The rapid growth of Internet-connected energy resources and recent large-scale cyberattacks on Critical infrastructure The United States has sounded the alarm about the cybersecurity of the American electric grid. In response, the National Renewable Energy Laboratory (NREL) is developing a new tool designed to strengthen the cybersecurity of hydroelectric plants: the Cybersecurity Situational Awareness Tool for Hydropower (CYSAT-Hydro).
CYSAT-Hydro is an advanced, data-driven cybersecurity solution that leverages artificial intelligence (AI) to detect and respond to potential cyber threats. The tool is designed to protect hydroelectric power plants’ digital interfaces from emerging cyber risks while improving grid reliability. It is being developed with support from the U.S. Department of Energy’s Water Power Technologies Office.
Hydroelectric plants are increasingly integrating smart grid technologies, such as battery energy storage systems and advanced communications infrastructure. New vulnerabilities are emerging. While these technologies improve grid reliability, they also expand the potential attack surface for hackers. A recent ransomware attack on the Colonial Pipeline in May 2021, which resulted in significant economic losses and fuel supply disruptions, highlights the potential impact of these cyber threats.
“If you look at the last 10 to 15 years, there has been an increase in malicious and state-sponsored actors trying to hack and compromise critical infrastructure, like the power grid, because of the huge impact and the huge financial rewards,” said Vivek Kumar Singh, a senior research scientist in cybersecurity at NREL. Singh is part of the team that led the development of the CYSAT-Hydro tool.
How CYSAT-Hydro improves cybersecurity
CYSAT-Hydro uses AI to monitor the operational technology network of hydroelectric plants and detect anomalies that could indicate a cyberattack. When an anomaly is detected, the tool provides detailed information to system operators, helping them understand and respond quickly to the threat. This real-time analysis capability is essential to maintaining network functionality during and after an attack.
Beyond identifying and mitigating cyber threats, CYSAT-Hydro also calculates technical and economic performance indicators for various distributed energy resources. This information helps grid operators understand the potential financial and operational impacts of a cyber attack, enabling them to make more informed decisions.
“Think about how long a cyberattack can last and what it could cost operators,” Singh said. “If an attack took out a hydroelectric plant for five hours, that could cost you a lot of money as an operator, and it could affect flood control, water supplies and local ecosystems. This tool could potentially circumvent all of those issues by helping prevent the attack in the first place.”
CYSAT-Hydro is an open-source tool that enables large-scale deployment across a variety of critical network technologies and infrastructures beyond hydropower, including water and gas pipelines. It features a user-friendly interface that is compatible with multiple operating systems and a real-time visualization dashboard that provides a comprehensive overview of network operations, network traffic, and potential intrusions.
“This tool is completely data-driven,” Singh noted, “meaning that if you understand what happened in a cyberattack and where it happened, you can apply this tool to other supervisory control and data acquisition systems outside of hydroelectric facilities.”
As the tool enters its final stages of development, NREL is seeking industry partnerships to demonstrate CYSAT-Hydro in real-world environments and explore its commercialization potential. Singh and his team are also focused on conducting additional case studies to further refine the tool’s capabilities.
“We are looking for field demonstrations and commercialization of the technology in partnership with industry and utility vendors. Additionally, we plan to continue working on developing this tool with additional case studies to improve its functionality,” Singh said. “When we present our latest update to the Hydropower Technologies Office, we will also look at what we can do with CYSAT-Hydro to advance the state of cybersecurity for clean energy systems.”
According to a report by Tim Meehan
