Researchers are working to protect power grids that include renewable resources such as wind or solar farms. These Central Iowa Power Cooperative transmission lines are near Orient, Iowa. Photo by Zach Finn, Digital Communications Specialist, Central Iowa Power Cooperative.
The guardians of cyberinfrastructure call it “zero trust architecture.”
“Whenever a high level of security is required, zero trust is required,” said Manimaran Govindarasu, an Iowa State University Anson Marston Distinguished Professor in Engineering. “Verify all the time. Authenticate all the time, even though it is cumbersome.”
Say, for example, a grid operator is using a laptop to communicate with a grid’s control center. Even though that same laptop logged into the control center earlier in the day, it would still need to be verified.
“You can’t assume past authentication,” said Govindarasu, who’s also the Murray J. and Ruth M. Harpole Professor in Electrical and Computer Engineering and a contributor to the U.S. Department of Energy’s Ames National Laboratory. “You always need to verify. Every transaction. Every connection needs to be verified.”
Govindarasu is leading a research project that will apply zero-trust ideas to energy infrastructure that includes distributed energy resources such as solar and wind farms or large-scale energy storage systems.
The U.S. Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response is supporting the study as part of a $45 million, 16-project effort to reduce the threat of cyberattacks on the country’s energy infrastructure – including the power grid, wind and solar farms, electric utilities and pipelines.
The grants are all about “helping teams across the country develop innovative, next-generation cybersecurity solutions for tackling modern-day challenges,” said U.S. Secretary of Energy Jennifer Granholm, in a news release.
Govindarasu’s team will use a three-year, nearly $2.6 million grant to develop zero-trust based cybersecurity algorithms and tools to reduce cyber exposure, improve real-time situational awareness, and mitigate attacks against grids integrated with renewable energy sources such as solar panels.
Iowa State collaborators on the project include Venkataramana Ajjarapu, the Thomas M. Whitney Professor in Electrical and Computer Engineering; Hugo Villegas Pico, the Harpole-Pentair Assistant Professor of electrical and computer engineering; and Anne Kimber, the director of the Electric Power Research Center.
The project also includes researchers from the U.S. Department of Energy’s Argonne National Laboratory in Illinois, who will collaborate on the zero-trust system; Arizona State University, who will develop monitoring and control algorithms; and the Central Iowa Power Cooperative, who will assist with testing and evaluation.
Developing Innovative Solutions
This is a challenging project for the research team.
“Zero trust is still a new paradigm,” Govindarasu said.
It doesn’t easily fit within existing grid operational technology systems so the project team will look for innovative solutions, he said.
The first phase of the project will focus on developing the necessary algorithms and software using an agile innovation model. The second phase will validate the software tools through testbeds to determine their feasibility and effectiveness.
The project complements another initiative Govindarasu is leading: Development of a new cybersecurity center based at Iowa State called CyDERMS, the Center for Cybersecurity and Resiliency of DERs and Microgrids-integrated Distribution Systems.
(DERs are distributed energy resources such as wind and solar farms or large-scale energy storage facilities. Microgrids are local DER systems that can be connected to or isolated from the larger grid. Closing grid connections can help maintain service during cyberattacks or damaging storms.)
The energy department is supporting development of CyDERMS with a two-year, $2.5 million grant. The center will protect power grids containing renewables by developing computer algorithms and other tools to detect and mitigate cyberattacks and system faults in real time. The center will also strengthen the grid industry’s cybersecurity workforce, including in rural areas, by developing training tools and workshops.
Both projects will advance the energy department’s work to guard critical infrastructure.
“In today’s highly interconnected world, reliable energy delivery requires cyber-resilient energy delivery systems,” says a summary of the department’s cybersecurity efforts. “In fact, the nation’s security, economic prosperity, and the well-being of our citizens depends on reliable energy infrastructure.”