By certifying its products according to ETSI EN 303 645, SMA is proactively exceeding legal requirements. The move enhances data protection and cybersecurity for both homeowners and businesses.
In addition to implementing the upcoming requirements of the Radio Equipment Directive (EN 18031), which takes effect on 1 August 2025, SMA is also integrating extended security standards across its product portfolio for home and business solutions.
“Anyone investing in a PV system wants to be well prepared for the long term, including in terms of IT security,” said Marek Seeger, Information Security Manager at SMA. “It’s worth taking a closer look at the security features, as modern protection mechanisms offer both safety and peace of mind in everyday use.”
Solar Investors Guide #7: Online villains expose solar weak spots
“IT security and data protection are fundamental components of our system solutions. With the additional certification, we are actively protecting our customers against cyberattacks and hacking.”
Overview of ETSI EN 303 645 requirements
- Security by default: Devices are securely preconfigured and require no additional setup.
- Secure authentication: Appropriate security mechanisms protect against unauthorised access.
- Update management: Regular, automated and secure software updates address known vulnerabilities.
- Communication security: Encrypted data transmission prevents unauthorised external access.
- Data protection: Only essential data is securely collected and processed.
- Reduced attack surface: Potential attack vectors are minimised.
- Secure operation: Systems are designed to prevent insecure operating states.
SolarPower Europe pushes for sector-specific cybersecurity rules
Security at SMA goes beyond individual devices and includes seamless integration into the SMA Cloud, which is protected by ISO/IEC 27001 certification for information security management systems. (hcn)
