SolarPower Europe argues in a new position paper that regulators and policymakers must develop a sector-specific strategy to tackle the growing threat of cyber attacks.
Solar energy Europe has published a series of recommendations in its latest version position paper to establish a harmonized baseline for cybersecurity in the solar energy sector in response to growing concerns about cyber attacks.
Recent modeling from the trade group suggests that digital flexibility solutions would save €32 billion ($34.9 billion) by 2030 and €160 billion by 2040. SolarPower Europe said that at current levels of solar penetration, the risk of cyber attacks remains limited. But it said future attacks could lead to data theft or manipulation, disrupt the operation of power plants and destabilize the electricity system.
“As a forward-looking sector – on its way to a majority share of the energy mix – the solar industry calls on regulators and policymakers that the EU approach translates into a sector-specific, harmonized baseline for cyber preparedness,” the report said. the position paper.
SolarPower Europe has urged plant operators to manage risks in line with NIS2, the EU’s cybersecurity legislation. It also proposed increasing the granularity of cybersecurity risk assessments, building on the Network Code for Cybersecurity, which requires grid operators to assess risks on the grids. The trade body called for strengthening cybersecurity at the product level through compliance with the Cyber Resilience Act and a dedicated standard for distributed energy resources.
SolarPower Europe also said that operational data from solar power plants must remain within the European Union or in jurisdictions with comparable levels of security, similar to the General Data Protection Regulation (GDPR). It called for mandatory best practices for large power plants and said the European Union or national governments should introduce a layer of security to oversee commands where aggregators and manufacturers coordinate centrally distributed energy resources such as inverters.
The position paper also urged small-scale PV users and installers to manage the cybersecurity of their devices by setting strong passwords and installing security updates.
Dries Acke, deputy CEO of SolarPower Europe, called the digitalization of the energy sector a ‘no-brainer’, but acknowledged that it will bring new challenges.
“Clear steps need to be taken on the lower voltage levels, including improving cyber risk assessments, setting a new EU product security standard for distributed energy resources and empowering consumers to manage the security of their devices. ” said Acke. “All centrally coordinated or managed devices, for example aggregated rooftop solar installations, must have an EU or nationally authorized monitoring layer.”
This content is copyrighted and may not be reused. If you would like to collaborate with us and reuse some of our content, please contact: editors@pv-magazine.com.