ConnectWerx, a Partnership Intermediary of the U.S. Department of Energy (DOE), has opened a funding opportunity in collaboration with The Office of Cybersecurity, Energy Security, and Emergency Response (CESER). The DCEI Risk Assessments (DRA) project is a crucial DOE initiative to enhance the cyber resilience of the nation’s defense critical energy infrastructure (DCEI). This project is driven by the increasing resilience on complex operational technology, industrial control systems, and digital technologies within the energy sector, which has exposed it to cyber sabotage. Traditional cybersecurity measures, primarily focused on preventing initial breaches, are often insufficient against determined attackers and state-sponsored adversaries. Current funding available for this opportunity is $942,000. DOE expects to make 2 awards with additional awards possible subject to funding availability. 

Complete the online application and upload the appropriate project information and supporting documentation in the application link below for CWX-026-CESER.

Submissions were due no later than January 7, 2026 at 5 PM ET.

Submissions must include the following files as indicated in the below chart, using the required templates (hyperlinked below).

Submission Requirements

Responses shall be submitted by the date and time specified above.

Files shall be submitted in Microsoft Office or Adobe Acrobat format, no larger than 5MB. ZIP files and other application formats are not acceptable. All files shall be print-capable, without a password. Filenames must contain the appropriate extension and shall not contain special characters*. Appropriate files extensions are:

Late submissions will not be accepted. Submissions can be made in advance of the deadline and updated (or files replaced) up to the deadline.

CESER aims to significantly enhance the cyber resilience of critical national infrastructure by systematically applying CIE principles and the CCE process. This will involve working directly with critical infrastructure owners and operators, including leveraging the expertise of CCE-certified consulting firms, to identify high-consequence cyber-enabled sabotage scenarios. Applicant must be able to conduct broad cybersecurity and cyber-physical assessments leveraging a blend of numerous frameworks including but not limited to CCE engagements and IEC 62443. A key outcome will be the development and implementation of engineering-based solutions that not only eliminate or mitigate identified risks but also ensure the ability to operate critical functions even in compromised environments. 

Expected deliverables include detailed assessments of cyber-physical and cybersecurity vulnerabilities for specific critical infrastructure systems, documented design changes and operational controls tailored to mitigate identified risks, and improved protocols for maintaining essential services despite cyber compromise. Furthermore, a crucial outcome will be the expansion of the CCE methodology’s reach and impact, through direct Tier-1 engagements where the team will work with critical infrastructure asset owner operates through all four phases of the CCE methodology, Rapid Critical Function Assurance (CFA) Engagements where the CCE team works through the first two phases of the CCE process with the critical infrastructure asset owner operates, and other cyber-physical and cybersecurity assessments including but not limited to CCE engagements and IEC 62443. CCE team will help provide a holistic understanding of how prioritized critical functions are delivered, help to create targeted protection and mitigation recommendations to reduce impact risk and focused application of security resources. This will foster a sustainable ecosystem for cyber-informed engineering practices across the industrial base, contributing to a more secure and resilient national infrastructure against sophisticated and persistent cyber threats. 

How to Participate

1. Review details on eligibility, evaluation criteria, and how to apply.
2. Attend the Objective Strategic Session / Information “Office Hours” Session on December 22, 2025 at 1 PM ET.
3. Download the Project Overview & Plan template.
4. Complete the Submission Form & upload the completed Project Overview & Plan. Submissions were due no later than January 7, 2026 at 5 PM ET.

Wednesday, January 7, 2026 at 5 PM ET

Objective Strategic Session / Information “Office Hours” Session was held on Wednesday, December 22, 2025 at 1 PM ET

• Watch the Webinar (Video)
• View the Presentation (PDF)
• Read the Transcript (PDF)

• December 10, 2025: Opportunity Announcement and Application Open
• December 22, 2025 at 1 PM ET: Objective Strategic Session / Information “Office Hours” Session
• January 7, 2026 at 5 PM ET: Application period closes

• Applicant has been certified by the Idaho National Laboratories (INL) in their Cyber Informed Engineering process known as, Consequence-driven Cyber-informed Engineering (CCE).  
• Applicant has the ability to conduct cyber-physical and cybersecurity assessments including but not limited to CCE engagements and IEC 62443. 
• Must meet the “domestic entity” definition for GSA (organized under US laws, majority domestic ownership/control, physical US place of business, and not owned/controlled by a Country of Risk). 
• Ability to demonstrate sufficient financial resources or access to capital to commence and sustain initial project activities prior to initial payment milestones. A basic financial health check may be necessary. 

