Researchers from Carnegie Mellon University warned that the rapid expansion of AI infrastructure, electrification, and grid modernization is creating long-term security and supply chain risks tied to dependence on Chinese-controlled energy and electronics technologies. In the paper ‘Electrotech Moneyball,’ published through the Carnegie Mellon Institute for Strategy and Technology (CMIST), researchers argued that the ‘electrotech stack’ powering modern grids, AI infrastructure, robotics, batteries, and advanced manufacturing has become a shared industrial foundation with growing national security implications.
Titled ‘Electrotech Moneyball: An Industrial Strategy for Ranking Risk and Opportunity in Energy & AI Supply Chains,’ the paper said China currently dominates large portions of this ecosystem, including batteries, power electronics, precision magnets, and digitally connected grid technologies that increasingly control how electricity is generated, stored, routed, and balanced. Researchers argued that the greatest security concerns lie in digitally active control layers such as battery management systems, inverter firmware, orchestration platforms, and cloud-connected software rather than commodity hardware itself.
The paper also warned that the convergence of AI and energy infrastructure is rapidly expanding the attack surface of critical systems and called for stronger coordination between government and industry to secure modern energy technologies and reduce dependence on adversarial supply chains.
The Electrotech Moneyball paper proposed a ‘Moneyball’ framework designed to help policymakers and industry prioritize the most strategically significant technologies instead of treating the entire energy supply chain as equally risky. The framework recommends tighter domestic control over the highest-risk technologies, trusted-allied sourcing for intermediate components, and managed global procurement for lower-risk hardware.
“The United States cannot slow its grid expansion, leave it undefended, or decouple it from PRC supply chains overnight. Smart strategic planning means addressing the most serious vulnerabilities first. Not every component in America’s rapidly digitizing grid carries equal risk,” Phoebe Benich, a non-resident fellow at the CMIST, Emma Stewart, a non-resident fellow with CMIST and leads Idaho National Lab’s Center for Securing Digital Energy Technology, and Harry Krejsa, director of studies at CMIST, wrote in the Electrotech Moneyball paper.
“Treating the entire electricity ecosystem as if everything is an emergency means that nothing will be defended effectively,” the authors noted. “And imposing blanket restrictions on all Chinese-made components would throttle the very industrial buildout the United States needs to outpace current PRC manufacturing advantages. Indeed, the most strategically underweighted danger to the US energy ecosystem may not come from Beijing, but from self-inflicted paralysis—whether through overcorrection that delays the technologies this buildout demands, or indecision that continues ceding agency to our competitors.”
The authors highlight that the digitally-native architecture is fundamentally distinct from the more analog industrial control systems (ICS) that came before it. “Legacy grid infrastructure, characterized by mechanical switches and hardwired power electronics, either operated without external network interfaces, or with simplistic, bolted-on connectivity oriented more toward remote operation and monitoring rather than machine-speed management and orchestration.”
Furthermore, components of the electrotech stack, by contrast, are disproportionately networked, software-defined, and remotely updatable by design. This digital connectivity offers advantages in performance and security alike; a software-defined grid can not only be rebalanced and adapted at speeds and scales that legacy systems never could approach, but can also be monitored, patched, and, when faced with disruption or attack, document operational forensics that will be key to response and recovery.
Raising the fact that the electrotech stack’s significance extends well beyond energy, the Electrotech Moneyball paper listed semiconductor fabrication lines, battery chemistry and cell manufacturing, wireless communication modules, precision sensors, and power management systems that scaled to meet global demand for smartphones and laptops comprise the same industrial base now producing the components being deployed into AI infrastructure, modern grid systems, battery storage facilities, EV drivetrains, drones, and broader defense platforms. This shared industrial heritage, including electrotech’s defining capability, the digital management of physical systems, means that advancements or dependencies in one sector can easily influence or propagate across the others.
“As a result, electrotech is increasingly not a collection of separate industries with distinct supply chains, but a single industrial base with multi-sector leverage. The country that dominates that shared foundation is poised to reap compounding advantages across all of them,” they wrote in the paper. “Moreover, because of this shared industrial heritage, one country’s dominance in the electrotech industrial base can become self-reinforcing: the design and sourcing decisions being made today in support of the AI-driven grid expansion will influence competitive positions across not only energy, but also defense, advanced computing, transportation, and autonomous systems for decades to come.”
