Can You Hack the Grid Using an Inverter?

Maybe. But you’d be better off using a laptop. And no, Huawei inverters aren’t going to cause a blackout.

For full article, visit PV Magazine USA

by Christian Roselund

On Monday, 11 U.S. senators sent a letter to Homeland Security Secretary Kirstjen Nielsen, calling on her to “consider a ban on the use of Huawei inverters in the United States”. These senators expressed concern over both large-scale PV plants and distributed, rooftop systems, without giving exact details regarding the nature of the threat posed.

We weren’t sure what to make of this proposed ban. Huawei has been blocked from the telecom market and specifically from participating in the 5G network in several Western nations over concerns that its equipment could be used for espionage, but inverters play a different role than telecommunications products. Furthermore, members of the legislative body that takes its name from the Latin for “old men” are often not the best at keeping up to date with technology (“series of tubes”, anyone?), and making good assessments in this realm.

But whether or not these senators – most of whom hail from the Republican Party – have a valid concern comes down to this question: could an inverter maker use its products to launch cyberattacks on the grid, or cause blackouts?

We contacted Tom Tansy, the chair of the SunSpec Alliance, and asked his opinion to help determine whether there is a technical basis for this concern, or whether this is paranoia and xenophobia talking.

The “kill switch”

The biggest concern in terms of using inverters to hack into systems involves the danger that all of these devices could all be shut down at once, causing blackouts. This is similar to the danger that was posed to Germany under the “50.2 Hz problem” and subsequent mass inverter retrofit starting in 2012, but focused on the potential for malignant intent by one manufacturer.

Tansy notes that it is possible to remotely control an inverter, including throttling its power, or limiting and steering real power. And if you could control one inverter, you could control a number of them.

Here it is important to remember that in 2018, solar only provided 2.4% of the electricity in the United States, with distributed solar (plants smaller than 1 MW), representing less than 1/3 of that, or 0.7% of all power. And although it is true that some states like California get a much higher share of their power from solar, and that we are planning for a future with a higher portion of solar and wind on the grid, any inverter maker has only a small part of the total systems online at any one time.

So even if one inverter maker, working on behalf of a foreign government, did shut off all of their inverters, it would be hard to have a big effect. This is particularly true if they were most active in rooftop solar markets.

Tansy says that if a foreign government or terrorist group did want to take down the grid, it would be much more effective to target large, centralized generators like coal or nuclear power plants, and not distributed solar.

Hacking the grid?

Which brings us to our next question: could inverters be used to hack the electric grid, and take down a big power plant? Tansy notes that the world’s power systems are all networked and didn’t rule out this threat, but again context is critical.

“The far more likely scenario, rather than using a solar system as your vector to try to get to a critical facility, like a nuclear power plant, would be to use your handheld iPhone or laptop or come over a common internet connection,” Tansy told pv magazine.

He also says that this would be much easier to do from an inverter accompanying a utility-scale plant than anything on the distribution grid, which is “pretty far away from the central generators, and physically isolated”.

Furthermore, if in a theoretical scenario a hacker could take a large power plant offline, this wouldn’t necessarily cause a blackout. Large power plants go offline without warning all the time, such as when the Pilgrim nuclear power plant in Massachusetts had to be take off during the January 2018 “bomb cyclone” storm. In this case as in others, other forms of generation filled in.

For full article, visit PV Magazine USA

Recent Posts

Latest news from our blog

Sunspec Webinar: SunSpec CSIP 3.0 Webinar

SunSpec CSIP 3.0 Webinar Recap SunSpec leadership provided an in-depth look at the history, current activities, and future developments of the Common Smart Inverter Profile (CSIP). They explained that CSIP originated from a 2017 ruling by the California Public Utility...

SecureG & SunSpec Present 2030.5 PKI Rollout Updates

SunSpec Alliance and SecureG Webinar Announcement: 2030.5 PKI Rollout Updates: Recap The SunSpec & SecureG 2030.5 PKI webinar focused on the rollout and updates of the SunSpec Public Key Infrastructure (PKI). SunSpec Chairman, Tom Tansy, provided an overview of...

SunSpec Alliance is the information standards and certification organization for the Distributed Energy Resource (DER) industry. SunSpec communication standards address operational requirements of solar and energy storage on the smart grid.

Powered By MemberPress WooCommerce Plus Integration