SBIR-STTR Award

Solar energy operators need real­time situational awareness and the insight of advanced analytics to compete in the energy marketplace. These benefits require increased connectivity, but the threat of distributed cyberattack on control systems is exacerbated by the limited number of vendors supplying millions of solar devices. Firewalls and software­based security are inherently vulnerable to attack, particularly in the age of botnets, unlimited computing power, and artificial intelligence. Secure equipment monitoring can be provided by data diodes (unidirectional gateways), but today’s diodes require extensive on­site network configuration and can cost in excess of $100,000 per device. Fend will bring the unhackable, physically­enforced security of data diodes to the solar equipment market through simpler, lower cost hardware capable of automatic configuration. Fend’s Data Valve converts data into light for one­way transmission, allowing for both equipment monitoring and complete isolation from cyberattack. Fend’s will reduce costs by up to 99% with plug­and­play hardware that can be installed by anyone trusted to service solar equipment. Fend’s optional cloud­based analytics platform allows for real­time equipment monitoring and predictive analytics to reduce unexpected equipment downtime. Fend provides the fastest and most cost effective way to secure new solar installations and protect gigawatts of existing capacity.Objectives for Phase I are: (1) Significantly reduce costs of data diode protection through right­sizing of componentry for the solar energy market; (2) Enable automatic, plug­and­play installation by technicians and remove the need for manual network configuration by network engineers; and (3) Make real­time grid state monitoring and data analytics more accessible to solar generation operators. Though this Phase I SBIR project, Fend will adapt its technology for the solar energy market by refining the hardware design and expanding the capabilities of the Data Valve’s on­board software. The result of Phase I will be a device that can automatically connect to one type of solar energy equipment and transmit data to the desired network location while completely protecting that equipment from malicious network traffic. Through Phase II and beyond, automatic protocol switching will allow the Data Valve to serve multiple equipment types and expansion into the protection of fossil energy and nuclear plants, critical building systems, and water utilities. Commercial success provides these

Benefits:
(1) Enhanced security for the US electric industry; (2) Improved grid resilience through secure, real­time availability of equipment status; (3) Increased operational efficiency through operational awareness and early fault detection; and (4) US­based manufacturing and software development jobs.

Reimagining a trusted technology (data diodes) into a low-cost plug and play appliance, to provide greater situational awareness and predictive analytics, while safeguarding the infrastructure.That is the Fend mission, and SBIR Phase I helped to demonstrate the need and feasibility for this solution.Solar energy operators need real-time situational awareness and the insight of advanced analytics to compete in the energy marketplace.Fend has started to demonstrate that it can provide the fastest way to secure existing solar energy equipment and harden new installations.Fend’s new class of data diode incorporates optical isolation technology to protect a much broader set of equipment and facilities than are served by current, incumbent data diodes.In addition, Fend engineers successfully developed, field-tested, and incorporated an analytics platform providing users with operational awareness by achieving three major capabilities.It: (a) collects data from solar equipment; (b) passes that data in a one-way fashion from the upstream protected side to the downstream network side; (c) sends that data from the downstream side to the desired network or cloud location.At the conclusion of Phase I, Fend possesses a fully functioning prototype that has achieved significant stakeholder interest.Through numerous interactions with stakeholders in the solar market, and broader marketplace, we have identified three technical objectives for Phase II: 1.Hardware refinements to • Streamline the installation procedure • Enhance tamper resistance • Include battery backup • Obtain certification of ruggedness 2.Enhancements to our data analytics platform • Leverage AI and machine learning 3.Limited provision for operators to control equipment remotely • Develop the ability to securely send control commands to dynamically adjust grid conditions Technical benefits from the Fend solution include (a) Enhanced security; (b) Improved grid resilience; and (c) Improved operational efficiency.Economic benefits are the improved cost efficiency through operational awareness and early fault detection.Social benefits include the reduction of carbon emissions and the creation of new jobs because of the increased reliability of solar power, and security of its installations.More broadly, the Fend solution will make the proliferation of distributed energy resources and the connection of IIoT components more secure, and less vulnerable to cyber threats.Fend’s project deliverables shall include a data diode and associated cloud-based data analytics platform fully compliant with all Phase II technical objectives.These objectives were crafted with Phase III in mind.The technical requirements respond to feedback from industry collected during Phase I that will make Fend’s data diodes ready for sale and for scale.Some of the critical activities will include the development of an installer user interface to avoid command line programming; expanding the firmware’s ability to automatically cycle through the majority of protocols used by solar industry; incorporating batteries to hardware to allow for data transmission during power outages; adding switches and refining firmware to disable appliance if tempered with; ruggedizing hardware for sustained operation in extreme conditions; incorporating advanced analytics in AWS environment, to achieve measurable and repeatable rate of predictable behavior; modify the hardware and firmware to allow the appliance to send authorized commands in reverse; and perform extended field testing.Over the past few months, we have carefully listened to cybersecurity and installation engineers in governments, utilities and private industry.They shared some of their biggest challenges, and helped us finetune a comprehensive solution incorporating our data diode and an intuitive, predictive analytics cloud platform.We built our Phase II proposal in response to their needs.