October 28, 2021, I gave a presentation to the US Secretary of Energy’s Advisory Board (SEAB) on the need for process sensor monitoring. The SEAB meeting can be found at https://www.energy.gov/seab/seab-meetings as well as my prepared presentation. My short presentation is at approximately the 1 Hour 20-minute timeframe. In the SEAB meeting, DOE was looking to address hard technical barriers. Cyber-securing process sensors fall into that category. Malicious or unintentional sensor failures have had wide-ranging impacts. A failure of ONE process sensor caused a significant load swing in the local grid that rippled through the entire Eastern Interconnect causing a significant load swing more than a thousand miles away.
Sometime in September 2021, three of the premier DOE national laboratories – ORNL, PNNL, and NREL, did a study of “Sensor Impacts on Building and HVAC Controls: A critical review for building energy performance”. The report notes that cybersecurity threats are increasing, and sensor data delivery could be hacked as a result. The Chinese have provided counterfeit pressure sensors to the North American market and installed hardware backdoors in large power transformers – hardware supply chain issues. Yet, neither process sensor cyber security or hardware supply chain issues were addressed by DOE or their advisors at the SEAB meeting or the October 20-21, 2021 DOE Electricity Advisory Committee meeting.
DOE needs to take process sensor cyber security more seriously.