Full Title: Attack Surface of Wind Energy Technologies in the United States
Author(s): Sarah Freeman, Matthew Kress-Weitenhagen, Jake Gentle, Megan Culler, Megan Egan, and Remy Stolworthy
Publisher(s): Idaho National Laboratory
Publication Date: January 1, 2024
Full Text: Download Resource
Description (excerpt):
Low-cost, reliable electrical energy production from wind relies upon automation and control systems, arguably more so than traditional thermal generation. These same systems, however, can serve as the target of adversaries’ cyber-attacks. Idaho National Laboratory (INL), at the request of the Department of Energy’s (DOE’s) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) and Energy Efficiency and Renewable Energy’s (EERE’s) Wind Energy Technologies Office (WETO), evaluated a generalized wind plant architecture to understand the classes of potential threat actors and the vectors that could enable a cyber-attack. This evaluation explores the attack surface of a representative wind plant, identifying potential methods and vectors that an adversary could leverage to conduct a cyber-attack. Included in this assessment are some recommended mitigations and approaches. Each recommendation requires a full security evaluation, cost/benefit analysis, and risk analysis by each owner and operator.