PNNL pilots two use cases applying blockchain technology to improve the cybersecurity of critical electricity infrastructure.
In the digital age, the speed and size of data transfer are increasing rapidly, raising concerns about privacy and security. This information management juggernaut presents a major challenge for energy utilities that need to exchange and store data securely, while at the same time increase the speed, reliability and efficiency of power delivery.
In one of the largest blockchain grid-cyber projects of its kind, PNNL is working with Guardtime, Washington State University, Avista, various industry vendors of industrial control systems and energy delivery systems, the U.S. Departments of Energy and Defense, and over a dozen industry advisors to test and demonstrate blockchain’s ability to increase the cybersecurity resilience of electricity infrastructure.
In March, the team demonstrated two of the project’s first use cases. The first use case focused on securing critical data stored and exchanged between the energy management system or distribution management system and energy delivery systems. The second use case demonstrated how blockchain can help improve asset management and supply chain security for critical energy delivery systems.
These use cases are important as energy utilities work to secure an increasing number of end points from evolving cyber threats, while at the same time managing the rapid expansion of distributed energy resources and other smart devices. These initial pilots suggest that blockchain shows potential to help secure these transactions while also enhancing grid resiliency by providing a novel security solution for managing and securing critical energy delivery systems and data.
Since its debut about a decade ago, this highly touted blockchain technology is still in its formative stages and often misunderstood. By validating and verifying the opportunities versus the hype, this blockchain project helped add clarity for securing the nation’s power grid and other critical infrastructures.
“Think of the early days of the Internet,” said Michael Mylrea, the project’s primary investigator and a senior advisor for cyber security and resilience at PNNL. “While blockchain technology is still at a nascent stage and lacks a browser-level ease of use, these initial pilots demonstrated that blockchain could potentially unlock a new wave of innovation to help secure complex energy exchanges.”
Blockchain software provides a digital ledger that records transactions of value using a cryptographic signature. The transactions are maintained in a continuous list of records, called blocks, with built-in protections against tampering.
Each block contains a timestamp and a cryptographic link to a previous block. Because the data that forms a block cannot be altered retroactively, the chain is very difficult to modify.
While blockchain technology is often linked with the cryptocurrency Bitcoin, the technology that underpins it varies greatly in its characteristics, definition and application. In fact, an article last spring in The New York Times noted that a volatile cryptocurrency market has demonstrated that blockchain technology lacks oversight and standards, which continues to distract from the real potential of the technology. Namely, the application of DLT can increase trust and auditability of data in a way that will remove the need for third parties in sectors ranging from energy to finance.
In August, The Economist ran a piece directly linking blockchain to the energy industry and the possibility of decentralized energy transactions by directly linking consumers and producers of energy. Because blockchain-based transactions can be executed without middlemen, this “prosumer” approach could improve today’s inefficient multi-tiered system, in which intermediaries transact on various levels.
Energy utilities are also taking notice of blockchain’s transformative potential. However, they remain cautious due to lingering questions related to the interoperability, security and scalability of the technology.
Better, stronger, more efficient
Funded by the U.S. Department of Energy, the Keyless Infrastructure Security System (KISS) project led by PNNL, focused on:
- Developing a blockchain-enabled cybersecurity controller that uses PNNL’s VOLTTRON™ platform to execute complex energy exchanges that cannot be modified or manipulated by cyber attacks
- Developing the first blockchain prototype to continuously monitor and autonomously verify the integrity of critical energy delivery systems
- Validating and verifying opportunities and challenges in applying blockchain to mitigate cyber threats to energy delivery system operation, configuration, and supply chain.
The recent blockchain pilots were important milestones that helped increase the energy sector’s nascent understanding of blockchain. These findings helped fill several major blockchain research gaps in determining technical requirements for scalability, interoperability and security.
“Instead of assuming that blockchain is the panacea to all grid-cyber challenges, we performed a deep dive into over a dozen different blockchain technologies, closely examining the feasibility of its application to the energy sector,” said Mylrea.
These findings have helped pave the way for future research in applying the blockchain solution developed during the project to live grid telemetry.
“How can we break the blockchain? Can we build it back in a way that is more resilient and easier to use? How can blockchain make our grid more efficient and resilient in response to evolving cyber threats?” Mylrea said these are the types of questions that future research will help answer
PNNL’s pilots provide valuable insight on both blockchain opportunities and challenges and provide greater clarity for a technology that lacks standards, regulations and definitions. Namely, not all blockchain applications are created equal.
Several blockchain solutions are energy intensive and often vulnerable to different cyberattacks. Public and private blockchains, and applications, configurations and implementations vary greatly in cost, latency, interoperability and applicability for securing critical energy infrastructure. PNNL’s work is focused on addressing these very issues, with focus on how to increase the trustworthiness and integrity of blockchain energy applications.
In 2019, the team expects to start commercializing a blockchain-enabled cybersecurity controller and move beyond field testing to utility-level deployments. They’ll also explore opportunities to partner with industry and utilities to increase the speed, security and interoperability of complex energy transactions.
Above the radar
An ambitious project to be sure, but the idea of breaking the blockchain and building it back even stronger has gained a lot of attention. Greentech Media and other outlets reported on the project launch, progress and pilot findings were featured at this year’s RSA Conference, the largest global cyber security conference.
The project has also helped inform lawmakers and regulators. PNNL’s Paul Skare testified at a U.S. Senate committee hearing in August on Energy Efficiency of Blockchain and Similar Technologies, and again in March to lawmakers in Washington state. Skare is the Chief of Cyber Security and Technical Group Manager for Energy and Environment at PNNL. His testimony included remarks about the KISS blockchain project.
“Our research is helping the energy sector move beyond the blockchain buzz, to validating and verifying the potential of blockchain for a modern power grid that is more resilient and efficient,” said Mylrea.
Race to the finish
It’s still too early to call blockchain the magic bullet for critical infrastructure cyber resilience. Evolving blockchain definitions create governance challenges for regulators and policy makers.
To add clarity and help give impetus to broad industry adoption, Mylrea and his colleague, Sri Nikhil Gourisetti, lead the cybersecurity task force for the IEEE Blockchain Standards Committee and working group. The objective of that group is to develop standards and frameworks for the technology’s application to the energy sector.
But the world is not waiting. Both startups and established companies around the globe are galloping into the wild-west of blockchain application development. In fact, Sri Nikhil Gourisetti notes that many Fortune 500 companies are exploring various blockchain applications for their businesses.
PNNL’s work on blockchain leverages its core capabilities and domain expertise in grid cybersecurity to support of DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) Multiyear Plan for Energy Sector Cybersecurity. Specifically, the work aligns with the DOE’s goal of accelerating game-changing research, development and demonstration (RD&D) of resilient energy delivery systems, and their ability to survive a cyberattack while sustaining critical functions.