U.S. Department of Energy Wind Energy Technologies Office is working to reduce cyber threats to the nation's wind turbine fleet.
Three national labs are working to analyze threats, vulnerabilities and impacts to the nation's more than 70,800 wind turbines, according to a Feb. 9 news release. These turbines produce almost 400 terawatt-hours of generation.
"As wind energy continues to play an increasing role in our nation's energy infrastructure, it is imperative that we remain cognizant of the real threat that cyber and other attacks can pose to our energy systems," WETO Acting Director Jim Ahlgrimm said in the news release. "DOE and its national laboratories support R&D initiatives that will help identify, protect, detect, respond to and recover from such attacks.”
The three labs are Idaho National Laboratory, National Renewable Energy Laboratory and Sandia National Laboratories, according to the release.
Wind turbines generated 9.2% of the nation's electricity in 2021, according to the news release. In March 2022, 14 Midwestern states made a record total electricity demand of 88.5% that was served by wind.
A team from Idaho National Laboratory is working to analyze the increase in wind energy cyberattacks worldwide since 2021, according to the news release. Idaho National Laboratory's team, along with their colleagues at Sandia National Laboratories in New Mexico, have found cost-benefit trade-offs for cybersecurity technologies in wind power plants. They also have calculated defensive tactics for plant operators to detect and mitigate cyberattacks.
"For existing wind power system owners and operators, it's important to implement basic cybersecurity best practices right away and ensure safe and efficient response and recovery from a cyberattack," Megan Egan, control systems cybersecurity analyst at Idaho National Laboratory's Cybersecure Integration Center, said in the news release. "Beyond that, the current growth of wind energy, and the future role wind energy will play in the nation’s energy mix, demand that new wind energy installations — whether land based, offshore or distributed — integrate cybersecurity and cyber-informed engineering into the design, build and installation phases."
Sandia National Laboratories' team, lead by Jay Johnson, modeled wind power plant components connections and developed a standardized methodology to score cybersecurity technologies for use in wind power plants, the release reported. The team also has identified possible cybersecurity improvements for cyberattack prevention, detection and response.
"We created a virtualized environment to assess the cybersecurity position of several wind power plants using different cybersecurity technologies," Johnson said in the release. "We found that adding cybersecurity technologies had a reasonable pay-back period when comparing their cost to the average cost of a breach, which is very expensive."
Off-the-shelf cybersecurity technologies evaluated by Sandia National Laboratories' team required fine-tuning for wind power plants, the release reported.
"Proper training for the implementers of these technologies is key," Johnson added, according to the release. "This research shows that adding new cybersecurity technologies improves the overall security of a wind power plant by giving plant operators greater visibility into cyberthreat operations and by providing new capabilities to remove adversaries from wind networks."
Meanwhile, wind energy and cybersecurity experts at National Renewable Energy Laboratory in Colorado are examining risks and consequences of cyberattacks on wind power plants and turbines and are looking for ways to defend against those potential threats, the release reported.
"NREL's research was designed to understand and address cybersecurity risks so we can use that information to strengthen the U.S. electric grid against threats," Jonathan Keller, a researcher leading NREL's work, said in the news release. "We identified vulnerabilities to wind energy systems to raise awareness among wind industry professionals so they’ll take proactive measures to make sure their systems are more secure."
NREL's team has studied rare accidents that include wind turbine blade strikes on its tower that can cause the turbine to collapse, according to the release. Such scenarios allow researchers to study how those strikes happen and compare the same damage to what might happen under a cyberattack.
"We studied historical events to brainstorm hypothetical cybersecurity threats," NREL cybersecurity researcher Zoe Dormuth said in the news release. "Through reverse engineering, we figured out how the event could happen on purpose instead of by accident. That was the coolest part of this project."