According to Ryan Davidson, Principal Engineer for Power Grid Cyber Security at DNV and lead author of the report, regulators and grid operators recognise the threat posed by cyberattacks on solar systems. The report has helped clarify the specific risks involved, offering a clearer picture for those tasked with managing them.
“Addressing this risk is complex, particularly because responsibility and liability are not clearly defined, especially when comparing smaller decentralised installations with larger, conventional assets,” Davidson told pv Europe.
Lithuania takes the lead on cybersecurity in solar
He noted that “the solar industry has realised it must act proactively rather than wait for regulation to improve security across the sector,” adding that trust in infrastructure reliability is essential for solar power to continue expanding its share in the energy mix.
Risk assessment to be incorporated into stricter regulations
Davidson also observes a growing awareness among EU regulators regarding the cybersecurity relevance of PV systems. This is driven by recent reports as well as the widespread power outage that occurred in Spain at the end of April.
Listen to our podcast: Online villains expose solar weak spots
As a next step, the European Commission has announced a risk assessment of the solar industry to be conducted later this year. Its findings are expected to inform future regulatory measures.
“Market access rules and cybersecurity rules are two different things”
In parallel, SolarPower Europe, DNV, and other stakeholders are collaborating on a best-practice guide to enhance solar infrastructure security. “We will continue working with policymakers to help establish a legal framework that enforces security standards across all relevant parts of the solar value chain,” said Davidson. (hcn)
