What is Solar Cybersecurity?

Cybersecurity is the protection of interconnected electric power systems from digital attacks. Solar is one of the many electric generation technologies used on the grid, contributing to large-scale generation in the form of solar farms and utility-scale installations, as well as small-scale distributed energy resource (DER) generation in the form of rooftop installations, storage systems, and microgrids. Solar is just one type of DER technology, which produce and supply electricity on a small scale and are spread out over a wide area.

Solar energy systems are connected to the electrical grid through power electronic devices like inverters and may have frequent communication with utility control and automation systems. Large-scale solar systems must be compliant to critical infrastructure protection standards before they can be operational. However, smaller PV systems and other DERs currently do not have any cybersecurity standards to follow, and they are usually connected by their owners to the internet for monitoring and control purposes. This can create vulnerabilities in the grid that hackers can exploit, making DER cybersecurity a key challenge for grid operators and solar system owners. Learn more about how grid systems integration works.

Why Is Solar Cybersecurity Important?

Ensuring reliable and safe operation of electrical grids is critical for the U.S. economy and national security. As the amount of solar energy on the grid grows, solar will become an integral part of the system and provide additional resilience to the electricity supply because solar installations are dispersed, making them more resistant to wide-spread disruptions.

However, cybersecurity challenges are complicated by the large number of owners and operators involved with solar energy. Solar systems need to be more cyber-aware and cyber-secure, with capabilities to prevent, identify, detect, respond to, and recover from cyberattacks. Making solar system operators aware of cybersecurity standards and best practices for risk management is also key. The electric grid is a cyber-physical system, thus cyberattacks on the grid can cause physical damage and safety issues in addition to disrupting information flow. Solutions that provide grid operators 24/7 awareness of all systems on the grid allow them to protect against and respond to cyberattacks.

Addressing cybersecurity supports the DOE Solar Energy Technology Office (SETO) goals of reliably and securely integrating solar electricity into the grid. Learn more about SETO’s goals.

SETO Research in Solar Cybersecurity

SETO’s research and development projects in cybersecurity are developing more secure ways to operate solar and other DER that will enable grid operators to rapidly detect physical and cyber‐based disturbances and use solar energy generation to recover quickly from power outages at critical infrastructure sites.

In 2017, SETO funded Sandia National Laboratory’s Roadmap for Solar Cybersecurity, which helps to guide research in this area in SETO and other DOE offices. In 2020, DOE Energy Efficiency and Renewable Energy (EERE) Office published a Multi-Year Program Plan that includes strategies to improve cybersecurity in renewable energy, manufacturing, buildings, and transportation research and development. In 2022, the Office of Energy Efficiency and Renewable Energy, along with the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), developed the Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid report, which provides recommendations for the distributed energy resources industries, energy sector, and government to secure current and future systems.

Since cyberattack strategies evolve quickly and frequently shift, solutions must be dynamic to maintain critical grid capabilities. Innovative solutions may include development of standards and technology tool kits to identify and protect against new vulnerabilities from DER, enhanced detection schemes for attacks that cross from customer devices to utility systems, automated response and recovery techniques, and resilience to endure multiple simultaneous attacks. Several of SETO’s funding programs have projects that focus on cybersecurity:

  • Solar Energy Technologies Office Lab Call FY2022-24 – the Securing Solar for the Grid (S2G) project in this lab call is creating cybersecurity standards and certifications, cyber-physical network monitoring tools, risk assessments and mitigation strategies, and stakeholder training for distributed energy resources and inverter-based resources, which includes solar inverters, for new products entering the market and operating in the field.
  • Solar Energy Technologies Office Fiscal Year 2019 funding program – creating strategic plans and decision-making tools that enhance cybersecurity solutions and develop technologies that protect power electronic devices from cyberattacks.
  • Solar Energy Technologies Office Lab Call FY19-21 – improving analysis of grid integration challenges to allow the solar industry to develop new tools and system designs that could improve grid reliability and cybersecurity with high penetrations of solar energy.
  • Enabling Extreme Real-time Grid Integration of Solar Energy funding program – developing distribution planning and operation solutions to enable dynamic, automated, and cost-effective management of distributed and variable generation sources, like solar, onto the grid.
  • Advanced Systems Integration for Solar Technologies funding program – improving situational awareness of solar energy systems, especially at critical infrastructure sites, increase resilience to cyber and physical threats, and strengthen solar integration on the grid.

To view specific cybersecurity projects, search the Solar Energy Research Database.

Additional Resources

Learn more about systems integration research, other solar energy research in SETO, and current and former funding programs.