Protecting the nation’s energy infrastructure from all hazards, including the cyber threat, is fundamental to the mission of the Office of Electricity Delivery and Energy Reliability. Every day, we work closely with industry, our national laboratories, academia, and federal and state partners to reduce the risk of energy disruptions due to a cyber incident and, if one does occur, mitigate its effects without loss of critical functions.
The Office of Electricity Delivery and Energy Reliability announced up to $27 million in funding for academic collaborations that will develop and transition advanced cybersecurity technologies to the energy sector. With cybersecurity for the energy sector emerging as one of the most serious challenges associated with grid modernization and infrastructure protection, maintaining a robust pipeline of cutting-edge technologies is essential to helping the energy sector continue adapting to the changing cyber landscape.
The Academic Collaboration for Cybersecurity of Energy Delivery Systems (CEDS) Research and Development for the Energy Sector Funding Opportunity Announcement (FOA) will bring together academic institutions with the expertise and vision needed to develop and transition innovative technologies that will help utilities further reduce the risk of a power disruption resulting from a cyber incident.
Over the past week, the Energy Department has unveiled several new measures, including funding, newly-commercialized technology, and practical guidance, that will further strengthen the cybersecurity of the nation’s energy infrastructure. Vice President Biden announced yesterday that the Energy Department will provide a $25 million grant over the next five years to bring together 13 historically black colleges and universities (HBCUs), two national labs, and the Charleston County School District in South Carolina to create a sustainable pipeline of students focused on cybersecurity. Today, our national laboratory in Oak Ridge, Tennessee announced licensing of its Hyperion software, which helps detect software that has been maliciously altered, to a company that plans to make it available to the energy sector later this month. Meanwhile, late last week, the Office of Electricity Delivery and Energy Reliability (OE) released guidance to help the energy sector meet the objectives of the cybersecurity framework released last year by the National Institutes of Standards and Technology in response to Executive Order 13636 “Improving Critical Infrastructure Cybersecurity.”
These important steps are the latest signs of progress being made in protecting the nation’s power grid from cyber threats.
Smart grid technologies have the capacity to create tremendous new value for electricity consumers: from advanced IT and communication technologies that improve the overall operation of our nation’s electricity transmission and distribution networks; to smart meters and digital sensors that help utilities quickly identify and minimize the extent of outages when they do occur. In addition, consumers now have the ability to monitor and manage their electricity use in far greater detail by tapping into the data generated by smart meters.
Many of these emerging technologies—which provide tremendous benefits not only for the nation’s electric system but for consumers throughout the United States—will result in an increase in the amount of data collected regarding grid operating characteristics, including customer energy use data. As the nation’s electric infrastructure is modernized, it is critically important to ensure that the collection of data is performed in a manner that yields the greatest benefits for consumers, while continuing to rigorously protect their privacy.
Much progress has been made toward this goal to date. Earlier this month, the U.S. Department of Energy’s (DOE’s) Office of Electricity Delivery and Energy Reliability, in coordination with the Federal Smart Grid Task Force, finalized a 22-month multi-stakeholder effort to develop a Voluntary Code of Conduct (VCC) for utilities and third parties on protecting electricity consumers’ Customer Data which includes energy usage information.
The Energy Department today released guidance to help the energy sector establish or align existing cybersecurity risk management programs to meet the objectives of the Cybersecurity Framework released by the National Institutes of Standards and Technology (NIST) in February 2014. The voluntary Cybersecurity Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure and was developed in response to Executive Order 13636 “Improving Critical Infrastructure Cybersecurity” through collaboration between industry and government.
The Office of Electricity Delivery and Energy Reliability (OE) has worked with industry and other stakeholders to develop the Energy Storage Safety Strategic Plan, a roadmap for grid energy storage safety that highlights safety validation techniques, incident preparedness, safety codes, standards, and regulations. The Plan, which is now available for downloading, also makes recommendations for near- and long-term actions. The Energy Storage Safety Strategic Plan complements two reports released by OE earlier this year: the Overview of Development and Deployment of Codes, Standards and Regulations Affecting Energy Storage System Safety in the United States and the Inventory of Safety-related Codes and Standards for Energy Storage Systems.
In the wake of Hurricane Sandy, seemingly simple tasks such as refueling your car were incredibly difficult. Few tools existed to determine which gas stations had fuel and the power to pump that fuel. To help address this problem, the U.S. Department of Energy (DOE) on Monday announced the launch of Lantern Live – a mobile app that allows users in disaster-affected areas to report on the status of local gas stations, find fuel, and easily look up power outage maps from local utilities. Lantern Live is part of the White House Innovation for Disaster Response and Recovery Initiative.