yes

yes
Log Out

Security Design Architecture Review: Solar Inverters

Email Favourate

EPRI 3420 Hillview Avenue, Palo Alto, California 94304 800-313-3774
© Electric Power Research Institute, Inc. 2001-2024. All Rights Reserved
TOGETHER…SHAPING THE FUTURE OF ENERGY®
PRODUCT:3002029720
PROJECT ID:01-119495
DATE: Apr 2025

Security Design Architecture Review: Solar Inverters

PRODUCT:3002029720
PROJECT ID:01-119495
DATE: Apr 2025
Security Design Architecture: Solar Inverters

Project Highlights

  • Assess the security risk of renewables inverters.
  • Evaluate communications protocols and data flows, including sources and destinations.
  • Develop standardized reference architecture and security assessment.
  • Improve supply chain risk evaluation and mitigation for informed decision making.

Background, Objectives, and New Learnings

As inverter-based renewable power generation increases, ensuring system reliability involves evaluating supply chain security risks of inverters and mitigating potential risks associated with equipment sourced from a growing international marketplace.  Manufacturers, vendors, and integrators must develop and install components to meet supply chain security and functional requirements. Data communications flows, especially those that are not known or authorized by the end user, may pose security risks. Features and communications may not be documented or visible to the end user, and the devices may communicate to the manufactures, vendors, or other third parties.  Risks such as the loss of sensitive data or an expanded attack surface need to be evaluated to inform the supply chain process.

This project seeks to work with a host facility to evaluate a real-world representative deployment of two renewable inverters using secure-by-design analysis based on past EPRI research:

  • The EPRI Technical Assessment Methodology (TAM), 3002012752, a cyber approach to evaluate the attack surface, score common cyber mitigation strategies, and identify security gaps.
  • EPRI’s Defensible Network Architectures: Criteria for Secure OT Deployment in Power Systems, 3002027430, which includes security criteria and a framework that will be included as the bases for the project.

This project is designed to: 

  • Evaluate security risks to increase efficiency, lower cyber security maintenance burden, and minimize the human error rate
  • Identify cyber security techniques (i.e. data diodes, network segmentation, multi-factor authentication, etc.) and processes (i.e., vendor training, incident response, etc.) to reduce identified risks
  • Ensure that consistent information and design requirements are passed to vendors and suppliers in the procurement process
  • Provide a basis for a standard design, implementation, and usage of new systems, technologies, or capabilities
  • Reduce the potential for overlooked security considerations and attack surfaces

Benefits

This project aims to increase the reliability and security of utility-scale renewable facilities by identifying risks and mitigation strategies that inform supply chain evaluations and enhancements to existing or planned infrastructure. This project may also inform compliance with current and future regulations.
 

Project Approach and Summary

The project approach is intended to include the following steps:  

  • Establish the defining facility and technology features and characteristics, OT equipment, and technologies.
  • Review the existing or proposed architecture.
  • Perform a cyber security assessment using the EPRI TAM for the two inverters within the sample architecture. This task seeks to use provided host design information and vendor documentation.  Network communications traffic and log analysis may be performed, if available from host.
  • Develop two reference architectures for the system evaluated using the criteria from EPRI Defensible Network Architectures.
  • Develop a summary brief of findings.

Deliverables

The following deliverables are expected to result from this project:

  • Security reference architectures for two renewable inverter configurations
  • Cyber Security Data Sheets (CSDS) for two renewable inverters, including a listing of unmitigated risks and mitigation options
  • Summary brief of results and supply chain considerations

Price of Project

This project is priced at $40,000 per funder. The scope may expand to include additional assessments based on the total number of funders. This project qualifies for Self-Directed Funds (SDF).
 

Project Status and Schedule

This project is expected to take approximately 12 months to perform. A minimum of four funders and a host are required to commence the project.
 

Who Should Join

Owners or operators of utility-scale renewable facilities should join this project.  Organizations considering constructing new, utility-scale renewable generation facilities or performing digital upgrades to existing facilities would benefit from participating in this project.  Organizations with critical power supplies may also benefit from involvement.
 

Contact Information

For more information, contact the EPRI Customer Assistance Center at 800.313.3774 (askepri@epri.com).

Technical Contact

Jeremy Lawrence, 704.595.2404 (jlawrence@epri.com)

Additional Contact

Soomin Militello at 907.556.6521 (smilitello@.epri.com)

GLOSSY PDF VERSION
EPRI 3420 Hillview Avenue, Palo Alto, California 94304 800-313-3774
© Electric Power Research Institute, Inc. 2001-2024. All Rights Reserved
TOGETHER…SHAPING THE FUTURE OF ENERGY®

We use cookies to improve your experience on our website. By continuing to use this website, you agree to the use of cookies. To learn more about how we use cookies, please see our Cookie Policy.