The U.S. Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) recently announced $39 million in funding for nine new National Laboratory projects to advance the cybersecurity of distributed energy resources (DERs), including two projects led by Lawrence Berkeley National Laboratory (Berkeley Lab) that will each receive $4.9 million in funding from CESER. The National Laboratory teams aim to improve real-time DER operation data analytics using artificial intelligence (AI)/machine learning (ML) and secure cloud-based solutions for DER applications.
One of those projects is developing a national-scale, privacy-preserving software platform designed to create a more secure power grid by allowing utilities to share relevant cybersecurity information in a way that addresses their privacy concerns. Amid a nationwide surge of cleaner, greener energy and the proliferation of DERs – such as rooftop solar panels and battery storage – the Berkeley Lab-led team headed by Sean Peisert, a senior scientist in the Scientific Data Division in Berkeley Lab’s Computing Sciences Area, is looking at new ways to support collaborative, privacy-preserving information sharing in a way that will enable rapid mitigation of threats to the power grid.
Organizations of all kinds rely on insights from their peers to understand active cybersecurity threats, Peisert noted. Even so, “electric utilities can be reluctant to share cybersecurity-related information broadly because it might contain customer-sensitive or business-proprietary information or have impacts on national security,” said Peisert, whose collaborators on this project include Cornell University, National Renewable Energy Laboratory (NREL), Hawaiian Electric, McEachern Laboratories, RJ Senergy, Kevala, Enernex, the National Rural Electric Cooperative Association (NRECA), and Operant Networks. The project is expected to kick off in January.
Another new CESER-funded project, led by Berkeley Lab policy researcher Daniel Arnold of the Energy Storage and Distributed Resources Division, is focused on developing cybersecurity detection tools for aggregations of DERs. Using secure AI/ML capabilities, the goal is to detect and mitigate cyber-attacks in electric power distribution systems and microgrids.
“Given the ever-increasing amounts of DERs coming online for the distribution grid, these projects will provide important new tools for grid operators to increase situational awareness and the cyber-resiliency of their networks,” said Arnold. Collaborators on this project include the NREL, the NRECA, Siemens, Cornell University, McEachern Laboratories, RJ Senergy, and Enernex.
Balancing security and privacy
In a world that is growing more and more connected and digitized, there is a delicate balancing act between fortifying the collective grid in the face of cyberattacks and preserving the privacy of individual users and their energy consumption patterns. Utilities monitor a range of indicators on a real-time or near real-time basis. The goal, Peisert said, is to share information – such as unusual patterns in energy consumption – with other utilities in order to identify signs of a potential cyberattack and eliminate that threat.
“Suppose a utility were to see a huge amount of consumption,” he said. “This may be due to a pattern in consumer behavior. It may also be due to malicious manipulation of equipment to cause that consumption, or to cause equipment to falsely report that consumption.”
The stakes are high and the need to safeguard DERs and the grid is real.
Solar is the fastest growing and most affordable source of new electricity in America, according to a 2022 statement from CESER Director Puesh Kumar. In the first half of 2022, for instance, photovoltaic solar installations accounted for nearly 40% of all new electricity-generating capacity added to the U.S. grid.
“Distributed energy resources are critical to reaching President Biden’s ambitious clean energy and climate goals, and ensuring the cybersecurity of those resources is important to building a resilient energy future for all Americans,” Kumar noted when the new CESER funding was announced this year.
A changing energy landscape
As is the case with virtually any field, advances in technology have substantially transformed the energy sector. Not only has the space evolved from central energy generation – large, centralized power plants – to distributed generation – like rooftop solar panels and other renewables – but the way monitoring is conducted has changed, too.
“We have also moved from a model of analog monitoring with people wandering around looking at meters on your houses to remote digital monitoring,” Peisert said.
Utilities can now observe what electrical usage is taking place inside individual buildings on a relatively fine-grained basis – and, in some cases, even remotely control these systems.
That evolution also imposes its own set of risks and challenges. High up on the list are worries that malicious actors may take control of those systems, but also privacy concerns due to information associated with individual buildings, from factories to family homes. That means utilities may be wary to share information, even with other utilities.
Those monitoring energy consumption, for instance, may be able to tell when a refrigerator is opened – reading the time-series pattern of electrical consumption as the compressor runs to get the appliance back down to temperature – or when a homeowner plugs in their Tesla and how the pattern differs from plugging in another electric vehicle, Peisert said.
Big manufacturers, on the other hand, may not want others to know what kind of equipment is operating inside of a factory and when – but detailed monitoring of electrical consumption could reveal that kind of information.
Leveraging ‘differential privacy’
To provide threat intelligence and insights to utilities and related stakeholders without exposing underlying information about the customers in the grid, the new software platform being developed by Peisert’s group makes use of a statistical technique called differential privacy.
Here’s how it works: By adding noise (meaningless data) to the results of statistical queries on a dataset, it protects any individual results of statistical queries on a dataset, it protects any individual record in that dataset. Instead of simply using aggregation or masking certain pieces of information, this method provides a statistical guarantee on data privacy, and, when used properly, can often preserve the usefulness of the data at the same time.
In addition to threat detection and privacy preservation, the team is planning to integrate what’s called a remedial action framework. Initially, that might be a manual set of suggestions to an operator, telling them – based on the analysis – what action to take to mitigate the threat.
“Over time, we’re looking to make this an automated process where, to the degree that utilities would be interested in doing so, an automated mitigation that could operate at computer scale and speed as opposed to human scale and speed could be integrated as well,” Peisert said.
The hope is that the new platform will not only improve cybersecurity for the grid and mitigate the risk for leveraging distributed energy sources but also lower the barriers to adoption of renewable resources by reducing cybersecurity concerns associated with their use.
“Distributed energy and renewables are such an important part of the clean energy future of the country and the world,” Peisert said.
About Computing Sciences at Berkeley Lab
High performance computing plays a critical role in scientific discovery. Researchers increasingly rely on advances in computer science, mathematics, computational science, data science, and large-scale computing and networking to increase our understanding of ourselves, our planet, and our universe. Berkeley Lab's Computing Sciences Area researches, develops, and deploys new foundations, tools, and technologies to meet these needs and to advance research across a broad range of scientific disciplines.