Solar energy: EU bans funding for energy projects using Chinese inverters - will it move the needle on cybersecurity?

...

The European Commission quietly banned funding for projects using solar PV inverters from ‘high risk’ countries from all major EU financing instruments, including the European Investment Bank (EIB) and the European Investment Fund.

...

The ban will reportedly cover all European projects and any in neighbouring regions like the Balkans and North Africa that are connected to the European grid. The affected countries are reportedly China, Russia, Iran and North Korea, though for renewable energy, the only major source country is China.

Responding to the news, Christoph Podewils, secretary general of the European Solar Manufacturing Council (ESMC), said: “This is a truly bold decision with the potential to help revitalise manufacturing in Europe and other like-minded economies”

...

The move is more far-reaching than previous Commission actions on inverter supply. Its revised Cybersecurity Act proposed plans to identify “high-risk” products and suppliers to be excluded from the European grid, but did not specify China or a blanket ban on funding.

...

Erika Langerova, head of the energy systems department at the technical university of Prague, told PV Tech: “This is a necessary and justified move by the European Commission. Inverters sit at the heart of grid control, and allowing high-risk vendors into that layer is an avoidable vulnerability. Given persistent concerns around state-linked cyber activity, treating Chinese suppliers and operators as high risk in critical infrastructure is simply basic risk management, not protectionism.”

...

However, restrictions on funding for projects with Chinese inverters may not be a clear-cut cybersecurity win. Ryan Davidson, principal consultant for grid digitalisation and cybersecurity at DNV, told us that: “This move helps energy sovereignty but does very little to address the cybersecurity of the infrastructure, as it does not address critical cybersecurity controls needed for all distributed energy infrastructure.

“While it would improve energy sovereignty by increasing the percentage of capacity from Western manufacturers, China will still have enough capacity of installed inverters, that, if they really wanted to, would have the ability to cause disruptions.”

...

Moreover, the measures will only affect the parts of the solar market that receive funding from the EIB or other EU institutions. Chinese products are a huge majority of the inverters in the European market, and that may shrink somewhat with the removal of EIB backing, with possible ripple effects into private asset owners’ purchasing habits.

...

Meanwhile, switching to Western inverters is highly cost-competitive, as ESMC says on its website:

According to a Wood Mackenzie analysis, residential and small commercial PV projects using Western inverters come at a small additional investment of just 1.7% to 4.3% of total project costs, depending on project size and location. For large utility-scale projects — which receive the bulk of EIB financing — this amounts to below 2% in Germany, Spain and Eastern Europe alike. This minimal cost difference delivers exceptional value: enhanced supply security and significantly strengthened cyber resilience across Europe’s energy infrastructure.

ESMC calls on EU member states and all public funding bodies to implement the Commission’s decision consistently and to align existing support programmes accordingly. ESMC also urges EU member states to fully support the current proposal of the European Commission to revise the Cyber Security Act (CSA 2) to structurally address the increasing supply chain and cyber security risk posed by inverters from high-risk countries.

Web Archive link