Identification, Key Management and Trust for Inverters for Distributed Energy Resources

Chief Investigators

Prof. Carsten Rudolph  (Monash University)

Purpose of project

All new inverters in Australia and New Zealand have been mandated to possess internet connectivity to comply with the Australian standard AS4777.2:2020 since December 2021. This connectivity significantly expands the cybersecurity attack surface for inverters and exposes them to potential threats from criminal activities, professional hackers, opportunistic or automated hacks and even nation-state controlled activities. Consequently, it becomes imperative to continually assess the risks associated with the compromise of these devices while ensuring the integrity and accuracy of the data received from these inverters. This is vital for the efficient and effective operation of grids that incorporate distributed energy resources.  

The knowledge possessed by network operators about inverters is often inadequate for accurately estimating these risks. Inverters operate outside the security perimeter of network operators. Although encryption and authentication can safeguard against communication-based attacks, they provide limited defence against threats that exploit compromised inverters. Therefore, this project proposes the implementation of additional methods, including reliable identities, up-to-date software/firmware versions, and security metadata. These methods aim to facilitate more precise risk assessments and ultimately enhance the trustworthiness of inverters.  

The objective of this project is to develop a distributed framework for device identity management and status information, empowering network operators and virtual power plant (VPP) operators to establish secure communication and maintain ongoing compliance with security requirements 

Impact of project

2.86 million solar systems were installed in Australia by mid-2021, which implies a significant number of inverters that can potentially disrupt the grid, given the possibility of exisitng vulnerabilites. The secure design can thwart these potential threats. Successful completion of this project will contribute to the improvement of overall security of DER integration processes through inverters in the VPP context.  

Elevated security, improved trust and transparency allows network operators to utilise DER in more efficient ways and reduces expenditure on security, which can be translated into cost savings. 

Project partners – industry and research

Monash University (Lead),Selectronic 

Industry Reference Group members

AEMO, Australian National University (ANU), Selectronic, Synergy, Western Power

Completion date

November 2023

Project code

0347

Page last updated 19 December 2023