DESC0023980

n DER (Distributed Energy Resource) power delivery systems, the cybersecurity enhancement of OT (Operational Technology) is urgently needed to adapt/survive cyberattacks without disrupting safe operations. However, the modern energy systems with OT and IT systems are connected, allowing cyberattacks to originate in business systems and then migrate to DER energy control systems within the OT environments, which require absolute availability. In this project, InfoBeyond advocates OT-Healer (A Real-time Decentralized Self-Security/Healing Tool for DER OT Resiliency) to provide decentralized threat monitoring, detection, and mitigation at the OT level. Analyzing the OT traffic allows compromised OT nodes to automatically execute the self-healing techniques that ensure the operation continuity from system abnormality, intrusion, or malicious attacks. OT-Healer is a lightweight (computing resource, memory) and distributed OT cybersecurity solution, which can be deployed into a small and single-board computer connected in a Bump-in-the-Wire (BitW) configuration with an actual DER OT device at the grid-edge (e.g., monitored traffic in-between an actual grid-tied inverter and an aggregator). It further supports the targeted power delivery systems to be operated 24/7 with high reliability and availability; it does not require any downtime for patching or healing from malicious abnormality. For these capabilities, OT-Healer proposes: (i) A hybrid cyber-physical IDS (Intrusion Detection System), a proactive behavior-based intrusion detection and mitigation system, that analyzes both cyber and physical data streams in parallel, detects intrusion, and deploys proactive response; (ii) An AI-trained optimal control policy generation mechanism for individual DER OT components to control the remaining set of non-compromised DER to self-heal from unwanted large oscillations in system voltages and large voltage imbalances in real-time; (iii) An effective time-graded reactive power control coordination method is implemented between OT devices and DER units to reduce the simultaneous and negative operation by executing both static and dynamic voltage control with maximum utilization of DER capacity. Business Benefits: OT-Healer achieves several impressive benefits: ? A Novel IDS and Self-Healing Tool for DoE and Energy Companies: Over the last decade, DER-related IC2P (Industrial Control Cyber Protection) are experiencing a surging demand for many multidisciplinary cybersecurity projects, e.g., U.S. DoE Risk Management Tools and Technologies (RMT), and Cybersecurity Capability Maturity Model (C2M2). National Renewable Energy Laboratory (NREL) develops Distributed Energy Resource Cybersecurity Framework (DERCF) that OT-Healer can greatly improve on its effort on grid reliability and availability. OT-Healer offers an automated ML-powered cyber-physical IDS to analyze both cyber and physical data streams in parallel, detect intrusion, and deploy proactive response. This capability further benefits the U.S. energy organizations, such as Duke Energy, NextEra Energy Resource, American Energy Power, First Energy, PG&E, Chevron Corp., and Diamondback Energy Inc. ? DER Protection and Self-healing for Power and Manufacturing Companies: The adoption of modern complex manufacturing platform with IC2P in an interconnected operational network for high-fidelity commercial production helps accelerate the enhancement of cybersecurity in operating reliability and machine availability with the integration of OT-Healer. In the safety-critical manufacturing network, the use of the OT-Healer offers new cybersecurity protections that are not provided by other security products, e.g., learning algorithm to directly search for optimal policies that manage the OT component’s VV/VW (Variable Voltage & Variable Wattage) control functions to mitigate the negative impact of cyberattacks. ? Control Resilience against Cyberattacks for Energy Delivery Systems: OT-Healer benefits for U.S. energy companies to achieve new level of control resilience. Newer workloads of securing device control systems, such as energy utility stations requires to secure data and machine communication that OT-Healer quantitatively provides the time-graded static/dynamic reactive power control resilience for reducing the simultaneous and negative operation between OT and physical control units.