Newsletter

Quieres recibir nuestras novedades

GALERIA
Archivo Canva

SolarPower Europe outlines cybersecurity roadmap for solar PV industry


SolarPower Europe has unveiled a set of recommendations aimed at establishing a harmonized cybersecurity framework for solar photovoltaic (PV) systems. As the energy sector becomes increasingly digitalized, it opens up significant opportunities for improving power plant efficiency and the management of decentralized energy resources. However, this digital transformation also introduces new cybersecurity risks that need to be addressed.

The digitalization of the energy sector is not only inevitable but also beneficial. According to recent modeling, digital flexibility solutions could save the energy system €32 billion by 2030 and a staggering €160 billion by 2040. Despite these economic benefits, the rise of digital technology in the energy sector parallels the emergence of new cybersecurity challenges. Cyberattacks pose threats such as data theft, operational disruptions, and potential destabilization of the electricity grid.

Dries Acke, Deputy CEO of SolarPower Europe, emphasized the importance of cybersecurity in the evolving energy landscape: "The digitalization of the energy sector is a no-brainer. It increases power plant efficiency and allows for better managing of distributed energy to match demand and grid capacity. However, like technological revolutions before, it also comes with new challenges, like cybersecurity."

Currently, the risk of significant cyberattacks on Europe's grid through solar plants is limited, with no known incidents reported. Many solar companies already implement robust security measures to protect against cyber threats. Additionally, the EU has adopted leading cybersecurity and data protection policies, such as the updated Network and Information Security Directive (NIS2) and the Cyber Resilience Act (CRA). Despite these measures, the solar industry seeks further sector-specific guidelines to ensure a harmonized cyber-preparedness baseline.

Key recommendations

SolarPower Europe has proposed several key recommendations to enhance cybersecurity in the solar sector:

1. Enhanced governance and risk visibility: SolarPower Europe calls for clearer governance requirements in the implementation of NIS2 and increased visibility of cyber risks on low-voltage grids. Empowering PV plant operators to manage risks, requiring detailed documentation, and conducting risk-based audits are essential steps to close security gaps.

2. Product-level cybersecurity reinforcement: The organization suggests higher compliance requirements for products that significantly impact grid stability under the Cyber Resilience Act. Developing a dedicated standard for distributed energy resources will ensure these products meet rigorous cybersecurity standards.

3. Operational cybersecurity for power plants: SolarPower Europe advocates for stringent cybersecurity measures for the operation of PV power plants. Operational data should remain within the EU or jurisdictions with equivalent security levels, and a security layer should monitor commands for distributed energy resources.

4. User and installer education: For small-scale PV installations, users and installers must be educated on cybersecurity best practices. This includes setting strong passwords, installing security updates, and understanding the cybersecurity risks associated with internet-connected PV systems.

The organization's position paper outlines a clear path forward to strengthen cybersecurity across the solar sector. As the industry continues to grow and digitalize, these measures will be crucial in maintaining the security and stability of Europe's energy grid.

Comentarios

  • Sé el primero en comentar...


Deja tu comentario