Unexplained communication devices have been found inside some Chinese-made inverter devices, according to a Reuters report.
The news agency claims US energy officials are reassessing the risk posed by Chinese-made devices according to two unnamed sources. This follows discovery of rogue communication devices not listed in product documents in some Chinese solar inverters, according to Reuters. The number of devices investigated was also not disclosed. Reuters also claimed one source revealed undocumented communication devices had been found in some batteries from multiple Chinese suppliers.
The devices could provide additional, undocumented communication channels that could allow firewalls to be circumvented, according to Reuters.
pv magazine cannot verify this information.
The European Solar Manufacturing Council (ESMC), which represents the interests of European manufacturers described the report of hidden devices as “very concerning” and the association has urged the European Commission to develop and deploy a “toolbox” for inverter security.
Reuters’ revelation comes as discussion around cybersecurity and electricity infrastructure heats up in the European Union. SolarPower Europe released a new report on April 29 which identified smart inverters as a vulnerable gateway for cyberattacks. Written by cybersecurity services provider DNV, the report claims a targeted compromise of 3 GW of generation capacity could have significant implications for Europe’s power grid. The report claims that while EU legislation such as the Cyber Resilience Act, NIS2 Directive, and the Network Code for Cybersecurity (NCCS) “mitigate some of the risk”, more action is required to mitigate the cybersecurity risks.
A spokesperson from the Chinese embassy in Washington quoted by Reuters said: “We oppose the generalization of the concept of national security, distorting and smearing China's infrastructure achievements.”
This content is protected by copyright and may not be reused. If you want to cooperate with us and would like to reuse some of our content, please contact: editors@pv-magazine.com.
Unnamed US officials, huh? Is this like the hype around USB cables where it turns out a base form of a mid manufacturing product is used for expensive and inexpensive products? Where “could be used to…” is often without a demonstration of things ACTUALLY being used to do something nefarious? Name yourself if you want credibility. Then show the work where something you suggest is inappropriate can be made to do something we don’t want – and do it without modifying the original thing. Frankly, I trust Chinese made well before I trust US made.
Easy solution and only sensible thing to do is manufacture our own products and eu countries as well. It’d bankrupt China and secure the threat they pose.
Such communication modules could be useful if utility operators would agree on a communication protocol. Smart microgrids could optimize grid power balancing with dynamic pricing, incentivizing systems to move energy from storage to grid, or grid to storage. It would be especially useful for V2G enabled systems, smart storage devices, and grid tied residential solar. I know such topics have been in discussion, there have been a number of papers on the subject. The physical layer of power line protocols and limited regional deployment of rudimentary systems exist. I’m not privy to the standards being worked on, but it isn’t unusual for manufacturers involved in such standards to bake in some forward looking technologies if they think there’s a reasonable chance a protocol compatible with their technology will be adopted. In fact it’s rather common in consumer technologies such as WIFi. It can lead to a significant competitive advantage. I would image that security for a smart grid protocol would be rather contentious. Not because of the risks, but because there a lot of IP in security protocols, it’s like a lottery ticket but with much better odds of winning (not to throw shade on the importance of grid security, but these battles are usually more political than technical).
Which brands of solar inverters are compromised by this? I would like to know since almost all solar inverters are made in China now, and our company uses solar inverters extensively.
Quotes in this article seem to only trigger results for this Reuter’s story. An unlikely source of fake news, but it looks very suspicious.
Michigan’s Mike Rogers has a quote that seems to show up nowhere else.