INL Cyber SHIELD for Renewables
Security through Hardware Integration, Education, and Layered Defense
An Idaho National Laboratory (INL) initiative aimed at helping owner/operators of renewable energy generation secure and protect infrastructure and ensure the transition to the renewable energy grid of the future is secure.
Renewable Assets Benefiting from Cyber SHIELD
The Cyber SHIELD Program is free to all renewable asset owner/operators. Our tools are specifically tuned for use with renewable assets and can accommodate any level of cyber maturity. Our primary goal is to help owner/operators identify where they are on the resilience path and steps to take to improve their organization’s cyber maturity.
Wind energy production is expected to double to 20% of US electrical energy production by 2030. Wind energy is expected to grow to 35% by 2050, with a significant portion coming from offshore wind.
Solar energy is expected to be the largest growth driving an exponential scale from 3%-5% of total US electrical energy production to 30% by 2030. From 2024 to 2050, solar facilities will make up 80% of the expansion of renewables. This figure includes utility-scale and small-scale home solar systems.
Hydroelectric plants account for approximately 6-7% of total US electrical energy production. As variable renewables continue to grow, our 2100 hydroelectric plants will be called upon to compensate to support the variability.
Inverter Based Energy Storage
Inverters are the power electronics in renewables (wind and solar) that convert direct current (DC) electricity, to alternating current (AC) electricity, which the electrical grid uses.
Renewable Energy’s Role and the Security Imperative
The number of generation plants will increase significantly over the next decades, correspondingly increasing the potential cyber attack surface. The rapid and frequent evolution of technology and the cyber threat landscape brings urgency to the importance of maturing security within the renewable sector to support the effective transition.
Regulatory Compliance & Legal Readiness
The future grid with renewables will look much different than today’s and will require more reliability standards. The Federal Energy Regulatory Commission (FERC) has issued an order for reliability and registration standards for wind, solar, and storage in the future renewables grid. The order aims to protect the grid by focusing on unregistered resources that may have a material impact on the reliability of the Bulk-Power System. The North American Electric Reliability Corporation (NERC) may already register resources with an individual material impact.
FERC and NERC Critical Infrastructure Protection (CIP) Revisions include the following:
- Requirement(s) for authentication of remote users before access is granted to networks containing low-impact BES Cyber Systems at assets comprising those systems with external routable connectivity.
- Requirement(s) for protecting user authentication information (e.g., combinations of usernames and passwords) for remote access to low-impact BES Cyber Systems at assets containing those systems with external routable connectivity.
- Requirement(s) for detecting malicious communications to/between low-impact BES Cybers Systems at assets comprising those systems with external routable connectivity.
NERC Distributed Energy Resource Strategy
Distributed energy resource1 (DER) levels are rapidly growing across many areas of North America and are altering how the bulk power system (BPS) is planned, designed, and operated.
NERC Inverter-Based Resource Strategy
The rapid interconnection of bulk power system (BPS)-connected inverter-based resources (IBR) is the most significant driver of grid transformation and poses a high risk to BPS reliability.
NERC Security Integration Strategy
Cyber and physical security are critical facets of the bulk power system (BPS) reliability and resilience. Therefore, focusing on and mitigating these known and emerging risks is critical to the mission of the ERO Enterprise.
INL Cyber SHIELD Analysis and Implementation Process
INL Cyber SHIELD is designed to minimize the level of effort from your teams (understanding resources are often thin). Additionally, a key aspect of INL Cyber SHIELD is the ability to adjust to different levels of cybersecurity maturity levels, no matter what level of maturity you are this program and engagement can help guide your next steps in improving your cyber posture.
Customer information protection and confidentiality considerations have been integrated. Outcomes and deliverables focused on identifying risk, mitigation plans, and prioritization. The participants’ needs and resource availability guide the effort and duration engagement level.
To support the “raise the floor” objectives, the initial focus has been the deployment of three initiatives. These tools are designed to provide asset owner/operators with a step-by-step process to evaluate and mitigate cybersecurity risks, from performing a program assessment and mapping system architecture to a full asset interaction analysis toward cyber maturity.
INL Cyber SHIELD Renewables Cybersecurity Tools
Part of what makes INL Cyber SHIELD effective is the ability to adapt to different levels of cybersecurity maturity of organizations and drive to benefits. We leverage multiple robust tools developed under DHS programs. These tools are tuned for use with renewable assets and accommodate any level of cyber maturity with a primary goal of helping owner/operators identify vulnerabilities and chart a course to improve cyber maturity. The program’s cornerstone tools are the MALCOLM-AIA (Asset Interaction Analysis Tool) and the CSET (Cyber Security Evaluation Tool).
Provides renewable entities access to a cybersecurity assessment with cyber controls applied for OT environment providing risk-based recommendations for improving their maturity.
