This report forms part of the wider OLTER (Offshore Low Touch Energy Robotics & Autonomous Systems) project where the aim is to deliver a Robotics and Autonomous Systems (RAS) service, to scale and commercialise robotics for use in offshore energy environments. The purpose of this report is to explore the types and future of autonomous systems, general cyber security landscape, and how these interact in the offshore wind environment. The report focuses on offshore wind, however many of the points discussed are relevant across other offshore energy sectors. In addition to the report, a toolkit has been developed to provide decision-makers with a resource to assess the cyber security risk of using autonomous systems around the wind farm.

The offshore wind industry is growing at a fast rate and, particularly in the UK, installing wind farms further from shore. This increases the challenges associated with all activities, and particularly during the operations and maintenance phase. The use of RAS is becoming increasingly prevalent with the aims to improve safety, reduce costs and reduce emissions. Autonomous systems are those with the capability of completing operations independently. There are different degrees of autonomy that systems can operate in, with humans taking less control as confidence is gained in the ability of the system to complete operations safely. Within offshore wind, the RAS operating areas include aerial, sea surface and subsurface. Remotely operated systems are currently in use, such as unmanned aerial vehicles (UAV), uncrewed surface vehicles (USV) and remotely operated vehicles (ROV). However, there are very few autonomous systems in operation due to the regulatory landscape, technology development levels and industry confidence. This is expected to change in the future as the offshore wind industry becomes more dependent on RAS, however much needs to be understood by offshore wind developers and owner operators to build confidence. One area of concern is the cyber security risk posed by autonomous systems operating in and around wind farms.

Cyber security affects all industries, and this report explores key areas such as standards, best practice, attack types and attack motivations. In relation to autonomous systems specific areas of data security, supply chain security, wind farm network interfacing, software and system testing are discussed. The key risks associated with the use of autonomous systems are highlighted and it should be noted that many of these risks are synonymous with the risks posed by remotely operated systems already in use. The key factors affecting risk and mitigations are also explored. These are further expanded upon in the accompanying toolkit  to support decision-makers.