, , ,

Hacking solar panel systems can bring the grid down

Nowadays, critical infrastructure requirements are focusing more and more on system security to guarantee that we don’t face crippling attacks on the critical systems that are supporting our society. Most of these requirements are focused on managing risks, which means companies need to assess their risk profiles first and identify the necessary measures to mitigate unacceptable risk levels.

If we translate that to the electrical grid, this means power plants and transmission companies face big efforts to control the risk levels of their systems because these companies are providing critical services for our society. What we are still lacking in this story, is the impact the society itself has on these systems.

We are imposing lots of security measures on the supply side, but none (yet) on the demand side. From a risk perspective, this causes imbalance. If we look at how a hacker could try to bring down the electrical grid, he has several options to do this:

  • Attack a power plant and reduce or increase the power capacity produced in a country/region and destabilize the grid
    • E.g. cause an incident at a nuclear plant, forcing it to shut down. Impact: max 1000MW per production plant
  • Attack the transmission or distribution system and limit the amount of power flowing to the users
    • E.g. take out a high voltage head station. Impact: depends on the connected capacity lines, load and alternative routes
  • Attack on a mass scale the devices of users that consume electricity at home and fluctuate the demand side so much that the electrical rid is destabilized
    • E.g. take control over solar panel inverters and switch them on/off every 2 min at full capacity .Impact: max. 3369 MW , depending on weather and size of attack

The last scenario is gaining the interest of hackers, as attacking these kind of devices requires less technical knowledge and is easily spread because most consumer devices are now internet connected and very vulnerable. As we are deploying solar panels on a fast rate (+10% increase per year) and they are using very similar (if not the same) hardware, the amount of end user devices (319.000 PV installations in 2017) to attack is rapidly growing. A quick report shows there are already more than 300 Belgian installations of SMA Sunny Boy which are connected directly to the internet.