Offshore Wind Farms May Have Serious Cyber Vulnerabilities
The global offshore wind industry has been taking stock of emerging challenges that pose threats to expansion of wind farms and deployment of clean energy. Though governments have set ambitious targets for integrating offshore wind into the energy mix and are determined to push them through, a key threat continues to be overlooked.
In a new study, researchers are now lifting the lid on the threat of cyberattacks on offshore wind farms. Though largely overlooked by regulators, utilities and manufacturers, it is emerging that the significance of cybersecurity for offshore wind has reached unprecedented levels due to grid modernization and digitalization.
The study comes when the world is witnessing the expansion of offshore wind. Data show that last year, a record 4.2 GW of new offshore wind farms came online, up 40 percent over 2022. During the year, $32.6 billion of new investments were confirmed covering 9 GW that will be built over the coming years. This year, at least 40 GW will be auctioned if all countries run their 2024 auctions as planned, according to Wind Europe.
The expansion of the industry is opening new fronts of cyberattack threats, which are elevated for wind farms that use voltage-source-converter high-voltage direct-current (VSC-HVDC) connections. These connections are rapidly becoming the most cost-effective solution to harvest offshore wind energy around the world.
The researchers from Concordia University and Hydro-Quebec contend that offshore wind requires more cyber infrastructure than onshore wind because they are far from land and are operated remotely.
Due to their complex and hybrid-communication architecture, offshore wind farms are highly susceptible to cyberattacks, the researchers assessed. This stems from the fact that they need to communicate with onshore systems via a wide area network, with turbines also communicating with maintenance vessels and inspection drones, as well as with each other. This network offers many access points for cyberattacks.
The researchers highlight that while the system networks can handle events like router failures or signal decays, it becomes more concerning if there is an attacker in the middle who is trying to hijack signals.
“As we advance the integration of renewable energies, it is imperative to recognize that we are venturing into uncharted territory, with unknown vulnerabilities and cyber threats,” said Juanwei Chen, one of the researchers.
They added that manufacturers and utilities have a huge task of addressing gaps in the security of operational technologies. Regulators also need to be proactive in ensuring systems are foolproof, the team assessed.