TL;DR
The European Commission has restricted funding for projects using high-risk Chinese-made inverters, but experts argue this won’t fully address cybersecurity threats. The real debate is only starting.
The European Commission has announced restrictions on funding for solar projects that use high-risk inverter vendors, primarily targeting Chinese-made inverters, marking a significant policy shift. However, cybersecurity experts warn that banning Chinese inverters alone will not eliminate the broader risks to Europe’s energy infrastructure. The debate over how best to secure the sector is only beginning, with implications for industry, policy, and national security.
Earlier this year, the European Commission introduced measures to restrict EU funding for projects involving high-risk energy technologies, including Chinese inverters. These restrictions are expected to impact 10-20% of solar financing in Europe and are likely to extend to wind and battery storage systems.
Despite the focus on Chinese inverters, cybersecurity specialists emphasize that hardware origin is only one aspect of a complex threat landscape. Many Western-manufactured inverters rely on Chinese components, and the entire supply chain is interconnected. Replacing all Chinese inverters would be prohibitively costly and insufficient to address vulnerabilities.
Recent cyberattacks demonstrate that adversaries exploit vulnerabilities beyond hardware origin, such as network gateways, data loggers, and other connected devices. Incidents in Poland and Denmark involved Western equipment, highlighting that attackers target the weakest entry points regardless of the inverter’s origin.
Implications for European Energy Security and Policy
This debate influences Europe’s strategic energy independence and cybersecurity resilience. While restricting Chinese inverters may reduce certain risks, experts warn it could lead to complacency and overlook deeper vulnerabilities. The sector’s security depends on comprehensive standards, asset visibility, and addressing all potential attack vectors, not just hardware sourcing. The ongoing policy discussions could reshape industry practices and international supply chains, but the core cybersecurity challenge remains complex and unresolved.
Shophubio Solar Grid Tie Inverter 1600W, Inverter with MPPTs, IP65 Waterproof, Wireless APP Monitoring for Home Balcony Power Station System(1600w)
【High Accuracy】- The 1600W solar inverter is equipped with high-precision instruments to accurately monitor the working status of…
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
European Policy Shift and Growing Cybersecurity Concerns
The European Commission’s recent move to restrict funding for high-risk energy vendors reflects growing concern over cybersecurity in the renewable energy sector. This follows broader discussions in Brussels about reducing dependency on Chinese technology, especially amid geopolitical tensions. The draft Cyber Security Act 2 (CSA 2), published earlier this year, explicitly identified solar as a sector requiring further assessment, including the potential phase-out of high-risk vendors across critical infrastructure.
While these policies aim to bolster Europe’s energy independence, they also highlight the challenges of cybersecurity in a highly interconnected and complex ecosystem. Experts note that most attacks exploit human vulnerabilities, insecure network components, and supply chain weaknesses, rather than hardware origin alone. The debate over Chinese inverters is a symptom of a broader security challenge that is still unfolding.
“Banning Chinese inverters may support strategic independence, but it won’t solve the core cybersecurity issues. The real challenge lies in implementing clear standards and securing the entire ecosystem.”
— Uri Sadot, founder of SolarDefend
Tripp Lite Power Industrial Inverter, 2000W, 12VDC, 120V, RJ45, 5-15R 2-Outlets for RVs,Trucks, Fleet Vehicles & Emergency Vehicles, 1 Year Warranty (PV2000FC)
Made in China
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Unresolved Questions About Cybersecurity Effectiveness
It remains unclear whether restricting funding and banning certain vendors will significantly reduce cybersecurity risks in Europe’s energy grid. Experts warn that attackers can exploit vulnerabilities in Western-made components or network infrastructure, making hardware origin only one piece of a larger puzzle. The effectiveness of upcoming regulations and standards is still being evaluated, and the full impact of these policies has yet to be seen.
Hiseeu Solar Security Cameras Wireless Outdoor, Auto Tracking Dual-Lens Wireless Cameras for Home Security with 10" Touchscreen, 2.4 & 5GHz WiFi Pro 4 Cam-Kit, 2 Way Audio, 500GB HDD, 0 Monthly Fee
【Automatic Human Tracking Dual-Lens System】When human motion is detected, the camera automatically focuses on and tracks the moving…
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Next Steps in European Energy Cybersecurity Policy
European policymakers are expected to continue discussions on expanding restrictions and establishing new cybersecurity standards for energy infrastructure. Industry stakeholders are preparing for potential supply chain adjustments and increased regulation. Meanwhile, security experts advocate for a holistic approach that includes asset visibility, technical standards, and addressing human and network vulnerabilities. The debate over Chinese inverters is likely to evolve into broader reforms aimed at securing Europe’s energy future.
Communication, Control and Security Challenges for the Smart Grid: Foundations and core systems of smart grids (Energy Engineering)
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
Will banning Chinese inverters eliminate cybersecurity risks?
Not entirely. Experts say hardware origin is only one factor; vulnerabilities in network infrastructure and human factors also pose significant risks.
How much of Europe’s solar capacity relies on Chinese inverters?
Approximately 300 GW of Chinese-made inverter capacity is already installed across Europe and will remain operational for years.
Are Western manufacturers immune from cybersecurity vulnerabilities?
No. Many Western inverters rely on Chinese components, and vulnerabilities can exist in any part of the supply chain or connected systems.
What other threats are considered in the cybersecurity debate?
Beyond hardware, attackers exploit network gateways, data loggers, and human vulnerabilities, making a comprehensive security approach essential.
What should industry and policymakers do next?
Focus on developing clear technical standards, improving asset visibility, and addressing all potential attack points to strengthen overall cybersecurity resilience.
Source: PV Magazine
