISP, which uses advanced sensors and data analysis to identify new and ongoing cyber threats. This information is shared with voluntary utility participants that collectively deliver more than 80 percent of the nation’s electricity.  

Built-in resiliency and controls

Defense and protection are important weapons for thwarting attacks. In collaboration with industry, PNNL is creating systems with built-in resiliency and cybersecurity controls that enable energy delivery systems to keep working regardless of threats. For example, software-defined networks provide an additional defense layer to communications networks by detecting and stopping unauthorized traffic in real time.  Other examples include data resilience tools like blockchain and adaptive control systems, which adjust in real time based on system conditions.

The growing number of intelligent devices on the grid generate vast data streams. PNNL is combining high-performance computing and machine-learning techniques to spot trouble in this sea of data. By quickly identifying trends and relationships that may reveal a potential threat, grid operators and automated protection systems can rapidly take action to protect the grid.

Available resources

Cybersecurity testbed facilities at PNNL are important resources for developing new methods and technologies. Researchers conduct incident response exercises and simulations at the Electricity Infrastructure Cybersecurity and Resilience Center at PNNL. The Electricity Infrastructure Operations Center integrates hardware and software, real-time grid data, and advanced computation in two control rooms. Utilities, vendors, government agencies, and universities use the facility for development, integration, validation, testing, and training.

The Power Networking, Equipment, and Technology Testbed (powerNET) is a remotely accessible, multi-user, experimental testbed to support power system and smart grid research. It integrates real-world equipment with simulation capabilities to dynamically configure many experimental and testing setups. PNNL also operates an Energy Communications Cyber Test Range, a software-defined radio test range with a two-mile-plus radio frequency range and more than six miles of optical fiber.

Through this combination of deep expertise, specialized facilities, technology development, and industry collaboration, PNNL is helping protect our nation’s electricity infrastructure from cyber threats today and into the future.