this post was submitted on 15 May 2025

131 points (98.5% liked)

Europe

6019 readers

894 users here now

News and information from Europe 🇪🇺

(Current banner: La Mancha, Spain. Feel free to post submissions for banner images.)

Rules (2024-08-30)

This is an English-language community. Comments should be in English. Posts can link to non-English news sources when providing a full-text translation in the post description. Automated translations are fine, as long as they don't overly distort the content.
No links to misinformation or commercial advertising. When you post outdated/historic articles, add the year of publication to the post title. Infographics must include a source and a year of creation; if possible, also provide a link to the source.
Be kind to each other, and argue in good faith. Don't post direct insults nor disrespectful and condescending comments. Don't troll nor incite hatred. Don't look for novel argumentation strategies at Wikipedia's List of fallacies.
No bigotry, sexism, racism, antisemitism, islamophobia, dehumanization of minorities, or glorification of National Socialism. We follow German law; don't question the statehood of Israel.
Be the signal, not the noise: Strive to post insightful comments. Add "/s" when you're being sarcastic (and don't use it to break rule no. 3).
If you link to paywalled information, please provide also a link to a freely available archived version. Alternatively, try to find a different source.
Light-hearted content, memes, and posts about your European everyday belong in [email protected]. (They're cool, you should subscribe there too!)
Don't evade bans. If we notice ban evasion, that will result in a permanent ban for all the accounts we can associate with you.
No posts linking to speculative reporting about ongoing events with unclear backgrounds. Please wait at least 12 hours. (E.g., do not post breathless reporting on an ongoing terror attack.)
Always provide context with posts: Don't post uncontextualized images or videos, and don't start discussions without giving some context first.

(This list may get expanded as necessary.)

Posts that link to the following sources will be removed

on any topic: RT, news-pravda:com, GB News, Fox, Breitbart, Daily Caller, OAN, sociable:co, citjourno:com, brusselssignal:eu, europesays:com, geo-trends:eu, any AI slop sites (when in doubt please look for a credible imprint/about page), change:org (for privacy reasons)
on Middle-East topics: Al Jazeera
on Hungary: Euronews

Unless they're the only sources, please also avoid The Sun, Daily Mail, any "thinktank" type organization, and non-Lemmy social media. Don't link to Twitter directly, instead use xcancel.com. For Reddit, use old:reddit:com

(Lists may get expanded as necessary.)

Ban lengths, etc.

We will use some leeway to decide whether to remove a comment.

If need be, there are also bans: 3 days for lighter offenses, 7 or 14 days for bigger offenses, and permanent bans for people who don't show any willingness to participate productively. If we think the ban reason is obvious, we may not specifically write to you.

If you want to protest a removal or ban, feel free to write privately to the primary mod account @[email protected]

founded 11 months ago

MODERATORS

[email protected]

131

European solar-panel lobby calls to restrict remote access of PV inverters from high-risk vendors, urges EU to ban inverters from China (esmc.solar)

submitted 2 weeks ago by [email protected] to c/[email protected]

24 comments fedilink hide all child comments

While photovoltaics (PV) play an increasingly central role in Europe’s clean energy transition and energy independence, a hidden vulnerability threatens this progress: the software-based remote access to inverters, the critical “brains” of any PV system.

“Today, over 200 GW of European PV capacity is already linked to inverters manufactured in China – the equivalent of more than 200 nuclear power plants,” said Christoph Podewils, the European Solar Manufacturing Council (ESMC) Secretary General.

“This means Europe has effectively surrendered remote control of a vast portion of its electricity infrastructure.”

[...]

Further concerns include:

70% of all inverters installed in 2023 came from Chinese vendors, mainly Huawei and SunGrow.
These two companies alone already control remote access to 168 GW of PV capacity in Europe (DNV Report, p. 40), by 2030, this figure is projected to exceed 400 GW – comparable to the output of 150–200 nuclear power plants.
One of these vendors [China's Huawei] is already banned from the 5G sector in many countries and is currently under investigation in Belgium for bribery and corruption.

[...]

In light of these findings, the ESMC calls for the immediate development of an EU “Inverter Security Toolbox”, modeled after the successful 5G Security Toolbox. This would involve:

A comprehensive risk assessment of inverter manufacturers.
A requirement that high-risk vendors must not be permitted to maintain an online connection to European electricity systems.
Consideration of outright bans for such vendors from connecting to the grid.
A replication of Lithuania’s proactive legislation – banning inverters from China – across all EU Member States – ensuring security measures apply to PV systems of all sizes.

all 25 comments

sorted by: hot top controversial new old

[–] [email protected] 31 points 2 weeks ago (2 children)

Here's an idea: instead, ban devices that do not function without an internet connection. Devices are not "smart" when you have no sovereignty over them.

[–] [email protected] 7 points 2 weeks ago

Absolutely this. I have limited experience with the whole home automation market, but I find the Shelly model to be perfect: Local access via BLE or LAN ist always enabled out of the box, cloud (run by Shelly) requires a checkbox to be activated.

[–] [email protected] 2 points 2 weeks ago

Just to play devil's advocate. There was recently an unverified report that some inverters contained an undocumented cellular modem. If true, it could, in theory, allow for remote modification or control, even when fully "offline" as far as the client was concerned. Basically a mobile phone based back door.

The solution is better verification, rather than bans however. Grid scale devices should have the hardware randomly audited. The software should also be audited and check summed. This would be burdensome at domestic levels, but seems reasonable at grid levels.

