Skip to navigation Skip to content
Careers | Phone Book | A - Z Index
Usable Data Systems Group

Cybersecurity for Energy Delivery Systems Research and Development

Berkeley Lab Computing Sciences Research is an active participant in a number of projects in the arena of cybersecurity for energy delivery systems.  Recently, this work has been funded largely via DOE's Cybersecurity for Energy Delivery systems program. These projects include collaborations with academic, vendor, and utility partners.  LBNL's work in this space emphasizes both its historical role in developing, deploying and testing the Zeek (Bro) Network Security Monitor, as well as novel research ideas that leverage physics — physical limitations, physical sensor output, and insight into commands sent to control systems — to help monitor and protect networked energy system devices under control.

Learn more at the LBNL Cybersecurity for Energy Delivery Systems R&D Web Site.

A partial listing of current and recent R&D projects relating to cybersecurity for energy delivery systems, including lists of partners, publications, and software developed is as follows:

  1. Privacy-Preserving, Collective Cyberattack Defense of DERs.  This project aims to develop, apply, and test a technique for enabling collective defense of distribution grids with significant penetration of distributed energy resources (DER) and responsive loads (particularly Electric Vehicles), by leveraging a privacy-preserving method of data sharing without exposing raw data that might contain personally identifiable information (PII) from individual consumers or buildings or that might otherwise be considered national security information that could be leveraged by adversaries to more effectively compromise and potentially destabilize portions of the electric grid. We envision creating a software platform to allow utilities to share relevant cybersecurity information with one another in a manner that does not compromise the privacy of customers in their service territories. In doing so, we hope to reduce the reluctance of utilities to share information that can be used to harden other networks by reducing privacy-related liabilities associated with grid operational technology (OT) data.   It is funded by DOE CESER's RMT program and is led by Sean Peisert.  See CESER ShielDERs project website.
  2. Mitigation via Analytics for Inverter-Grid Cybersecurity (MAGIC).  Project MAGIC will develop artificial intelligence and machine learning algorithms to detect and mitigate cyber attacks on aggregations of Distributed Energy Resources (DER). The developed algorithms will be demonstrated in hardware-in-the-loop testing and integrated into an open source simulation tool. It is funded by DOE CESER’s RMT program and is led by Daniel Arnold.  See MAGIC project website.

Several recent projects include the following:

  1. Provable Anonymization of Grid Data for Cyberattack Detection.  This project aims to develop techniques for enabling data analysis for the purposes of detecting and/or investigating cyberattacks against energy delivery systems while also preserving aspects of key confidentiality elements within the underlying raw data being analyzed. The result will be a complete solution for anonymization of data collected from OT and IT networks pertaining to energy grid cyberattack detection that has been tested for its ability to retain privacy properties and still enable attack detection.  It is funded by DOE CESER's CEDS program and is led by Sean Peisert.  See CEDS Privacy project website.
  2. Securing Automated, Adaptive Learning-Driven Cyber-Physical System Processes.  This project is developing secure machine learning methods that will enable safer operation of automated, adaptive, learning-driven “cyber-physical system” processes.  It is funded by an LBNL LDRD and is co-led by Sean Peisert and Daniel Arnold.  See Secure Automated Control project website.
  3. Supervisory Parameter Adjustment for Distribution Energy Storage (SPADES).  This project is developing the methodology and tools allowing Electric Storage Systems (ESS) to automatically reconfigure themselves to counteract cyberattacks, both directly against the ESS control systems and indirectly through the electric grid. It is funded by DOE CESER's CEDS program and is led by Daniel Arnold.  See CEDS SPADES project website.
  4. Securing Solar for the Grid (S2G).  This project aims to develop an understanding of security and performance requirements for the use of AI high solar / IBR / DER penetration scenarios, and also to develop an understanding of understanding power grid data confidentiality and privacy requirements. It is funded by DOE’s SETO office and is co-led by Sean Peisert and Daniel Arnold.  See S2G project website.
  5. UC-Lab Center for Electricity Distribution Cybersecurity.  This project will bring together a multi-disciplinary UC-Lab team of cybersecurity and electricity infrastructure experts to investigate, through both cyber and physical modeling and physics-aware cybersecurity analysis, the impact and significance of cyberattacks on electricity distribution infrastructure.  It is funded by the UC-Lab Fees Research Program.  The overall project is led by Hamed Mohsenian-Rad; the LBNL portion is led by Sean Peisert.  See UC-Lab Center project website.
  6. Byzantine Security — Multi-layered Intrusion Tolerant Byzantine Architecture for Bulk Power System Protective Relays,  This project aims to explore applications of a Byzantine Fault Tolerant (BFT) architecture in combination with ML/AI methods to ensure that the bulk power system, including protective relays in the transmission grid, and associated substation and control center systems, can perform intrusion tolerant operations. It is funded by the DOE Grid Modernization Initiative. The LBNL portion of this effort is led by Sean Peisert.  See Byzantine Security project website.
  7. Cybersecurity via Inverter-Grid Automatic Reconfiguration (CIGAR). This project is performing R&D to enable distribution grids to adapt to resist a cyber-attack by (1) developing adaptive control algorithms for DER, voltage regulation, and protection systems; (2) analyze new attack scenarios and develop associated defensive strategies.  It is funded by DOE's CEDS program and is co-led by Sean Peisert and Daniel Arnold.  See CEDS CIGAR project website.
  8. Threat Detection and Response with Data Analytics.   This project is developing technologies and methodologies to protect the grid from advanced cyber and all-hazard threats through the collection of disparate data and the employment of advanced analytics for threat detection and response.  The project is funded by DOE OE's CEDS program as part of the DOE Grid Modernization Initiative.  The project is led by LLNL, co-led by Sean Peisert at LBNL, and also includes partnerships with PNNL and SNL.  Utility partners include the Electric Power Board (EPB), National Rural Electric Cooperative Association (NRECA)  See CEDS Threat Detection and Response with Data Analytics project website.
  9. Integrated Multi Scale Machine Learning.   This project’s overarching goal is to create advanced, distributed data analytics capability within the DOE GM Consortium, to provide visibility, and controllability to distribution grid and building operators.  The project is funded by DOE EERE and DOE OE as part of the DOE Grid Modernization Initiative.  The project is led by LLNL.  Sean Peisert is the lead at LBNL.  It als includes partnerships with LANL, NREL, ORNL, and SNL  Utility partners include the Riverside Public Utilities and Florida Power and Light.  Vendor partners include National Instruments, PingThings, and Power Standards Laboratory.  See Integrated Multi Scale Machine Learning project website.
  10. An Automated, Disruption Tolerant Key Management System for the Power Grid. This project is designing and developing a key management system to meet the unique requirements of electrical distribution systems (EDSs). It is funded by DOE OE's CEDS program, is a partnership with PNNL, and is led at LBNL by Sean Peisert. See Power Grid Key Management project website.
  11. Cyber Security of Power Distribution Systems by Detecting Differences Between Real-time Micro-Synchrophasor Measurements and Cyber-Reported SCADA.This project is using micro-PMU measurements and SCADA commands to develop a system to detect cyberattacks against the power distribution grid. It is funded by DOE OE's CEDS program and is led by Sean Peisert. See µPMU Cyber Security project website.
  12. Inferring Computing Activity Using Physical Sensors.  This project is using power data to identify computational operations, particularly in high-performance and cloud computing environments.  This project is led by Sean Peisert at LBNL.  See project website for inferring computing activity with power data.
  13. Application of Cyber Security Techniques in the Protection of Efficient Cyber-Physical Energy Generation Systems. This project was funded by DOE OE's CEDS program and was co-led by Chuck McParland and Sean Peisert. Specifically, we designed and developed a security monitoring and analysis framework for control systems. The goal was to integrate the monitoring and analysis of network traffic and serial communication with an understanding of physical device constraints within a single intrusion detection system (IDS) to enhance resilience of cyber physical systems. See CEDS CPS security project website.

