The purpose of this Funding Opportunity Announcement (FOA) is to advance tools and technologies specifically designed to reduce risks to energy delivery infrastructure from all hazards including cybersecurity, physical security, and climate effects. This effort will lead to next generation tools and technologies not available today that will become widely adopted throughout the energy sector to reduce an incident disruption to energy delivery.

There are six topic areas in this FOA:

• Topic Area 1 – Operate Through Compromise: The “operate through compromise” strategy accepts that an organization’s systems may be compromised and is focused on quickly detecting and responding to active cybersecurity events. This topic area is requesting the research, development, and demonstration of tools and technologies that can provide “Operate Through Compromise” or in degraded mode. Capabilities resulting from this research are designed to ensure continued operation and/or graceful degradation of some services to minimize the impact an adversary can have on the system. The developed tool or technology must be able to identify and mitigate the cybersecurity threat by minimizing the intended damage and avoiding the further spread of the attack. The technology must include a prioritization/ranking of targets to ensure protection of high-value targets. Emerging technologies such as network segmentation or novel endpoint protections may be incorporated into the proposed innovative approaches.
• Topic Area 2 – Adaptable Zero-Trust Architecture: Many of the components that make up a zero-trust architecture exist today; however, solutions are needed to develop a holistic zero-trust architecture for operational technology (OT) systems. To securely integrate OT devices and systems, asset owners and operators must be able to ensure the system trustworthiness by verifying device authentication and authorization, verifying commands, and ensuring integrity. To bolster the electricity subsector’s defenses against cyber threats, tools and technologies need to be developed to establish a zero-trust architecture where a verified trusted relationship can be established. This topic area focuses on the development of tools and technologies to verify trustworthiness within OT operations, ensuring integrity across different functions, business lines, and employees. Scalable authentication mechanisms to verify various device elements and entities connecting to the increasingly distributed grid network should be considered.
• Topic Area 3 – RD&D of Risk Management Tools and Technologies for Natural Hazards: Applications should address non-cyber risks and hazards to the energy sector, such as those due to climate change and extreme weather. Specifically, applicants’ objectives should be to develop tools that help identify, characterize, detect, and/or mitigate risks to energy infrastructure from water and/or wind damage from various extreme weather events. These tools should help address one of the following areas: 1) enable long term planning, 2) mitigate impacts to energy infrastructure, and/or 3) improve industry’s ability to prepare for and respond to incidents.
• Topic Area 4 – RD&D of Tools and Technologies for Energy Infrastructure Resilience to Wildfires: Applications should address the research, development, and demonstration of technology solutions that address the needs of energy stakeholders relative to wildfires. Specifically, applicants should focus on developing and validating technologies that utilize real-life information that can aid in one or more of the following: 1) determining probable equipment and infrastructure failures more accurately, 2) de-risking energy infrastructure and environment interactions relative to wildfires, and/or 3) improve industry’s ability to prepare for and respond to incidents.
• Topic Area 5 – Physical Security Improvements for Utility Power Substations: Recently, there have been many reports of vandalism, sabotage, and ballistic damage to utility power substations. Today’s physical protection approaches for utility power substations includes methods such as video surveillance systems, access control, and physical barriers. Physical security improvements are needed to further minimize intrusions and damage. This topic area is seeking research, development and demonstration of innovative tools or technologies or capabilities that would provide enhanced substation protection from these physical threats. Research can consider improvements to existing solutions and/or developing novel physical security technologies.
• Topic Area 6 – University-Based RD&D: Scalable Cyber-Physical Platform: The DOE is focused on building an equitable and resilient clean energy future. This initiative extends CESER’s R&D efforts to utilize University-Based energy industry R&D of scalable cyber-physical solutions to build strategic core capabilities within the sector in advancing cybersecurity for energy delivery systems. Applications sought under Topic Area 6 are restricted to historically black colleges or universities (HBCUs). This research, development, and demonstration (RD&D) is primarily focused on creating advanced cybersecurity capabilities for electric power utilities. This will involve RD&D of scalable Cyber-Physical Platforms (CPP) for resilient and secure electric power systems that are flexible, modular, self-healing, and autonomous. The proposed project activities should result in CPP tools and technologies that will detect and mitigate incidents in electric power systems. The proposed CPP will integrate and account for cybersecurity aspects of the information technology (IT) and OT networks as well as grid physics. The integrated CPP will need to identify and protect against anomalous communications and anomalous grid behavior.