India Tightens Solar Cybersecurity With New Inverter Regulations
India has implemented new regulations requiring government reporting for inverters and find my device sites, including solar-powered highway infrastructure. This move follows concerns raised by cybersecurity experts and investigations in the United States.
The warning from India covers solar-powered highway infrastructure such as chargers, roadside weather stations, and traffic cameras. Uri Sadot, a cybersecurity expert, has stated that original equipment manufacturers do not need rogue devices to remotely control large amounts of PV capacity.
Recent investigations by the US Department of Transportation and the USCIS have revealed potentially illegal communication devices hidden in solar PV inverters in the USA. However, the search results did not specify the names of the inverter manufacturers involved. In response, Europe is conducting an accelerated PV risk assessment for cybersecurity. Reuters reported in May that unexplained communication devices were found in some Chinese-made inverters in the United States. US officials have advised scanning for rogue devices in batteries and inverters, with the US Department of Transportation's FHA warning about hidden cellular radios found in foreign-made inverters and batteries used in PV highway infrastructure. Cybersecurity expert Uri Sadot finds the warning frustratingly vague and lacking clear direction on suspect equipment.
China has implemented severe limitations on foreign parties installing remotely controllable distributed energy resources onto its grid, including PV inverters. SolarPower Europe has urged the European Union to implement strict cybersecurity regulations for solar infrastructure.
India's new regulations aim to enhance cybersecurity in solar-powered infrastructure. Following investigations and warnings in the US, Europe is accelerating its own risk assessment. The global solar industry is urged to strengthen cybersecurity measures to protect against potential threats.
