Wind Cybersecurity

Funded by the U.S. Department of Energy (DOE) Office of Cybersecurity, Energy Security, and Emergency Response and led by NREL, the Renewable Energy and Storage Cybersecurity Consortium (RESCue) analyzes and addresses cybersecurity concerns for wind, solar, and energy storage systems. RESCue is an evolution from the Wind Cybersecurity Consortium, which focused on evaluating cybersecurity threats against the U.S. wind fleet. The project brings together experts from industry, federal entities, and national labs to create methodologies, architectures, metrics, and training programs that address cybersecurity for renewable energy sectors. By taking a holistic, system-wide approach, RESCue aims to build cyber-resilient renewable energy infrastructure through research, education, and collaboration.

Funded by DOE's Wind Energy Technology Office (WETO), this project aimed to develop a reference architecture of an individual wind turbine. This built on the existing wind power plant reference architecture developed by researchers from Idaho National Laboratory and Sandia National Laboratories. A holistic wind power plant and turbine reference architecture and simulation was developed using the Advanced Research on Integrated Energy Systems (ARIES) Cyber Range, which can be used to demonstrate the impacts of various cyber threats.

Funded by DOE WETO, NREL's Offshore Wind and Grid Reference Architecture and Cybersecurity project is developing a vendor-neutral conceptual architecture, cybersecurity standard guidelines, and threat assessment reports. Similar to the land-based wind reference architecture, this project also creates a reference architecture to evaluate threats and enhance offshore wind cyber-physical resilience. As part of this ongoing project, NREL will develop a roadmap for accelerated, secure deployment of offshore wind infrastructure.

Funded by DOE WETO and led by Sandia National Laboratories, the WindWeasel project is developing a host-based intrusion detection system for wind turbine controllers. For this project, NREL is focusing on developing cybersecurity validation platforms and machine learning based algorithms for wind turbine and plant control systems to identify vulnerabilities and intrusions. By using ARIES research platforms—a 1.5-MW turbine at the Flatirons Campus—the project is safely evaluating attack vectors, developing protection mechanisms, and analyzing malware impacts within a contained system. The goal is to improve cyber protections and system resilience for wind generation assets through proactive detection of cyber intrusions.

Funded by DOE WETO, the Wind Security, Health, Integrity, Engineering, and Learning (WindSHIELD) program at NREL improves wind turbine cybersecurity through cross-sector research and development initiatives. WindSHIELD convenes industry, academia, and national labs to establish best practices for monitoring, detecting, responding to, and mitigating cyber threats specific to the wind generation sector. By taking a holistic approach, WindSHIELD strengthens the cyber resilience and security posture across the wind energy ecosystem.

Funded by DOE WETO and led by Sandia National Laboratories, the Machine Learning for Network Intrusion Detection Systems project is developing advanced network monitoring capabilities tailored for wind power plant network environments to identify malicious activity. NREL is focusing on creating the validation environments to generate the data required to develop advanced machine learning algorithms and physics-informed machine learning mechanisms to enhance the accuracy of these algorithms.