Key Representative Publications:

Chuck McParland, Sean Peisert, and Anna Scaglione, "Monitoring Security of Networked Control Systems: It's the Physics," IEEE Security and Privacy,12(6), November/December 2014. [BibTeX] [DOI]

Mahdi Jamei, Emma Stewart, Sean Peisert, Anna Scaglione, Chuck McParland, Ciaran Roberts, and Alex McEachern, "Micro Synchrophasor-Based Intrusion Detection in Automated Distribution Systems: Towards Critical Infrastructure Security," IEEE Internet Computing," Sept./Oct. 2016. [CDL]

Mahdi Jamei, Anna Scaglione, Ciaran Roberts, Emma Stewart, Sean Peisert, Chuck McParland, and Alex McEachern, "Anomaly Detection Using μPMU Measurements in Distribution Grids," IEEE Transactions on Power Systems, October 25, 2017. [BibTeX] [DOI] [CDL] 

Melissa Stockman, Dipankar Dwivedi, Reinhard Gentz, Sean Peisert, "Detecting Programmable Logic Controller Code Using Machine Learning," International Journal of Critical Infrastructure Protection, 2019. [DOI]

Ciaran Roberts, Daniel Arnold, Mahdi Jamei, Anna Scaglione, Reinhard Gentz, Sean Peisert, Emma M. Stewart, Chuck McParland, and Alex McEachern, "Learning Behavior of Distribution System Discrete Control Devices for Cyber-Physical Security," IEEE Transaction on Smart Grid, accepted 31 July 2019.

Mahdi Jamei, Raksha Ramakrishna, Teklemariam Tesfay, Reinhard Gentz, Ciaran Roberts, Anna Scaglione, and Sean Peisert, “Phasor Measurement Units Optimal Placement and Performance Limits for Fault Localization,” IEEE Journal on Selected Areas in Communications (J-SAC), Special Issue on Communications and Data Analytics in Smart Grid, accepted 2 October, 2019.


A portion of the software developed through this activity can be downloaded via Github.

About Berkeley Lab

Founded in 1931 on the belief that the biggest scientific challenges are best addressed by teams, Lawrence Berkeley National Laboratory and its scientists have been recognized with 16 Nobel Prizes. Today, Berkeley Lab researchers develop sustainable energy and environmental solutions, create useful new materials, advance the frontiers of computing, and probe the mysteries of life, matter, and the universe. Scientists from around the world rely on the Lab’s facilities for their own discovery science. Berkeley Lab is a multiprogram national laboratory, managed by the University of California for the U.S. Department of Energy’s Office of Science.

DOE’s Office of Science is the single largest supporter of basic research in the physical sciences in the United States, and is working to address some of the most pressing challenges of our time. For more information, please visit