https://www.engineeringnews.co.za
Africa|Business|Contractor|Energy|Financial|Installation|Manufacturing|Power|Renewable Energy|Renewable-Energy|Safety|SECURITY|Solar|Storage|supply-chain|System|Systems|Technology|Testing|Equipment|Manufacturing |Products
Africa|Business|Contractor|Energy|Financial|Installation|Manufacturing|Power|Renewable Energy|Renewable-Energy|Safety|SECURITY|Solar|Storage|supply-chain|System|Systems|Technology|Testing|Equipment|Manufacturing |Products
africa|business|contractor|energy|financial|installation|manufacturing|power|renewable-energy|renewable-energy-company|safety|security|solar|storage|supply chain|system|systems|technology|testing|equipment|manufacturing-industry-term|products

Cybersecurity crucial for companies embracing solar

An image of solar panels on a roof

FUTURE CONSIDERATIONS Companies must carefully consider future regulatory changes when investing in solar systems

6th September 2024

By: Nadine Ramdass

Creamer Media Writer

     

Font size: - +

As more companies integrate solar energy systems to meet their power needs, it is essential that they invest in cyber-secure technologies to protect against cyberthreats and ensure continuous power, says.solar technology specialists SolarEdge Technologies cybersecurity programme director Uri Sadot.

The integration of solar energy systems, specifically unsecured inverters, can expose companies to cybersecurity vulnerabilities such as ransomware attacks, data breaches and remote control by cybercriminals.

South Africa’s unique market conditions have driven many businesses towards energy independence by installing solar systems, says SolarEdge Technologies Middle East and Africa GM Laurence Lipjes.

Lipjes explains that owing to cost constraints, many people tend to choose cheaper systems that, in his view, may lack adequate cybersecurity protections or traceability. He believes that although these lower-cost options might seem appealing at first, they often “do not hold up”, potentially failing within two to three years and resulting in higher expenses over time.

Further, insecure solar systems can become a doorway for cybercriminals to infiltrate a company's financial or procurement systems, potentially accessing sensitive bank account information, he explains.

Sadot explains that the most cyber-sensitive component of a solar system is the inverter – the "brain" of the system that communicates with the Internet. Ensuring the security of this single component can drastically reduce the risk of cyberattacks on solar systems.

While high-quality, secure solar systems might slightly increase upfront costs, both Sadot and Lipjes argue that the long-term benefits far outweigh the expense.

Four Pillars of Protection
To ensure the highest levels of safety and reliability, SolarEdge employs a four-pillar strategy in its inverters. These include protecting the device, securing data, implementing network safeguards and ensuring visibility and control.

To that end, SolarEdge’s devices adhere to industry best practices for security. This includes rigorous testing and the integration of safety measures directly within the manufacturing process, ensuring that the devices are resilient against potential threats.

Recognising the sensitivity of energy data, SolarEdge protects energy usage patterns information, as it could reveal private details about users. It also takes steps to safeguard this data by using encryption, managing data storage in European facilities compliant with General Data Protection Regulation standards, and continuously monitoring for anomalies.

Sadot explains that SolarEdge prioritises ensuring that its systems integrate securely with customer networks. Whether connecting with electric vehicle (EV) chargers, batteries, or other devices, SolarEdge is transparent in how its systems interface with these networks, prioritising security at every connection point.

It also provides real-time data on system performance and alerts users to any suspicious activity. This ensures that security teams are always informed and able to act swiftly in the event of irregular behaviour, such as overheating or continuous system restarts.

Further, Sadot explains that SolarEdge places a strong emphasis on securing its supply chain. Consequently, the company has a vetting process for component vendors, and it manufactures some of its own microchips, which ensures no "backdoor vulnerabilities" are on the chip. 

Additionally, SolarEdge partners with cybersecurity firms to respond effectively should a breach occur, preparing leadership through regular drills and ensuring that they are ready for any incident.

“Cybersecurity is a quality, not just a set of features,” says Sadot, warning that low-cost alternatives often lack critical safeguards.

Regulatory Concerns
Sadot emphasises the need for regulators to understand the cybersecurity risks associated with low-cost, insecure solar systems and subsequently introduce regulations that help to safeguard users. Theoretically speaking, if a large number of inverters were to malfunction by accident, or by a coordinated and malicious cyber-attack, the disturbance would easily be large enough to impact the entire South African grid for a prolonged period, he says.

Lipjes adds that South Africa is “behind the curve” in implementing regulations both in terms of safety and cybersecurity in PV systems. He explains that the country’s demand for PV systems has often been viewed as short-term solution to loadshedding, which has resulted in lack of regulation.

This lack of regulation has resulted in a flood of substandard products entering the market, raising concerns about the long-term sustainability and safety of these installations.

As more emphasis is put on ensuring long-term energy independence and renewable-energy integration, Lipjes calls for higher standards in installation practices and system requirements.

Sadot urges companies investing in solar systems to carefully consider future regulatory changes, as the costs and complexities associated with retroactive compliance could become substantial.

He explains that regulatory frameworks are likely to evolve within the next five to ten years, potentially dictating what can and cannot be connected to the national grid.

“Just as all traditional power plants fall under strict cybersecurity regulation, it is inevitable that solar inverters will account for large enough share of the energy on the grid, to warrant dedicated regulation.”

Therefore, the risk of having to remove and replace equipment owing to new regulations is a significant concern that business owners should start addressing now.

Customer Considerations
Sadot urges consumers to take an active role in their solar energy system purchases to ensure cybersecurity. In today's market, decisions about which solar panels, inverters and batteries to use are often made by the installer or contractor, leaving customers with a packaged solution, he explains.

He encourages end-users to ask three critical questions to protect themselves.

End-users must gain clarity on whether anyone can remotely access or control their solar system, such as sending software updates or restarting the system. Consumers should also inquire about where their energy data is being stored and how securely it is protected.

Further, end-users should ask what measures the inverter manufacturer has taken to ensure cybersecurity. This includes inquiring about standards, procedures and any technical documentation that demonstrates their commitment to protecting the system from cyberthreats.

Edited by Nadine James
Features Deputy Editor

Comments

Showroom

John Thompson
John Thompson

John Thompson, the leader in energy and environmental solutions through value engineering and innovation, provides the following: design, engineer,...

VISIT SHOWROOM 
Environmental Assurance (Pty) Ltd.
Environmental Assurance (Pty) Ltd.

ENVASS is a customer and solutions-driven environmental consultancy with established divisions, serviced by highly qualified and experienced...

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Photo of Martin Creamer
On-The-Air (04/10/2024)
4th October 2024 By: Martin Creamer
Magazine round up | 04 October 2024
Magazine round up | 04 October 2024
4th October 2024

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.113 0.168s - 213pq - 2rq
Subscribe Now