Does Digitalization of Solar PV Lead to Increased Cybersecurity Demands?

Does Digitalization of Solar PV Lead to Increased Cybersecurity Demands?

Cybersecurity may easily go under the radar, just as a hacker can sneak through networks and information undetected. The recorded examples of cyberattacks on the energy system aren't long, and the number of cases against solar assets is significantly less. However, this does not imply that the danger is insignificant. In 2015, Ukraine experienced what is widely regarded as the first cyberattack on a power infrastructure. It is also regarded as one of the most spectacular cyberattacks in the oil sector. The attack knocked down 30 substations and triggered a six-hour-long power outage.

The solar sector is becoming more digital, with operations being automated and components becoming smarter. And if there is a growth in digital technology, hacks are seldom far behind.

As a result of decarbonisation and decentralisation activities, solar is becoming an increasingly appealing target for hackers.

Small and medium-sized solar systems, in particular, are at risk, with >1MWp plants typically integrated, linked, and maintained in a professional manner that incorporates all required safety precautions.

Hackers can cause a problem in a PV system by launching cyberattacks on the inverter controls and monitoring system. This is a vulnerability that can and has been used to attack the power system, demonstrating how the enormous number of PV units in the power system - including rooftop solar - implies that there are numerous attack sites, emphasizing the necessity of cybersecurity at the inverter level.

Keeping cybersecurity measures up to date is therefore critical for solar installers and operators, especially given the 15-20-year lifespan of a solar farm, which means that cybersecurity will need to evolve as the farms age, with up-to-date measures helping operators to remain ahead of hackers.

However, a lack of cybersecurity understanding might make this challenging. Cyberattacks on renewable energy assets are underreported because they are simpler to conceal than in other industries.

The majority of cyberattacks result in data breaches, such as the April 2019 hack on EDP. When third-party data is disclosed, it must be notified to the authorities in the nation where it occurred, and an alert must be given to the persons whose data was stolen.

Due to the lack of third-party data, assaults on renewables assets are more likely to be business disruption attacks, which are private and internal. As a result, asset owners frequently have no motive to publicize an assault. Furthermore, disclosing information about such an assault may harm the image of both the firm and, perhaps, the industry as a whole, forcing some asset owners to remain silent.

One hack on a solar farm that did make news, though, was on US solar operator sPower in 2019. It did not cause any blackouts, and sPower, which owns and runs over 150 renewable generators in the United States and just completed funding for the 620MWdc Spotsylvania Solar Energy Center, its largest project to far, has been unusually quiet about the issue.

Visit our website to know more:

For more information and group participation, contact us: [email protected]

Leadvent Group - Industry Leading Events for Business Leaders! | [email protected]