The rapid growth of internet-connected energy resources and recent high-profile cyberattacks on critical infrastructure have raised alarms about the cybersecurity of the US power grid. In response, the National Renewable Energy Laboratory (NREL) is developing a new tool designed to bolster the cybersecurity of hydropower plants – the Cybersecurity Situational Awareness Tool for Hydropower (CYSAT-Hydro).
CYSAT-Hydro is an advanced, data-driven cybersecurity solution that leverages artificial intelligence (AI) to detect and respond to potential cyber threats. The tool is designed to protect the digital interfaces of hydropower plants from emerging cyber risks while enhancing grid reliability. It is being developed with support from the US Department of Energy’s Water Power Technologies Office.
As hydropower plants increasingly integrate smart grid technologies – such as battery energy storage systems and advanced communication infrastructures – new vulnerabilities are emerging. While these technologies enhance grid reliability, they also expand the potential attack surface for hackers. A recent ransomware attack on the Colonial Pipeline in May 2021, which resulted in significant economic losses and fuel supply disruptions, underscores the potential impact of such cyber threats.
“If you examine the past 10 to 15 years, there has been an increase in malicious and nation-sponsored actors attempting to hack and compromise critical infrastructure, such as the power grid, due to the significant impact and enormous monetary benefits,” said Vivek Kumar Singh, a senior cybersecurity researcher at NREL. Singh is part of the team that led the development of the CYSAT-Hydro tool.
How CYSAT-Hydro enhances cybersecurity
CYSAT-Hydro uses AI to monitor the operational technology network of hydropower plants, detecting anomalies that could indicate a cyberattack. When an anomaly is detected, the tool provides detailed information to system operators, helping them quickly understand and respond to the threat. This real-time analysis capability is crucial for maintaining grid functionality during and after an attack.
Beyond identifying and mitigating cyber threats, CYSAT-Hydro also computes technical and economic performance metrics for various distributed energy resources. These insights help grid operators understand the potential financial and operational impacts of a cyberattack, allowing them to make more informed decisions.
” “Think about the duration of a cyberattack and how much it could cost operators,” Singh said. “If an attack shut down a hydro plant for five hours, it might cost you a huge amount of money as the operator, and it could affect flood control and local water supplies and ecosystems. This tool would potentially circumvent any of those issues by helping prevent the attack in the first place.”
CYSAT-Hydro is set to be released as an open-source tool, allowing for broad deployment across various grid technologies and critical infrastructures beyond hydropower, including water and gas pipelines. It features a user-friendly interface compatible with multiple operating systems and a real-time visualization dashboard that provides a comprehensive overview of grid operations, network traffic, and potential intrusions.
“This tool is completely data-oriented,” Singh noted, “meaning if you have an understanding of what happened during a cyberattack and where it happened, you could apply this tool to other supervisory control and data acquisition systems outside of hydroelectric facilities.”
As the tool moves into its final stages of development, NREL is looking for industry partnerships to demonstrate CYSAT-Hydro in real-world environments and explore its commercialization potential. Singh and his team are also focused on conducting more case studies to further refine the tool’s capabilities.
“We are looking for potential field demonstration and technology commercialization in partnership with industry vendors and utilities. Further, we plan to continue working on this tool’s development with more case studies to improve its functionality,” Singh said. “When we give our final update to the Water Power Technologies Office, we will also look into what we can do with CYSAT-Hydro next to advance the state of cybersecurity for clean energy systems.”
Based on a report by Tim Meehan
