"Cybersecurity in the Blue Economy"
The oceans and seas cover over two-thirds of the Earth's surface. These waters are expected to add $3 trillion to the global economy over the next decade through the generation of electricity via marine renewable energy (MRE) devices, which could reduce the carbon footprint from energy production and support grid stability for remote coastal communities. It is essential to protect these technologies from cybersecurity threats that could disrupt device functionality and connected systems. The first cybersecurity guidance report for MRE devices has been created by Pacific Northwest National Laboratory (PNNL) on behalf of the US Department of Energy's (DOE) Water Power Technologies Office. This guidance aims to help MRE developers further explore the risks present in their designs and operations, as well as improve the security of devices, industrial control systems, energy delivery systems, and the maritime industry. In order to identify and analyze cybersecurity risks and threats, the PNNL team gathered data through a formal request for information to developers, a presentation to the DOE Marine Energy Council's stakeholder members, and one-on-one discussions. They reviewed cyber threats and vulnerabilities faced by IT and Operational Technology (OT) devices used in oscillating water columns, oscillating surge flaps, eave-point absorbers, and current turbines. Then they examined the supply chain risks for potential security issues that stem from firmware, hardware, and software used in IT and OT devices. Using these facts, the researchers created customized guidance for MRE developers and end-users. This article continues to discuss the creation of cybersecurity best practices guidance for marine energy devices.