You are here

Cybersecurity Intrusion Detection System for Large-Scale Solar Field Networks

Award Information
Agency: Department of Energy
Branch: N/A
Contract: DE-SC0018863
Agency Tracking Number: 0000261184
Amount: $1,099,461.00
Phase: Phase II
Program: SBIR
Solicitation Topic Code: 12b
Solicitation Number: N/A
Solicitation Year: 2021
Award Year: 2021
Award Start Date (Proposal Award Date): 2021-08-27
Award End Date (Contract End Date): 2023-08-26
Small Business Information
52 Mission Circle, STE 201
Santa Rosa, CA 95409
United States
DUNS: 080269860
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Randall King
 (707) 326-6084
Business Contact
 Rod Sugiyama
Phone: (707) 479-9274
Research Institution

Historically, the solar industry has adopted minimal cybersecurity protections. At best, deployments consist of installing perimeter defense solutions driven by regulatory and stakeholder requirements. Today, critical infrastructure systems are a growing target for nation state sponsored cyber adversaries. As these cyberattacks increase both in volume and sophistication, new solutions are needed to safeguard the growing demand for renewable energy. However, widescale adoption of advanced cyber technologies requires solutions that also address the industry’s extreme cost sensitivity. Operant’s Phase I and II projects established a superior distributed intrusion detection system for large scale solar sites that detects cyberattacks through secure network traffic inspection of both internal ‘lateral’ and external site communications. This is necessary because the traditional approach, adding perimeter firewalls, is being challenged by two trends: the growth of fully encrypted traffic, and the knowledge that attackers regularly penetrate perimeter defenses but then spend extended periods in lateral movement throughout the network. We successfully engaged with key commercialization partners: the leading solar cybersecurity consulting firm and a major electrical utility. Their insights confirmed the need for our intrusion detection system. More importantly, we learned that existing solutions are only being adopted by the largest projects above 75 MW which must comply with NERCCIP regulations. This threshold presents a unique commercialization opportunity for our solution: Sites larger than 75 MW are regulated to provide cybersecurity controls; while smaller distributed generation sites are unregulated and cybersecurity capabilities are neglected due to costs. Smaller sites are much more numerous and have no remote visibility into network traffic for either cyber or operational reasons. The lack of remote visibility leads to expensive and unnecessary travel to remote sites for operational problems and increased downtime overall. The NERCCIP 75 MW threshold may be reduced, yet there are no existing cyber solutions that are costeffective for smaller sites Working alongside our commercialization partners in this Phase IIB effort we propose a lowcost, comprehensive, and modular solution appropriate for both the smallest solar sites and scalable up to the largest systems. By combining our cyber intrusion detection system with our existing communications solutions, we will create an integrated cybersecurity, communications, and operational visibility platform. Deployed on commonly used offtheshelf equipment, this will reduce costs while improving security by displacing existing patchwork solutions and multiple hardware components. Operant already has commercial partner commitments to help fill this need and directly participate in this project helping with product definition, facilities, and marketing. With this Phase IIB effort, we can directly impact the security of the nation’s growing solar fleet, while staying within the necessary cost envelope required for rapid adoption.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government