The paper moves on to identify that the electrotech stack faces well-documented security risks, and the U.S. too often compounds them with siloed, narrow, or undisciplined responses. “The security risks themselves are serious; our energy ecosystem’s hodgepodge of old and new technology platforms already faces a bevy of cybersecurity and supply chain challenges. It is untenable for our much-needed wave of expansion and modernization to depend so deeply on a strategic competitor for the digitally-active components that increasingly govern how power is generated, stored, and directed across the grid.”
“But the emerging policy response risks an additional and different kind of failure—one not of inadequate defense, but of overreach and paralysis,” the authors identified. “By treating every Chinese-manufactured component as equally dangerous or every supply chain dependency as equally urgent, Washington risks stalling the very energy and manufacturing buildout the United States needs to regain industrial leadership. Refusing to build because one cannot yet build ‘perfectly’ may be as perilous as building without security at all.”
Researchers warned that China’s interest in disrupting U.S. energy infrastructure is supported by military doctrine, active cyber operations, and long-term strategic planning tied to a potential Taiwan contingency. The paper noted that Chinese military strategy identifies energy systems, telecommunications, transportation, and financial infrastructure as priority cyber and electromagnetic attack targets, while U.S. officials have testified that China-linked actors such as Volt Typhoon are already establishing persistent access inside critical infrastructure networks, including energy systems, to prepare for potential disruptive operations.
The Electrotech Moneyball analysis also highlighted continuing threats from Russian, Iranian, and North Korean actors, pointing to Russia’s attacks on Ukrainian energy infrastructure and recent Iranian compromises of U.S. industrial control systems. Researchers said many of these operations exploit weaknesses between legacy and modern infrastructure, where aging industrial systems connected to increasingly software-driven grid technologies create security gaps that attackers can traverse with limited visibility or detection.
The paper warned that China’s dominance across key layers of the electrotech supply chain is creating long-term economic and national security risks for the U.S. as infrastructure becomes increasingly digitized and electrified. The paper said China controls large portions of global markets for cellular IoT modules, cellular chipsets, inverters, and battery components after decades of industrial strategy focused on scaling manufacturing, acquiring intellectual property, and securing market share.
Researchers cautioned that Beijing has already demonstrated a willingness to weaponize supply chain leverage through restrictions on critical minerals used in electric motors, batteries, and inverter systems, raising concerns that future geopolitical tensions could disrupt access to both components and finished technologies essential to U.S. infrastructure expansion. While existing deployed infrastructure, such as solar panels, would continue operating during a supply cutoff, the analysis warned that long-term dependence on Chinese electrotech manufacturing could slow future deployment, increase costs, and create chronic strategic vulnerabilities that cannot be resolved through short-term policy responses alone.
The CMU paper observed that growing dependence on foreign electrotech supply chains is increasing cybersecurity exposure through digitally connected control layers built into modern infrastructure systems. The paper noted that many grid and energy technologies are designed with remote firmware management, diagnostics, and update capabilities that could also enable surveillance, operational disruption, or equipment shutdown if abused.
Researchers pointed to China’s National Intelligence Law, supply chain compromises such as the SolarWinds breach, and a 2025 Russian attack on distributed energy resources in Poland as evidence that trusted update channels and remote management infrastructure can become large-scale attack vectors. The study also highlighted concerns over undocumented communications hardware discovered in some Chinese-origin equipment and warned that limited cybersecurity oversight across much of the U.S. electricity sector leaves critical infrastructure increasingly exposed as digital control systems expand.
The Electrotech Moneyball paper also identified that the greatest risk to U.S. energy modernization may come not only from foreign adversaries, but also from policy overreaction and fragmented decision-making that slows infrastructure deployment and weakens coordinated security efforts. The paper argued that policymakers must distinguish between long-term supply chain dependency risks and immediate cybersecurity threats tied to digitally active control layers such as firmware, orchestration platforms, and grid management systems.
While dependence on foreign electrotech manufacturing creates strategic economic vulnerabilities, researchers said the more urgent danger comes from compromised control systems capable of disrupting grid operations in real time. The study called for more targeted and disciplined security policies focused on high-risk operational technology layers rather than broad restrictions on entire product categories, warning that indiscriminate bans and unclear regulation could undermine grid modernization, reduce allied cooperation, and ultimately weaken infrastructure resilience.
