Threat Analysis

NREL's cybersecurity threat analysis examines current and future threats and vulnerabilities and analyzes the impact they could have on our energy sector.

Three people stand in a dark room looking at a large wall display computer screen.

Threat Analysis Components

NREL cybersecurity researchers continually engage in all levels of threat analysis to help ensure a more resilient grid of the future.

  • Threat characterization: We pinpoint potential threats and evaluate the potential risk of those threats to the U.S. energy sector.
  • Vulnerability assessment: We scrutinize energy systems and devices to identify weaknesses or vulnerabilities that could be exploited by cyber actors.
  • Impact analysis: • We assess the impacts of cyberattacks on emerging energy technologies and their potential affects to grid reliability.
  • Risk assessment: We calculate the overall risk associated with a specific threat scenario by combining threat likelihood, vulnerability severity, and consequence analyses.

Capabilities

Cyber Range

The Advanced Research on Integrated Energy Systems Cyber Range provides foundational control system modeling and simulation tools and training to quickly verify and validate and verify analytic tools and processes and deploy adversarial tactics, techniques, and procedures in a highly instrumented and secure environment.

Threat Modeling

Threat modeling allows us to anticipate and mitigate potential cyber threats before they materialize. We become aware of a potential threat and then map out the interactions on faithful representations of energy systems. We then pinpoint potential entry points and analyze where we need protection and where vulnerabilities in the system might arise. Then we can develop and implement countermeasures to minimize the impact of the threat.

Penetration Testing

NREL builds model systems that represent threats in an emulated environment and designs experiments to identify system vulnerabilities, assess security compliance, and discover bugs.

Projects

U.S. Department of Energy's Energy Threat Analysis Center: Cyber threats from nation states, criminals, and other malicious actors are challenging the nation's energy infrastructure. NREL is working with other U.S. Department of Energy laboratories, private energy sector companies, and the Office of Cybersecurity, Energy Security, and Emergency Response to analyze and address these threats. The Energy Threat Analysis Center leverages the partners' collective expertise to evaluate risk, prioritize responses, and develop mitigation strategies and technical advisories that inform the operators of energy systems about how they can protect themselves from adversaries.

Contact

Jorge Lacoste

Manager, Cyber Threat Analysis Group

Jorge.Lacoste@nrel.gov
303-384-6889

Share