An increasingly open and transactional grid edge is forcing the U.S. Department of Energy to shore up electricity network defenses with blockchain technology.
Last month, the DOE embarked on a multimillion-dollar push “to develop blockchain cybersecurity technology to help secure distributed energy resources at the grid’s edge,” according to a press release from Guardtime, one of the parties involved in the project.
Michael Mylrea, senior manager of cybersecurity for electricity infrastructure at Pacific Northwest National Laboratory (PNNL), another of the project partners, said a key goal of the work was to develop a keyless signature infrastructure (KSI) based on blockchain.
This would be used to verify exchanges within a grid edge energy-delivery system, he said. “Grid edge devices lack visibility, control and security to conduct real-time energy transactions with the required security, speed and scale,” he said.
The KSI would form part of a keyless infrastructure security solution that could be plugged into a distributed control and sensing software platform, called VOLTTRON, which PNNL developed for the DOE.
Besides PNNL and Guardtime, the DOE is working with Washington State University, Tennessee Valley Authority, Siemens and the Department of Defense’s Homeland Defense and Security Information Analysis Center on the three-year project.
The DOE is carrying out the work under its Cybersecurity for Energy Delivery Systems program, which it said is designed “to enhance the reliability and resilience of the nation's energy infrastructure.”
PNNL is currently finalizing a field work proposal for the project, Mylrea said. “Modernization has increased the size and speed requirement for electricity infrastructure, significantly expanding the cyberattack surface for the grid,” he told GTM.
Currently, the North American Electric Reliability Corporation’s Critical Infrastructure Protection Reliability Standards focus on the bulk grid and provide inadequate security requirements at the distribution level, he said.
At the same time, there are signs the energy sector is being increasingly targeted by cybercriminals.
In 2014, the U.S. energy sector had more cybersecurity incidents than any other industry tracked by the U.S. Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team.
And in 2016, hackers cracked Ukrainian grid control center defenses and shut down almost 60 substations responsible for delivering 200 megawatts of power to the north of the nation’s capital, Kiev.
Wired said the hackers “were skilled and stealthy strategists who carefully planned their assault over many months.”
Trying to avoid such incidents using traditional grid and operational technology IT defenses might “reduce functionality and increase costs to achieve security gains,” Mylrea said.
“This project is unique in that it potentially increases the efficiency and scalability of a more distributed grid, while at the same time making it more cyber-resilient,” he said.
Alex Miller, co-founder of energy blockchain startup Grid+, said the DOE’s work could help protect against fraud in grid edge transactions.
“Blockchain would help a lot in this domain because it provides a highly structured and immutable audit trail, complete with the identity of every actor in the system,” he said. “Any data alteration of any kind is extremely easy to detect. This makes fraud extremely difficult.”
Coincidentally, recent months have seen a rush of startups using blockchain technology as the basis for energy trading platforms.
In addition to Grid+, which completed a presales campaign last month, an Australian company called Power Ledger recently raised AUD $34 million (USD $26.5 million) in an initial coin offering (ICO), a form of cryptocurrency stock market launch.
In Europe, meanwhile, a blockchain energy trading platform provider called WePower unveiled details of an ICO at a CryptoFriends Netup event held in Barcelona this month.
Alongside growing interest in blockchains, the energy sector is seeing increasing concerns over cybersecurity.
Researchers in the Netherlands have discovered multiple vulnerabilities in solar inverters, and DNV GL, the standards body, has made cybersecurity a centerpiece of its recommended practices for grid-connected energystoragesystems.
Against this backdrop, said Francois Sonnet, co-founder of ElectriCChain, an energy generation data project, “I believe that the DOE would [gain an] advantage by working on cybersecurity with blockchain, as it is essentially un-hackable.”