Assessing the Risk of Solar Inverters to the U.S. Electrical Grid

Last month, Ridge Global LLC released a report titled “Potential Electric Grid Vulnerability from Cyber Enabled Foreign Actors: A Risk Assessment Study of Solar Inverter Technology,” detailing critical vulnerabilities in the U.S. electric grid. In particular, the report centers on the concerns of photovoltaic inverters, whose use could significantly increase in the coming years. It provides suggestions on certain technologies that would mitigate vulnerabilities in these technologies to enhance the security of the existing U.S. electric grid.

This timely report comes at a crucial phase when the U.S. is expected to undergo a dramatic surge in the predominance of Internet of Things (IoT) technologies, as well as alternative sources of energy such as wind and solar, which present serious vulnerabilities related to the energy grid. Economic costs from a potential electrical blackout in the U.S. would be catastrophic. According to a 2015 report by Lloyds of London and the University of Cambridge, economic losses in the event of a blackout to certain electricity generators in the Northeast could amount to $243 billion with the potential to exceed $1 trillion.

Moreover, the report notes the following issues have greatly placed the U.S. electric grid in extreme danger:

“[1] Most inverters are produced by foreign or foreign-owned companies, such as Chinese company Huawei, largest manufacturer of inverters.

[2] There are no universal standards assuring the integrity of inverters regardless of where they are manufactured.

[3] Increasing number of inverters are monitored to enable better control of the power flow to and from the grid, providing added vulnerability to hackers or a foreign aggressor.”

To resolve these crucial issues, Ridge Global LLC provides 12 recommendations for both the public and private sector to better safeguard the U.S. electricity grid. Foremost among the recommendations is the active monitoring of the supply chain for inverters to safeguard against the tampering of these devices situated at key nodes in the U.S. electricity grid. Other notable policy recommendations include: The Federal, State, and private sector coordination to integrate holistic compliance requirement standards; government investment in, and incentivization of, cybersecurity best practices; installation of intrusion detection system near photovoltaic inverters; passive random inspection of actor command and control; and random inspections of imported inverter shipments aimed at identifying any modification not included in the circuit’s original design.

For more information on cybersecurity issues related to infrastructure protection, please visit the HSDL Featured Topic on Cyber Infrastructure Protection.

Need help finding something?  Ask one of our librarians for assistance!