Chinese Solar Inverters — A Hidden Risk for Sweden’s Power Security
Sweden has never built a single nuclear reactor as fast as it is now installing solar panels. Yet behind many of those shiny modules sits a piece of electronics that cyber-security experts now call the grid’s weakest link: the Chinese-made power inverter.
Why inverters matter
Every solar array needs an inverter to convert the panels’ DC output into 230 V AC and to talk to the grid. Modern “smart” inverters contain cellular modems, Wi-Fi chips and remote-update firmware. In Europe more than 200 GW of PV capacity—equivalent to 200 nuclear reactors—already relies on inverters supplied by Chinese brands such as Huawei, Sungrow, Growatt and Solis according to Elpris Idag report.
solarquarter.com
What investigators have just found inside them
U.S. engineers who performed tear-downs on utility-scale equipment this spring discovered undocumented communication devices, including hidden cellular radios, soldered onto several Chinese inverter and battery models. These “rogue” radios are not mentioned in the manuals and could bypass the firewalls that utilities use to block traffic back to China.
reuters.com
Experts warn that if a hostile actor sent a coordinated command through those channels, thousands of inverters could be shut off or driven out of sync in milliseconds—“a built-in way to physically destroy the grid,” one source told Elpris Idag.
What Europe is starting to do
Lithuania has outlawed new grid connections that rely on high-risk vendors.
The European Solar Manufacturing Council (ESMC) is urging the Commission to restrict remote access for Chinese inverters and to adopt a common cyber-audit protocol for all PV electronics.
esmc.solar
Several EU utilities are demanding self-destructing VPN credentials that expire unless renewed locally.
What it means for policy-makers
The lesson from telecoms (Huawei base-station bans) and EV-charging (OCPP hardening) is clear: waiting until an exploit is proven is too late. A pre-emptive Swedish rule—mirroring Lithuania’s and backed by rapid conformity testing—would protect 21st-century infrastructure with 20th-century common sense.