European solar-panel lobby calls to restrict remote access of PV inverters from high-risk vendors, urges EU to ban inverters from China
European solar-panel lobby calls to restrict remote access of PV inverters from high-risk vendors, urges EU to ban inverters from China
While photovoltaics (PV) play an increasingly central role in Europe’s clean energy transition and energy independence, a hidden vulnerability threatens this progress: the software-based remote access to inverters, the critical “brains” of any PV system.
“Today, over 200 GW of European PV capacity is already linked to inverters manufactured in China – the equivalent of more than 200 nuclear power plants,” said Christoph Podewils, the European Solar Manufacturing Council (ESMC) Secretary General.
“This means Europe has effectively surrendered remote control of a vast portion of its electricity infrastructure.”
[...]
Further concerns include:
- 70% of all inverters installed in 2023 came from Chinese vendors, mainly Huawei and SunGrow.
- These two companies alone already control remote access to 168 GW of PV capacity in Europe (DNV Report, p. 40), by 2030, this figure is projected to exceed 400 GW – comparable to the output of 150–200 nuclear power plants.
- One of these vendors [China's Huawei] is already banned from the 5G sector in many countries and is currently under investigation in Belgium for bribery and corruption.
[...]
In light of these findings, the ESMC calls for the immediate development of an EU “Inverter Security Toolbox”, modeled after the successful 5G Security Toolbox. This would involve:
- A comprehensive risk assessment of inverter manufacturers.
- A requirement that high-risk vendors must not be permitted to maintain an online connection to European electricity systems.
- Consideration of outright bans for such vendors from connecting to the grid.
- A replication of Lithuania’s proactive legislation – banning inverters from China – across all EU Member States – ensuring security measures apply to PV systems of all sizes.
Here's an idea: instead, ban devices that do not function without an internet connection. Devices are not "smart" when you have no sovereignty over them.
Absolutely this. I have limited experience with the whole home automation market, but I find the Shelly model to be perfect: Local access via BLE or LAN ist always enabled out of the box, cloud (run by Shelly) requires a checkbox to be activated.
Just to play devil's advocate. There was recently an unverified report that some inverters contained an undocumented cellular modem. If true, it could, in theory, allow for remote modification or control, even when fully "offline" as far as the client was concerned. Basically a mobile phone based back door.
The solution is better verification, rather than bans however. Grid scale devices should have the hardware randomly audited. The software should also be audited and check summed. This would be burdensome at domestic levels, but seems reasonable at grid levels.
high-risk, non-European manufacturers – most notably from China.
We want nobody to buy these devices directly from china!
Because we want you to buy these chinese devices from us! With our beautiful stickers on the hood!!
This is rubbish. There are several European producers of solar inverters.
Yep, and I paid the premium for a Fronius one and so far, apart from their customer service being clearly oriented towards the chain "customer -> installer -> Fronius" I am pretty happy with it.
They are staying on top of things with their software updates, provide proper changelogs and API documentation and features like emergency offgrid power have improved over the period of my ownership. It was okay with a switchover time of about 60 seconds of no power from and to the grid when I bought the thing, and the last time emergency power triggered, the switchover to local took only about 12 seconds and switching back was seamless with my UPSes not even triggering. I would recommend them.
This is rubbish.
This is dust.
This is about European producers not having a chance against producers on the market, first and foremost. "Security" is just a fig-leaf excuse.
It is so easy to make a device not phone home.
I mean, it sounds to me that the biggest problem is not having the experience to manufacture and modify electronics readily throughout Europe so we have to treat them all as take or give. I don't mean in the sense of being able to retrofit foreign PV inverters, I mean in regards to being able to accurately define and even potentially disable the threat.
One of the ways this used to be done was with the development and enforcement of standards within markets, why isn't this being done instead of outright bans? Seems like it's more about companies lobbying against economic threats instead of actually enforcing industry wide standards, although I'm also curious if and how much of this concern has to do with the recent Spanish blackout. The biggest problem with Chinese tech is that they are sold as the alternative to get around excessive proprietary BS pricing only for them to pull even worse proprietary BS shenanigans.
The biggest problem with Chinese tech is that they are sold as the alternative to get around excessive proprietary BS pricing only for them to pull even worse proprietary BS shenanigans.
The biggest problem with Chinese tech is the threat of blackmail, very much the same as Russia has done in the past with oil and gas.