…
The European Commission quietly banned funding for projects using solar PV inverters from ‘high risk’ countries from all major EU financing instruments, including the European Investment Bank (EIB) and the European Investment Fund.
…
The ban will reportedly cover all European projects and any in neighbouring regions like the Balkans and North Africa that are connected to the European grid. The affected countries are reportedly China, Russia, Iran and North Korea, though for renewable energy, the only major source country is China.
Responding to the news, Christoph Podewils, secretary general of the European Solar Manufacturing Council (ESMC), said: “This is a truly bold decision with the potential to help revitalise manufacturing in Europe and other like-minded economies”
…
The move is more far-reaching than previous Commission actions on inverter supply. Its revised Cybersecurity Act proposed plans to identify “high-risk” products and suppliers to be excluded from the European grid, but did not specify China or a blanket ban on funding.
…
Erika Langerova, head of the energy systems department at the technical university of Prague, told PV Tech: “This is a necessary and justified move by the European Commission. Inverters sit at the heart of grid control, and allowing high-risk vendors into that layer is an avoidable vulnerability. Given persistent concerns around state-linked cyber activity, treating Chinese suppliers and operators as high risk in critical infrastructure is simply basic risk management, not protectionism.”
…
However, restrictions on funding for projects with Chinese inverters may not be a clear-cut cybersecurity win. Ryan Davidson, principal consultant for grid digitalisation and cybersecurity at DNV, told us that: “This move helps energy sovereignty but does very little to address the cybersecurity of the infrastructure, as it does not address critical cybersecurity controls needed for all distributed energy infrastructure.
“While it would improve energy sovereignty by increasing the percentage of capacity from Western manufacturers, China will still have enough capacity of installed inverters, that, if they really wanted to, would have the ability to cause disruptions.”
…
Moreover, the measures will only affect the parts of the solar market that receive funding from the EIB or other EU institutions. Chinese products are a huge majority of the inverters in the European market, and that may shrink somewhat with the removal of EIB backing, with possible ripple effects into private asset owners’ purchasing habits.
…
Meanwhile, switching to Western inverters is highly cost-competitive, as ESMC says on its website:
According to a Wood Mackenzie analysis, residential and small commercial PV projects using Western inverters come at a small additional investment of just 1.7% to 4.3% of total project costs, depending on project size and location. For large utility-scale projects — which receive the bulk of EIB financing — this amounts to below 2% in Germany, Spain and Eastern Europe alike. This minimal cost difference delivers exceptional value: enhanced supply security and significantly strengthened cyber resilience across Europe’s energy infrastructure.
ESMC calls on EU member states and all public funding bodies to implement the Commission’s decision consistently and to align existing support programmes accordingly. ESMC also urges EU member states to fully support the current proposal of the European Commission to revise the Cyber Security Act (CSA 2) to structurally address the increasing supply chain and cyber security risk posed by inverters from high-risk countries.
I got my PV from a national program that insists it needs to monitor the output and some other bullshit through an online platform. So I have to keep the damn thing connected to the internet. The inverter is Huawei 😐
Do you know where the unit has to connect to?
Maybe a firewall which only permits the inverter to talk to the platform is good enough protection?
And, do you know the protocol? Ie MQTT? Modbus? You might be able to limit that too…
Huawei has this platform where each user has an account where you can see the system set it up make changes etc. this is needed I think for the first setup but afterwards it is useless. Then the agency that did the program has another account where it sees all the inverters that were installed and monitors them or something. This is mandatory for the implementation period which is 5 years I think. After that I am hoping I get to disconnect it from the internet. I am using home assistant to manage the inverter via modbus and I don’t need anything else from huawei
Maybe point the program to the post here and they might release everyone from that condition…?
oh boy if it was that simple. not how it was where you are if you have these programs but if it was up to the electricity companies these PVs would never be implemented. they hate them with a passion and tried to put so many conditions. this thing with the platform is one of them. although they have the means to measure how much excess energy i put into the grid they want to keep an eye on it with this platform. they also increase the grid voltage such that when you have a good day with no clouds the grid voltage raises quickly above the protection limit of these huawei inverters and they enter a protection state which effectively takes them offline. all this is to prevent you putting energy into the grid. i manage to overcome this with HA magic but it is really annoying. i don’t care about getting money back for what i put in I just want to be a bit more independent of them. They are a bunch of idiots looking to make money at any cost.
whatś HA? as in “HA magic”
Sorry,it is Home Assistant. Super cool home automation system that is self hosted
Holy fossil fuel lobby, Batman.
