Back in 2020 a Scandinavian telco provider – Telia has dropped a long-lasting partnership with Huawei due to geopolitical risks and suspected cyber threats. Subsequently such claims have been proven followed by the USA ban on Huawei, ZTE and some other Chinese equipment integrations to internal country’s networks.
The cyber threat fear was ignited primarily by the obligation to Chinese companies to provide data to governmental intelligence agencies under various laws, including the National Intelligence Law. Suspected secret “back-door” integrations in telco equipment could seriously jeopardize the security and privacy of the networks and is often seen as a national security threat. Despite the focus on the telco industry, Chinese equipment has since filled other strategically important sectors i.e. the energy sector.
THE RED ENERGY TRANSFORMATION
The green energy transformation revolution in the EU has very ambitious targets yet the energy price (LCOE) parity with legacy (fossil) energy generation, although covered by heavy subsidies, has proven to be challenging. The Green Deal pressure and the simple financial rationale has determined the situation in many European markets where the cheapest hardware wins the deal. It happens to be all manufactured in China.
In Lithuania, it is estimated that over 85% of around 100 000 installed solar PV systems utilize inverters made by companies like Sungrow, Huawei, Solis, Growatt and other. According to Lithuanian TSO – Litgrid this currently makes up over 1,1GW of installed power or just over 65% of daily peak energy demand in the country.
Security concerns include a few factors that today may have a huge impact on the whole European energy systems.
THE CONCERNS
The first one is related to Chinese servers that all these inverters connect to. A Chinese inverter manufacturer (or an intelligence agency) at their will and at any time may directly connect to any solar PV inverter and shut it down. In a sunny-day-case in Lithuania this may mean 60%-70% of peak generation instant shutdown. This may eventually cause a blackout situation.
In the graph below an 8 day period during March-April illustrates an average of 40-50% peak Solar PV generation compared to parallel national energy demand. Bearing that around 900MW of installed solar PV equipment may be produced in China and potentially vulnerable (~85%), such capacity may reach 700-800MW peak generation during some sunny days in May-September. Such peak load is already over the maximum acceptable limit (or n-1 limit) of the grid disturbance by the TSO.
National energy consumption and peak Solar PV supply during 2024.03.25 – 2024.04.01 (Source: Litgrid)
The second concern is related to a possible damage to the inverter software. If any internet-connected inverter can be connected to at any time, also a corrupted software update may be uploaded, and hardware damaged for good.
The third issue with any Chinese-manufactured IoT device which connects to the internet and internal home network (e.g. solar inverter, smart robot vacuum, an air fryer etc.). If the device can access your internal network, it may also easily control or corrupt other devices. For example, a smart air fryer connected to home network, in a case of an attack, can access and control your smart heat pump and damage it for good during cold winter months leaving all homes without heating.
THE SOLUTIONS
Naturally, an energy system with such exposure to potentially dangerous equipment of such high saturation is not sustainable and secure. Unfortunately, there are no easy solutions to roll-back what’s been done, and the number of inverters integrated in the European networks does not make the task any easier.
Some countries, like Estonia, have already taken action and recognized the oversaturation of vulnerable RES equipment as a risk to national security. Within the European Union discussions also quickly escalate around the topic and measures to tackle the safety of the energy grids.
In March 2024 conference Lithuanian Davos 2024, Ignitis innovation team lead Karolis Mirinavičius has also discussed the security issues with the Head of TSO is Lithuania Rokas Masiulis, the Head of Lithuanian Confederation of Industrialists Vidmantas Janulevičius and others. In the upcoming months we will see more discussions and actions among security and energy experts around this topic.
Despite the EU actions, it is believed that national strategic decisions also must made for finding the best secure solutions. These may include securing the specific networks, upgrading the acceptable parameters of the equipment integration in the national grids, however, more radical solutions, like disallowing internet connection for Chinese made equipment should not be ruled out too.
For more information please contact Innovation Team Lead Karolis Mirinavičius, [email protected]