New Delhi Tightens Solar Inverter Rules Over Cybersecurity Risks
In a bid to safeguard the national grid and protect sensitive data from external cyber threats, officials have mandated strict cybersecurity norms for all inverters supplied under the PM Surya Ghar: Muft Bijli Yojana. The directive requires all inverter manufacturers to integrate their devices with national servers managed by the renewable energy ministry, marking a significant move to fortify energy security amid growing concerns over foreign equipment embedded with undocumented communication modules.
The rooftop solar scheme, aiming to reach 10 million households and generate 30 gigawatts of clean power, is now at the centre of India’s energy sovereignty efforts. Recent findings of unverified communication tools in imported inverters, particularly from China, triggered this policy overhaul. Officials confirmed that any device transmitting data to foreign servers would be banned from the programme. Instead, manufacturers must use a centralised data platform located within India to ensure secure, transparent monitoring of energy flow across millions of rooftops nationwide. Inverters form the technical backbone of rooftop solar systems, converting solar-generated DC power into usable AC electricity and allowing homes to return excess energy to the grid. But this two-way connection also poses cybersecurity vulnerabilities, especially when data is sent beyond Indian borders.
Experts say that without strong safeguards, malicious actors could potentially gain access to consumption patterns or manipulate grid-connected devices. The ministry’s notification, though not yet dated for enforcement, signals an urgent intent to preserve national digital control over critical power infrastructure. To meet the new compliance standards, all inverter communication devices—such as dongles or data loggers—must function using secure machine-to-machine (M2M) SIM-based communication protocols. This requirement aims to eliminate the risk of unauthorised remote access and to ensure reliability in data exchange. Officials have held several consultations with stakeholders to build a roadmap for real-time monitoring of solar performance through a central platform, an effort seen as essential for managing the stability of an expanding decentralised grid.
The revised norms also reflect India’s broader push for localisation in its clean energy supply chain. By mandating domestically hosted communication infrastructure and discouraging dependence on foreign-made modules, the government hopes to build a resilient solar ecosystem that aligns with its net-zero and digital sovereignty targets. While the new framework may pose short-term logistical challenges for OEMs, especially those reliant on overseas tech, it is expected to drive innovation and trust in homegrown manufacturing and grid-connected infrastructure.
