The University of Arkansas, in collaboration with multiple researchers and industry partners, is leading a groundbreaking effort to enhance cybersecurity measures in solar inverters. This initiative comes in response to the growing risks and challenges associated with the increased deployment of solar systems in the energy grid.
In the past, solar systems were not as widely deployed, and the inverters connecting them to the grid were not as sophisticated or connected to wider networks. However, as more solar panels are installed and inverters become more advanced, the potential risks of cyber-attacks have also increased. Solar inverters play a crucial role in converting the direct current generated by solar panels into alternating current for use in households and the grid, making them a prime target for cyber threats.
The project initiated by the University of Arkansas, with funding from the U.S. Department of Energy’s Solar Energy Technologies Office (SETO), aims to develop custom-designed controls with multiple layers of cybersecurity protocols to enhance the resilience of solar inverters. This effort involves a collaborative approach, with researchers from various universities, laboratories, and industry partners working together to dismantle conventional commercial inverters and integrate custom-designed controls infused with cybersecurity measures.
To test the effectiveness of these new cybersecurity protocols, the University of Arkansas group conducted real-world testing on modified inverters at solar farms. The collaborative partners for this project include institutions such as the University of Georgia, Texas A&M Kingsville, University of Illinois Chicago, Argonne National Laboratory, National Renewable Energy Laboratory, General Electric Research, Ozarks Electric, and Today’s Power Inc. By fortifying the cybersecurity measures of solar inverters, these groups are not only ensuring the security of renewable energy technologies but also contributing to the overall safety of the energy grid.
With the increasing digitization and connectivity of electric grids, securing these systems has become a top priority for the U.S. Department of Energy. Cyber-attacks on operating technology (OT) devices such as solar inverters can have physical implications, including power interruptions and potential fires. In a notable incident in March 2019, hackers breached a utility’s web portal firewall, causing disruptions to grid operations for 10 hours.
To address these cybersecurity challenges, the DOE’s Solar Energy Technologies Office has developed a roadmap for Photovoltaic Cybersecurity and supports ongoing efforts in Distributed Energy Resources (DER) cybersecurity standards. The agency also participates in the Department of Energy’s broader cybersecurity research activities to ensure the security and integration of solar power systems and distributed energy resources into the electric grid.
Recommendations from the Solar Energy Technologies Office stress the implementation of a dynamic survival strategy based on defense-in-depth measures to secure individual components and entire systems. This strategy includes installing anti-virus software on DER systems, maintaining virus protection on firewalls, and adopting stringent cybersecurity measures across the grid operation systems.
While the implementation of these cybersecurity measures can be complex, the importance of fortifying the resilience of solar inverters and energy systems against potential cyber-attacks cannot be understated. With collaborative efforts like the University of Arkansas Solar Inverter Cybersecurity Initiative, researchers and industry partners are working towards a safer and more secure energy landscape for the future.