Undocumented Tech in Chinese Solar Inverters Raises Grid Security Concerns

Energy security issues have increased after U.S. energy experts discovered unreported communication equipment installed in some Chinese imported solar batteries and inverters. These are crucial in linking renewable power systems with national grids, and they were found to contain concealed cellular radios and communications modules that were not specified in official documentation. These modules create unmonitored avenues that could bypass firewalls, which might cause remote access, interference, or shut-downs.

Solar inverters and batteries are ubiquitous in clean energy infrastructure and predominantly manufactured in China. Their extensive application has made it easier to accelerate the integration of renewable energy, but the new discovery has sounded the alarm on the cybersecurity threat. The remote maintenance features of the inverters, originally intended to maximize efficiency and ease upkeep, are now under scrutiny as potential hidden portals into the power grid. The weaknesses may jeopardize grid stability and damage critical infrastructure, increasing the likelihood of blackouts, analysts believe.

The investigation into the hidden communication elements was conducted by U.S. officials who filter imported equipment for cybersecurity risks. While the finding is significant, there has been no official announcement by the U.S. government on the makers included or how many devices were affected. The U.S. Department of Energy (DOE) has acknowledged that even when some of these behaviors are not malicious, complete transparency is necessary on the energy buyers' side. The department is pushing in the direction of more disclosure practices, like initiating a "Software Bill of Materials" covering all of the software components included within an item.

This is against the background of growing tensions between China and the U.S., especially in terms of Chinese-made components controlling global renewable energy systems. Inverters, batteries, heat pumps, and electric vehicle charging points made by Chinese companies have penetrated deeply into Western energy systems. It is being increasingly considered a strategic vulnerability that this dependence is so high. As part of broader energy security strategies, there are several bills ongoing in the U.S. to reduce dependence on Chinese suppliers.

One of these bills, the Decoupling from Foreign Adversarial Battery Dependence Act, seeks to prohibit the U.S. Department of Homeland Security from purchasing batteries from Chinese companies such as CATL, BYD, and Gotion High-tech. Utility companies such as Florida Power & Light are also working relentlessly to move away from inverters from China and are exploring safer, locally sourced alternatives. However, the transition is made complex by Chinese dominance in the market. Huawei led the world inverter market in 2022, holding a 29% market share, followed by other Chinese players like Sungrow and Ginlong Solis.

Huawei officially pulled out of the US inverter market in 2019, but its gear remains omnipresent in Europe and elsewhere. European power networks are extremely exposed, with more than 200 gigawatts of solar capacity reliant on Chinese inverters, equivalent to the power produced by more than 200 nuclear reactors. The security risk to such dependence is now being debated across all European institutions.

In 2024, a serious incident took place when solar inverters in some countries were remotely shut down, the reason purported to be a battle between China's Deye and US company Sol-Ark. While details about the event are still scanty, it put into perspective the true risk created by remote control vulnerability in solar systems. Some countries have already reacted accordingly. Lithuania and Estonia have suggested or are legislating against remote Chinese access to strategic infrastructure. The U.K. is also now considering the use of Chinese renewable technology within domestic infrastructure.

Cybersecurity experts caution that even small residential solar installations, including rooftop panels, could be potential backdoors into the larger grid. As distributed energy systems grow, each point of connection is a potential vulnerability. Experts contend that maintaining grid security requires end-to-end control and visibility of technologies being rolled out, particularly those that form the foundation of energy infrastructure.

As energy security and independence become a growing priority worldwide, Western governments and industries face mounting pressure to reduce strategic reliance on international technology, especially from geopolitical rivals. The call for regional alternatives, improved regulation, and open supply chains is getting louder as nations seek to safeguard their critical infrastructure in an ever-more integrated and digitalised energy system.

Source/Credits:
Reuters