The CMU paper proposes the Moneyball framework for strategically prioritizing technologies across the electrotech stack, recognizing that these systems are no longer limited to energy infrastructure but increasingly form a shared industrial foundation supporting defense, robotics, autonomous systems, and advanced computing. The framework is designed to identify where policymakers and industry should focus first to achieve the greatest cross-sector strategic impact.
Researchers said the framework evaluates technologies across three key dimensions: how urgently they must be deployed and how close markets are to long-term technological lock-in; which technologies create the greatest systemic risk while also offering the strongest opportunities for mitigation; and how much cross-sector industrial and economic advantage domestic leadership in those technologies could provide.
The paper calls upon policymakers to evaluate technologies across the electrotech stack using three core criteria to determine where security and industrial priorities should be concentrated. The first assessment should identify which technologies are most critical to current energy expansion efforts by examining deployment speed, the risk of long-term manufacturing lock-in, and the development of industry standards that could shape future infrastructure dependence.
The Electrotech Moneyball paper urged policymakers to identify which technologies create the greatest systemic risk while offering the strongest opportunities for risk reduction. This includes evaluating how dependent infrastructure operations are on specific components, whether foreign-made technologies create credible attack vectors, and the potential operational impact if those systems are compromised or disabled. Researchers said infrastructure should be designed with ‘firebreaks’ and trust boundaries that isolate higher-risk control and communications layers while still allowing use of globally sourced hardware where appropriate.
Finally, the study recommended prioritizing technologies that can strengthen both security and long-term industrial competitiveness. Researchers said policymakers should assess whether securing or developing specific components could provide broader cross-sector economic and technological advantages that position the U.S. for future industrial leadership.
Researchers said the most immediate priority is securing digitally active control layers during the ongoing energy infrastructure buildout before architectural decisions become too deeply embedded to change efficiently. The paper emphasized distinguishing between lower-risk commodity hardware and higher-risk control components such as battery management systems, firmware, inverter logic, fleet orchestration software, and cloud-connected management platforms, which require stronger security controls because they create the greatest operational exposure.
The study also warned that many of the fastest-growing parts of the modern grid, including distributed and behind-the-meter systems, remain outside traditional cybersecurity oversight frameworks. Researchers called for coordinated action from government, utilities, hyperscalers, and industry to establish security baselines, strengthen procurement standards, and replace high-risk foreign-origin control components in critical infrastructure before deployment dependencies become harder and more expensive to reverse.
Researchers said medium-term resilience will require aligning U.S. trade, procurement, and industrial policy with a tiered risk framework that distinguishes between high-risk control layers and lower-risk commodity components within the electrotech stack. The paper warned that current policies often apply broad restrictions at the product level rather than focusing on the digitally active systems that create the greatest cybersecurity and operational risk.
The Electrotech Moneyball paper recommends concentrating strictest sourcing and domestic content requirements on Tier 1 control technologies such as battery management systems, power electronics, and grid-edge software, while allowing more flexible global sourcing for lower-risk commodity hardware. The study also called for coordinated industrial strategy, allied supply chain partnerships, long-term procurement commitments, and targeted investment in key technologies to reduce dependence on adversary-origin components while building domestic and allied manufacturing capacity in strategically important sectors.
In conclusion, the Electrotech Moneyball paper argued that the U.S. can meet the security demands of its generational energy buildout without sacrificing the speed and scale that buildout requires, but only through the kind of disciplined prioritization the electrotech stack has so far lacked.
The ‘Moneyball’ framework it proposes concentrates sourcing scrutiny, security investment, and industrial strategy on the digitally active control layers where systemic compromise would be most consequential, while preserving the managed global procurement that keeps commodity components deployable at necessary speed and cost.
“With the help of frameworks like this, the same forces currently stressing the grid can instead become the basis for structural advantage. The technical foundation for this transformation already exists: dynamic response models, operating agreements governing large load behavior, and cyber-informed engineering embedded at the design stage,” according to the authors. “A grid whose trust boundaries are architected to contain compromise, rather than assume it away, can confidently absorb gigawatt-scale loads without emergency orders or cascading instability, becoming a platform for accelerated AI deployment, advanced manufacturing, and strategically onshored industrial capacity. Reliability, in this framing, becomes the enabling condition for abundance.”
