Security experts emphasize the importance of documenting events and actions when it comes to ensuring the security of solar Distributed Energy Resources (DERs). Customers are advised to configure event logs to capture data that may be needed in the event of a security incident. Event logs from inverters provide crucial information that can assist security teams in analyzing unexpected events. This includes recording all user authentication attempts along with the corresponding identities, changes to inverter configuration settings and the identities of those who made them, creation or deletion of user accounts, records of software and firmware updates whether they were done manually or automatically, all communication operations such as loss of connectivity or connections to a network, and actions performed directly through the inverter’s control panel.
In addition to documentation, experts also stress the need to protect communication connections for solar DERs. This can be achieved through measures such as dedicated mobile connections for inverters and power providers, as well as regular software and firmware updates. System backups should also be created and regularly checked for integrity. Other measures include disabling unnecessary functions, removing unused devices, and conducting penetration tests. Security practices like isolating the inverter from other networks and avoiding local backups further enhance protection, according to the experts.
By taking these proactive steps, customers can better safeguard their solar DERs from potential security threats. It is crucial to stay vigilant and implement these security measures to ensure the continued safe and effective operation of solar energy systems. As technology continues to advance, it is important for individuals and organizations to stay informed and proactive in protecting their assets and data from cyber threats.