[–] [email protected] 5 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I mean, it sounds to me that the biggest problem is not having the experience to manufacture and modify electronics readily throughout Europe so we have to treat them all as take or give. I don't mean in the sense of being able to retrofit foreign PV inverters, I mean in regards to being able to accurately define and even potentially disable the threat.

One of the ways this used to be done was with the development and enforcement of standards within markets, why isn't this being done instead of outright bans? Seems like it's more about companies lobbying against economic threats instead of actually enforcing industry wide standards, although I'm also curious if and how much of this concern has to do with the recent Spanish blackout. The biggest problem with Chinese tech is that they are sold as the alternative to get around excessive proprietary BS pricing only for them to pull even worse proprietary BS shenanigans.

[–] [email protected] 3 points 2 weeks ago* (last edited 2 weeks ago)

The biggest problem with Chinese tech is that they are sold as the alternative to get around excessive proprietary BS pricing only for them to pull even worse proprietary BS shenanigans.

The biggest problem with Chinese tech is the threat of blackmail, very much the same as Russia has done in the past with oil and gas.

[+] [email protected] -7 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

high-risk, non-European manufacturers – most notably from China.

We want nobody to buy these devices directly from china!

Because we want you to buy these chinese devices from us! With our beautiful stickers on the hood!!

[–] [email protected] 13 points 2 weeks ago (3 children)

This is rubbish. There are several European producers of solar inverters.

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago)

Yep, and I paid the premium for a Fronius one and so far, apart from their customer service being clearly oriented towards the chain "customer -> installer -> Fronius" I am pretty happy with it.

They are staying on top of things with their software updates, provide proper changelogs and API documentation and features like emergency offgrid power have improved over the period of my ownership. It was okay with a switchover time of about 60 seconds of no power from and to the grid when I bought the thing, and the last time emergency power triggered, the switchover to local took only about 12 seconds and switching back was seamless with my UPSes not even triggering. I would recommend them.

[–] [email protected] 0 points 2 weeks ago (1 children)

Just guessing here, but in my experience 90% or more of all inverters in germany are chinese made.

[–] [email protected] 5 points 2 weeks ago (3 children)

Have you got any numbers for that?

[–] [email protected] 2 points 2 weeks ago

If you open them and start googling part numbers, you will notice that entire subassemblies are off the shelf parts from China, not just components.

The solution is not to make rules based on where something is made, the solution is to have sensible rules that apply to everyone.

A product with a German label should not spy on you, nor should a Chinese one, or an American one.

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago)

I just checked and these are global numbers, couldnt find any for Germany. In Germany its probably a bit less chinese ones, but it has been increasing due to the influx of super cheap microinverters for balcony mounted solar.

These chinese ones add up to 80%:

Huawei
Sungrow
Ginlong Solis
Growatt
GoodWe
Sineng
Aiswei
Sofar

SMA is German
Power Electronics is Spanish
TMEIC is Japanese

All the chinese ones have been growing while the other ones fall.

[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago)

No just my experience from being an electronics engineer and talking to people about their installations. All the inverters you get in hardware stores are rebranded chinese hardware.

[+] [email protected] -10 points 2 weeks ago (1 children)

This is about European producers not having a chance against producers on the market, first and foremost. "Security" is just a fig-leaf excuse.

It is so easy to make a device not phone home.

[–] [email protected] 19 points 2 weeks ago (1 children)

Note the fact that Huawei and SunGrow have remote access to 168 GW already. These device ARE CURRENTLY phoning home.

[–] [email protected] 1 points 2 weeks ago (2 children)

Why ban the devices entirely, then and not introduce a legal requirement to be able to run the devices entirely on your own network?

[–] [email protected] 9 points 2 weeks ago* (last edited 2 weeks ago)

That's kinda what they're asking for; to 1 assess risks 2 define guidance/regulation

[–] [email protected] 1 points 2 weeks ago (1 children)

That requirement is easy to appear to meet while still allowing whatever remote actions they want to do. Remember the first step of evil here would be appearing to work perfectly long enough to get a massive install base. Then the setret signal to all fail goes out to them all. i can come up with the above attack so we can safely assume China can too - they likely have other ideas as well.

[–] [email protected] -2 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

i can come up with the above attack so we can safely assume China can too - they likely have other ideas as well.

And why exactly are we to assume that China has an interest to do so? Have we arrived in full-on cold war rhetoric by now? 🙄

Also: how can the evil Xi Xingping (/s) do an assault on our infrastrugture if we don't allow the device to phone home? If I can prevent my robot-vacuum to connect to the producer's servers, why shouldn't our infrastructure be able to do so?

[–] [email protected] 1 points 2 weeks ago (2 children)

Does your robot vacum still have all its functionality if it can't talk home? Mine certainly doesn't. I'm pretty sure that big infrastructure components probably all require some form of network communication

[–] [email protected] 1 points 2 weeks ago

That's why I hacked my robot and removed the phone home function. I used https://valetudo.cloud/ custom firmware for mine.

[–] [email protected] 0 points 2 weeks ago

That's what a requirement could handle. My robot has all it's functionalities intact.

[–] [email protected] -1 points 2 weeks ago (1 children)

China is making moves on Taiwan, Vietnam, South Korea, and the Philippians. They are building up their military. Nobody knows what will happen in the future, but there is a reasonably possibility of war in the region which the EU will get involved in. The cold war wasn't all unreasonable fear even if some was.

You don't need to phone home. A radio is something you can hide in a chip, using the board itself as an antenna. Then the chip listens for the signal which can be broadcast many ways (the local embassy, satellite, or spys) Isreal already proved that you can attack pagers in ways like this (their radios were hidden in a battery, but the point remains). The engineering is tricky, but well within something China can do.