1. Technical Merit and Innovation
   • Understanding of the Problem: Clarity and depth of understanding of the specific energy sector challenge being addressed. 
   • Proposed Solution: Soundness, feasibility, and technical approach of the proposed solution. How well does it address the problem statement outlined in the Topic Area Challenges to Address section. 
   • Innovation: Degree of novelty, creativity, and potential for breakthrough solutions. Is the approach unique or an improvement upon existing methods? 
   • Technical Expertise: Demonstrated expertise of the key personnel and their technical capabilities relevant to the proposed work. 
   • Scalability and Adaptability: Potential for the solution to be scaled up, applied across diverse energy utility environments, and adapted to evolving threats or technologies.
2.  Impact and Broader Implications 
   • Energy Sector Impact: Potential for the proposed solution to significantly enhance the security, resilience, or efficiency of the US energy infrastructure. 
   • National Security Implications: Contribution to national security objectives through protection of critical energy 
3. Team Qualifications and Experience
   • Key Personnel: Resumes and experience of the principal investigator and key team members, emphasizing direct relevance to the project’s technical domains. 
   • Organizational Capabilities: Overall capacity and infrastructure of the small business to successfully execute the proposed work. 
   • Past Performance: Documented successful past performance on similar or related projects, particularly those involving advanced technology development, R&D, or deployment. (Focus on relevance rather than the sheer size of past contracts).
4. Cost Effectiveness and Value
   • Budget Justification: Realism and reasonableness of the proposed budget, with clear justification for all costs. 
   • Cost-Benefit Analysis: Potential for the proposed solution to deliver significant value or cost savings to the energy sector relative to investment. 
   • Leverage: Any co-funding, in-kind contributions, or other leveraging of resources that demonstrate commitment and maximize the impact of DOE funding. 

• Are there any specific forms for reporting with this opportunity?
  • Yes, selected applicants will be required to submit the Transparency of Foreign Connections Disclosures and Certification before negotiating their award. The TFC form can be found here: https://www.energy.gov/ia/transparency-foreign-connections
• What is a PIA and why is DOE pursuing this approach?  
  • Partnership Intermediary Agreements (PIAs) are agreements between the Federal government and non-Federal partners (partnership intermediaries or PIs) designed to increase outreach to and engagement with small business firms, institutes of higher education, and non-traditional partners.
• How will the agreement process work after DOE selection?
  • Upon conclusion of selection from DOE Program Office Representative (POR) and finalization of milestone schedule, ConnectWerx will issue a business-to-business (B2B) agreement to the lead performer for review and execution. The B2B agreement will contain mandatory flow downs from the prime Partnership Intermediary Agreement (PIA) executed between DOE and Advanced Technology International.
• How does invoicing and payments work with ConnectWerx? 
  • Upon completion of milestones, invoices will be submitted to ConnectWerx for review with DOE and payment release. Incremental payments to the performer will be made in accordance with the established milestones and deliverables as written (and approved by DOE POR) in the B2B agreements. The payment schedule for each project is to be determined based on negotiated milestones and deliverables. Please be aware, additional documentation and support for expenditures may be requested as determined by DOE.
• How does an applicant apply? What is required in the application?
  • Information about how to apply, application materials, and deadlines will be available on the opportunity page once the opportunity has been released.
• What is the maximum number of entities that could be funded as part of the collaborative?
  • The number of awardees will be determined by the level of funding available and the quality of the proposals received.
• Is this a grant or an award?
  • Neither. This opportunity is run via a Partnership Intermediary Agreement. PIAs are agreements between the Federal government and non-Federal partners (partnership intermediaries or PIs) designed to support DOE’s missions to expand the development and deployment of transmission solutions, heighten energy security, and strengthen national energy ecosystems.