Cybersecurity of Consumer Energy Resources CAESER

June 18th, 2024

Project co-funded by CSIRO’s Critical Infrastructure Protection and Resilience (CIPR) Initiative and the Cyber Security Cooperative Research Centre (CSCRC), in collaboration with CSIRO’s Smart Energy Mission (SEM).
 
Goal: Enhance the cybersecurity of Consumer Energy Resources through a resilience lens – ensuring Australia develops the expertise on both the technical and regulatory side to ensure that resilience to cybersecurity threats to its energy infrastructure.
 
Start date: 1/11/23
End date: 31/10/24
 
As Australia is becoming a global leader in Consumer Energy Resources (CERs), such as solar PVs, batteries and EVs, there are unprecedented challenges in securing a large number of CERs. This project aims to enhance the cyber security and resilience of CERs. This project is undertaken jointly by CSIRO, Edith Cowan University and University of New South Wales.
 
The motivations of this project are to address the following crucial questions:
 
[Q1] What are the impacts of CER cyber security on Australia’s energy infrastructure? Particularly, how to quantitatively justify the costs of CER cyber threats to Australia?
[Q2] What are the potential near-term and long-term threats of CER to Australia’s energy infrastructure? How to mitigate these threats, particularly relating to the software vulnerabilities and supply chain risks of CER systems?
[Q3] What are the gaps between the existing CER standards/certification and the practical operational requirements facing Australia’s energy operators and distributors? How to resolve the gaps and align with Australia’s energy regulations?
[Q4] How do these factors play a role in the long-term cyber resilience of CERs in Australia? What are the viable strategies to cope with a growing number of unsecured CERs in the future?
 
To shed light on the above questions, the project will consist of the following tasks:
 
  1. Provide quantitative analysis and assessment on the threats by CER cyberattacks to Australia’s energy infrastructure.
  2. Examine the software vulnerabilities and supply chain risks in CERs through case studies.
  3. Identify the gaps between standardization and operational practices and analyse the CER protocols for system-wide vulnerabilities.
  4. Propose long-term strategies and recommendations for practice in anticipation of the risks and costs of unsecure legacy CERs.
  5. Engage and disseminate the findings of this project to national and international stakeholders.

 

For more information: contact Sid Chau, Co-lead <sid.chau@data61.csiro.au>
Project leader Sharif Abuadbba