A third of Australian homes feature rooftop solar panels
ZSTOCKPHOTOS/ISTOCKPHOTO/GETTY IMAGES
Power grids across the globe face an increasing risk of cyberattacks, primarily due to the vulnerabilities inherent in home solar equipment.
With the rise of distributed energy resources like rooftop solar, grids are leaning more heavily on smart inverters that control connections to local power networks.
“While these technologies provide numerous advantages, they also bring forth new operational and cybersecurity hurdles,” says Sid Chau, a researcher at CSIRO, the Australian government’s research institute.
Smart inverters convert the direct current generated by solar panels into the alternating current required by electrical devices. They also optimize energy storage and enable remote monitoring via the Internet.
This web connectivity means that they not only jeopardize home solar installations but can also threaten larger power generation networks, warn Chau and his team.
The team has pinpointed various methods through which smart inverters can be compromised, including exploiting hardware and software vulnerabilities. Hackers can deceive users into granting excessive permissions on connected inverter applications or collaborate with manufacturers to embed malicious code directly into hardware.
Chau and his team modeled the threats stemming solely from Australian inverters, where roughly one-third of residences possess rooftop solar systems. This scenario mirrors certain power grids worldwide where civilian solar installations are becoming increasingly prevalent.
Although such attacks necessitate careful planning and coordination, researchers have discovered that a relatively small number of compromised solar smart inverters can create significant disruptions when vulnerabilities align.
Once a smart inverter is infiltrated, hackers can execute synchronized attacks targeting the broader power grid.
Of particular concern are assaults aimed at the frequency control of the power grid. In regions like Australia and Europe, the grid frequency must maintain around 50 HERTZ. Though safeguards exist, deviations can lead to cascading failures within the power system.
The risk is heightened further by the long lifespan of many inverters, often exceeding 15 years, which allows cybersecurity measures to quickly become outdated.
Chau emphasizes the need for improved monitoring of private inverters so that authorities can promptly address any suspicious activities that arise.
He also advocates for enhanced long-term support for inverter owners and regular compliance checks to guarantee adherence to cybersecurity and maintenance standards.
Zubair Baig from Deakin University in Melbourne stresses the importance of security validation for all imported inverters.
“Since these devices are often not produced domestically, there exists a risk that they might be configured with malware during manufacturing, leading to potential current fluctuations, permanent equipment damage, and even grid failure,” states Baig.
Ernest Foo from Griffith University in Brisbane highlights that Australia’s critical infrastructure is particularly susceptible to cyber threats due to its outdated design and components.
“The increasing integration of distributed solar energy heightens the likelihood of cyberattacks, especially with the evolving use of machine learning and AI,” he adds.
Topic:
Source: www.newscientist.com
