In Short : India is introducing new cybersecurity rules to protect the power grid from potential malware in rooftop solar inverters, many of which are imported from China. Inverters under government schemes must use secure SIM-based connections to national servers. The move aims to prevent cyber threats, enhance data security, and ensure real-time monitoring through a centralized, MNRE-managed platform.
In Detail : India is taking decisive steps to shield its power grid from cybersecurity threats posed by vulnerable solar equipment. The government has issued draft guidelines targeting rooftop solar inverters, which are increasingly seen as potential entry points for malware and cyberattacks.
The Ministry of New and Renewable Energy (MNRE) has mandated that all rooftop solar inverters installed under central schemes like PM Surya Ghar must connect to national servers through secure, machine-to-machine SIMs. These connections will be managed exclusively through MNRE-designated platforms.
This move is largely driven by security concerns surrounding imported inverters, particularly those from Chinese manufacturers. Currently, over 80 percent of rooftop solar installations in India rely on such foreign-made devices, which have been found to contain multiple vulnerabilities.
To prevent unauthorized access and data leaks, the guidelines require that communication from these devices be routed through Indian platforms. This ensures complete control over monitoring and removes dependence on foreign servers and closed communication protocols.
The new compliance regime is set to roll out from September 1, 2025. After this date, manufacturers and integrators must ensure that their inverters can connect directly to the national data platform and follow specified cybersecurity protocols.
Global cybersecurity research has shown that several popular inverter brands, including Sungrow, Growatt, and SMA, contain flaws that could allow hackers to remotely disrupt or manipulate energy outputs. This raises significant concerns about grid stability and national security.
India’s initiative aligns with broader reforms outlined under the Central Electricity Authority’s cybersecurity guidelines and the IEGC 2023 framework. These regulations aim to strengthen threat detection, incident response, and coordination between regional and national cybersecurity teams.
The government is also promoting domestic development of secure inverter technology to reduce reliance on foreign suppliers and encourage innovation in India’s renewable energy sector.
By declaring rooftop solar inverters as critical infrastructure, India is underlining the importance of digital security in its clean energy transition, ensuring the power grid remains safe, resilient, and future-ready.
