The rise of renewable energy sources like wind and solar in power grids brings environmental benefits and new cybersecurity challenges. Manimaran Govindarasu, a distinguished professor of electrical and computer engineering, plans to address these vulnerabilities with two research projects.
The projects are funded by the Department of Energy’s (DOE) Office of Cyber Security, Energy Security and Emergency Response (CESER). Both projects focus on improving the cybersecurity of renewable energy grids through advanced technology.
The CyDERMS center project plans to enhance cyber situational awareness in renewable energy grids starting in the summer of 2024. The two-year project focuses on using artificial intelligence (AI) and machine learning (ML) to monitor malicious activities such as cyberattacks that could compromise the infrastructure.
Govindarasu said the research is vital due to the increasing attack surface as more renewable energy sources — like solar farms and wind turbines — connect to the grid, often via less secure systems.
The project’s collaborative team includes four co-principal investigators (co-PIs) and several students from Iowa State working with DOE national labs like the Argonne National Laboratory and the National Renewable Energy Laboratory, as well as industry partner General Electric (GE) Vernova. The goal is to build anomaly detection systems capable of identifying potential threats in real time, helping stop attacks before they cause widespread disruptions.
“The complexity of the grid increases as more renewable energy is being integrated into the grid, creating more entry points for cyberattacks,” Govindarasu said. “Our goal is to ensure that the systems monitoring the grid are as robust as possible and can detect malicious activity quickly.”
This initiative also focuses on workforce development and training students and professionals in cybersecurity for operational technology (OT) systems—systems that control the physical operations of the grid.
Unlike traditional IT systems, OT systems have unique challenges, such as real-time operational constraints and legacy technologies, which need a specialized approach in cybersecurity.
Souradeep Bhattacharya, a PhD student working under Govindarasu in the electrical and computer engineering department, shared his involvement.
“First, the developed models are tested offline with realistic datasets collected from simulated normal and attack scenarios,” Bhattacharya said. “Then, these would be implemented in our hardware-in-the-loop (HIL) cyber-physical testbeds for real-time testing and validation.”
The second project, which started in August 2024, takes a different approach to securing the renewable energy grid by implementing Zero Trust Architecture. Known as ZT-CARD (Zero Trust Cybersecurity Architecture for Renewable Distributed Systems), this three-year project uses the principle “never trust, always verify” to safeguard the grid.
The idea is to continuously reauthenticate devices and reauthorize access within the system, ensuring only authorized entities can interact with the infrastructure.
ZT-CARD has extensive security solutions, such as moving target defense, which dynamically changes IP addresses and communication paths to confuse potential attackers.
This method is a controlled chaos, which makes it harder for hackers to pinpoint targets in the system without affecting its operational performance.
Shaurya Purohit, who is involved in the ZT-CARD project, emphasized the practicality of their work.
“These aren’t just ideas on paper—they’re designed to create solutions that improve the security and resiliency of critical systems,” Purohit said.
Both projects arise from the increasing reliance on renewable energy and the growth in cyber vulnerabilities. As more wind, solar and microgrid systems are added to the grid, the infrastructure becomes more interconnected—and thus, more exposed to cyberattacks. Govindarasu explained that hackers could manipulate control systems, potentially leading to blackouts or other critical failures.
“The attack surface is growing, and we must ensure that the systems protecting our grid can evolve as well,” Govindarasu said. “With more renewable energy being integrated into national grids, developing tools that can monitor and mitigate cyber threats is critical.”
These projects involve collaboration with leading universities, DOE national labs and industry partners such as GE Vernova and Central Iowa Power Coop (CIPCO). Arizona State University, University of Minnesota, University of Illinois Urbana-Champaign and Michigan Tech provide key expertise in renewable energy infrastructures and the grid.
Govindarasu emphasized that both undergraduate and graduate students actively participate and gain hands-on experience in cybersecurity and renewable energy research. This opportunity trains students in real-world applications, preparing them for future careers.
The DOE funding reflects how important cybersecurity is in renewable energy. Govindarasu explained that both projects were selected through a competitive process, with the DOE recognizing the innovative nature of the proposals and the expertise of the teams involved.