INL Malcolm-AIA – Asset Interaction Analysis: Leveraging Malcolm for the renewable industry. Passively deployable on your network to inks assets to business processes and translate the business processes to OT devices. Supports deeper threat and vulnerability identification/analysis for users. Geared to do the analysis and detection for you, simplifying many tasks.
The Cyber Security Evaluation Tool (CSET) provides a systematic, disciplined, and repeatable approach for evaluating an organization’s security posture. CSET is a desktop software tool that guides asset owners and operators through a step-by-step process to evaluate industrial control system (ICS) and information technology (IT) network security practices. Users can evaluate their own cybersecurity stance using many recognized government and industry standards and recommendations.
Further Reading: Renewable Energy Cybersecurity Trends
Insurance Policy and Commercial Litigation Trends – No More Wiggle Room
Cyber Insurance professionals will often need to assess the policy-readiness of their clients by examining their current cyber hygiene management according to a set of minimum requirements:
“As the name suggests, the Zero-Trust framework works on the basis that no activity of an organizational network is immune from thorough, ongoing security checks. In practice, it is a security approach that requires all users of an organization’s network and third-party providers with continuous access to the network, to be authenticated and authorized on an ongoing basis for security posture before being granted access to applications and data.”
The following resources and articles provide a deeper dive into the renewable energy cybersecurity challenges we face and an overview of recommendations designed to address critical renewable energy infrastructure challenges in the near term.
Stephen Bukowski, Ph.D., P.E.
Senior Infrastructure Security Researcher
National & Homeland Security
Idaho National Laboratory
Steve Bukowski has thirty years of experience in technology across a diverse set of company sizes and types in different industries, including power and energy systems, telecommunication, data networking, electric utilities, media, communication, and research as vice president, director, chief architect, senior managing engineer, lead engineer, systems engineer, senior consultant, technical sales, integration/test engineer and Professional Engineer (PE).
Steve is a highly experienced engineering executive with a robust background in data/telecommunication systems, power and renewable energy systems, cybersecurity, Microgrid R&D, startups, utilities, media and technology business development. Recent achievements include developing strategy, vision, and tactical roadmaps to promote emerging technology, improve processes and create efficiencies in multiple industries along with technology patents and embedded devices.
Frequently Asked Questions
What is Cyber SHIELD (INL Cyber SHIELD)?
Cyber SHIELD is an initiative developed by Idaho National Labs to raise the floor of cybersecurity for renewables. The initiative focuses on developing a suite of tools, programs, and resources customized for the renewable industry to improve cybersecurity posture and understand cyber risk better.
What tools is Cyber SHIELD based upon?
Cyber SHIELD is developed upon broader tools such as Cyber Security Evaluation Tool (CSET) and Malcolm, both of which are open source and DHS-sponsored tools.
What are cybersecurity assessment tools for the renewable industry?
The Cyber SHIELD initiative leverages multiple robust tools developed under DHS programs. These tools are tuned for use with renewable assets and accommodate any level of cyber maturity with a primary goal of helping owner/operators identify where they are and where to go to improve cyber maturity.
What are the benefits of using Cyber SHIELD?
Cyber SHIELD helps gain a better understanding of assets, including devices, protocols, and configurations, to identify potential cyber-attacks, vulnerabilities, and active exploits with more precision. This increases network visibility, enables informed decisions, and improves reliability. In addition, the ability to map network architecture within the assessment helps identify or validate the cyber posture. It provides immediate access to input supporting cyber programs and resource planning capabilities to meet maturity objectives quickly.
What is my level of effort as a participant in Cyber SHIELD?
We have specifically designed the programs to minimize the level of effort and resource impact on participants. The engagement can be adapted to your individual needs and fit your resources and timelines.
How can I get information on Cyber SHIELD?
For a free consultation, to discuss the benefits of Cyber SHIELD more, or to sign up: Contact Stephen A. Bukowski at Idaho National Laboratory.
This work was funded by the Solar Energy Technology Office (SETO), the Wind Energy Technology Office (WETO), and the Water Power Technology Office (WPTO) which are part of the Office of Energy Efficiency and Renewable Energy (EERE).
Collaborate with INL Cyber SHIELD
The INL Cyber SHIELD team provides technical support and guidance to renewable energy owner/operators and asset stakeholders to develop and deploy tools to address critical cybersecurity-related renewable energy infrastructure challenges.
Contact us to provide input or collaborate on the following topics:
- Developing cybersecurity and resilience strategies for renewables using INL Cyber SHIELD methodologies and tools
- Working with predictive cybersecurity tools to identify high-consequence cyber threats to owner-operator assets in the renewables sector
- Collaborating to further the INL Cyber SHIELD program and develop best practices and methodologies for cyber-related renewable energy infrastructure hardening
To discuss more or sign up:
Contact Stephen A. Bukowski at firstname.lastname@example.org