Securing National Critical Energy Infrastructure and Supply Chain from Cyber Threats
The Energy Cyber Sense program aims to improve the nation’s ability to identify and engineer out cybersecurity risks and vulnerabilities across the energy supply chain through partnerships with manufacturers and users of critical energy infrastructure technology. Established by Section 40122 of the Bipartisan Infrastructure Legislation (BIL), it is a voluntary program to test the cybersecurity of energy products and technologies, including bulk-power systems.
The U.S. Department of Energy’s (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) implements the programs and research and development efforts under the Energy Cyber Sense program umbrella, including:
- Cyber Testing for Resilient Industrial Control Systems (CyTRICS)
CyTRICS leverages the testing and analysis capabilities of the DOE National Laboratories ecosystem to confirm the security of the software and firmware of components used across the energy sector. - Cyber-Informed Engineering (CIE)
CIE is a method that integrates cybersecurity considerations into the conception, design, development, and operation of any physical system, energy or otherwise, to mitigate or even eliminate avenues for cyber-enabled attacks. - Clean Energy Cybersecurity Accelerator (CECA)
CECA brings together federal infrastructure and expertise, asset owners in the energy sector, and technology innovators in a unified effort to catalyze the development of new cybersecurity solutions for the nation’s future clean energy grid. - Cybersecurity Manufacturing Innovation Institute (CyManII)
CyManII supports early-stage research and development (R&D) to improve the competitiveness of American manufacturing, secure supply chains, and bolster cybersecurity in energy-efficient manufacturing. - Executive Order 14017 on America’s Supply Chains
Applied Research and Development (R&D) efforts in response to gaps in supply chain security identified in EO 14017. - Supply Chain Cybersecurity Principles
The Supply Chain Cybersecurity Principles characterize the foundational actions and approaches needed to deliver strong cybersecurity throughout the vast global supply chains that build energy automation and industrial control systems(ICS). The principles aim to create an enduring framework to drive best practices today, while informing international coordination to advance those practices into the future.
From its vantage point overseeing DOE programs across the entire energy sector supply chain, the Energy Cyber Sense program is equipped to detect, communicate, and resolve the most pressing cybersecurity threats facing the nation’s energy critical infrastructure. The program’s organized effort allows CESER to identify, understand, and mitigate pressing national cybersecurity threats by conducting groundbreaking research in partnership with national laboratories, collaborating with industry and government partners, and furthering the ongoing goal of securing the nation’s energy infrastructure.