First there was CIGAR. Then there was SPADES. Now there's MAGIC.

But the goal remains the same: “To identify when cyberattacks are happening on a distribution system and mitigate the effects of that attack," says Lisa Slaughter, NRECA research software engineer and data scientist.

MAGIC, which stands for Mitigation Via Analytics for Grid-Inverter Cybersecurity, is the third in a series of federally sponsored projects tackling the challenge of keeping distributed energy resources (DER) and grid-level equipment safe from hackers.

The previous two, “Supervisory Parameter Adjustment for Distribution Energy Storage," (SPADES) and “Cybersecurity via Inverter-Grid Automatic Reconfiguration," (CIGAR) focused on protecting the grid using the power inverters that work alongside batteries and solar photovoltaic panels.

MAGIC, which runs through 2026, follows on those projects with increased attention to the potential for artificial intelligence (AI) and machine-learning algorithms to detect and respond to cyberattacks, with consideration of hardware constraints.

“Over the life of the three projects, we have been increasingly upping the technology readiness levels," says Slaughter.

Photovoltaic panels and batteries rely on smart inverters to feed power into the grid. But the capability to remotely update these inverters provides a possible entry point for bad actors. The approach MAGIC is exploring to counter this and other threats, Slaughter says, is using AI to detect compromised inverters and then having uncompromised inverters on the circuit take steps to offset attempts to disrupt power flow or quality by the hacked inverters.

“Hypothetically, if you have 30 percent compromised and 70 percent not compromised, you could use the 70 percent to mitigate the effects of those 30 percent," she says.

NRECA Research is partnering with Lawrence Livermore National Laboratory, Lawrence Berkeley National Laboratory, Siemens Corp, Cornell University, the University of Central Florida and the National Renewable Energy Laboratory on the effort.

Participants are testing defense strategies in experimental attacks on simulated utility systems, with NREL serving as the attacking team while Cornell's and UCF's algorithms defend.

NRECA plans to make MAGIC's AI and machine learning algorithms available through the Open Modeling Framework, Slaughter says, allowing cooperatives to conduct their own cyberattack detection and mitigation simulations.

The MAGIC project is sponsored by the Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response in the Artificial Intelligence, Risk Management Tools and Technologies Division.