Supply Chain Cybersecurity Recommendations for Solar Photovoltaics
Solar photovoltaic (PV) cybersecurity is a growing field of research. As deployments of solar PV has increased, cyber risk has also increased. However, utility solar PV installations are not required to comply with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) unless they meet a minimum generation threshold of 75 Megawatts (MW). Individual residential scale solar PV deployments will not meet that generation threshold and are therefore excluded from NERC CIP requirements. With most solar installations below 75MW, solar PV has been deployed with minimal oversight and highly variable cybersecurity maturity. The resources that make up the digital supply chain can include software, code, data, as well as other digital components. However as clean energy technology advances, cybersecurity threats and vulnerabilities continue to evolve and grow in sophistication. Solar PV faces a unique challenge in which it can be deployed in residential buildings and purchased by a consumer directly. This makes the supply chain of PV a unique challenge, where responsible parties for cybersecurity vary widely depending on the type of solar PV being deployed. Supply chain cybersecurity for solar PV represents a critical area for ensuring safe operations as the U.S. moves towards a clean energy future.
Citation Formats
TY - DATA
AB - Solar photovoltaic (PV) cybersecurity is a growing field of research. As deployments of solar PV has increased, cyber risk has also increased. However, utility solar PV installations are not required to comply with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) unless they meet a minimum generation threshold of 75 Megawatts (MW). Individual residential scale solar PV deployments will not meet that generation threshold and are therefore excluded from NERC CIP requirements. With most solar installations below 75MW, solar PV has been deployed with minimal oversight and highly variable cybersecurity maturity. The resources that make up the digital supply chain can include software, code, data, as well as other digital components. However as clean energy technology advances, cybersecurity threats and vulnerabilities continue to evolve and grow in sophistication. Solar PV faces a unique challenge in which it can be deployed in residential buildings and purchased by a consumer directly. This makes the supply chain of PV a unique challenge, where responsible parties for cybersecurity vary widely depending on the type of solar PV being deployed. Supply chain cybersecurity for solar PV represents a critical area for ensuring safe operations as the U.S. moves towards a clean energy future.
AU - Cryar, Ryan
A2 - Rivers, Vikash
A3 - Guerra, Jennifer
A4 - Quilling, Chelsea
A5 - Dorthmuth, Zoe
A6 - Saleem, Danish
DB - C-MIX - Community Microgrid Information Exchange
DP - Open EI | National Laboratory of the Rockies
DO -
KW - Solar
KW - Photovoltaics
KW - PV
KW - Battery energy storage
KW - Diesel generators
KW - Other liquid-fuel generators
KW - Wind energy
KW - Cybersecurity
KW - Maintenance and operations
KW - Operations
KW - Maintenance
KW - Commissioning
KW - Standards
KW - Interconnection
KW - Protection
LA - English
DA - 2023/08/01
PY - 2023
PB - NLR
T1 - Supply Chain Cybersecurity Recommendations for Solar
Photovoltaics
UR - https://cmix.openei.org/submissions/144
ER -
Cryar, Ryan, et al. Supply Chain Cybersecurity Recommendations for Solar
Photovoltaics. NLR, 1 August, 2023, C-MIX - Community Microgrid Information Exchange. https://cmix.openei.org/submissions/144.
Cryar, R., Rivers, V., Guerra, J., Quilling, C., Dorthmuth, Z., & Saleem, D. (2023). Supply Chain Cybersecurity Recommendations for Solar
Photovoltaics. [Data set]. C-MIX - Community Microgrid Information Exchange. NLR. https://cmix.openei.org/submissions/144
Cryar, Ryan, Vikash Rivers, Jennifer Guerra, Chelsea Quilling, Zoe Dorthmuth, and Danish Saleem. Supply Chain Cybersecurity Recommendations for Solar
Photovoltaics. NLR, August, 1, 2023. Distributed by C-MIX - Community Microgrid Information Exchange. https://cmix.openei.org/submissions/144
@misc{CMIX_Dataset_144,
title = {Supply Chain Cybersecurity Recommendations for Solar
Photovoltaics},
author = {Cryar, Ryan and Rivers, Vikash and Guerra, Jennifer and Quilling, Chelsea and Dorthmuth, Zoe and Saleem, Danish},
abstractNote = {Solar photovoltaic (PV) cybersecurity is a growing field of research. As deployments of solar PV has increased, cyber risk has also increased. However, utility solar PV installations are not required to comply with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) unless they meet a minimum generation threshold of 75 Megawatts (MW). Individual residential scale solar PV deployments will not meet that generation threshold and are therefore excluded from NERC CIP requirements. With most solar installations below 75MW, solar PV has been deployed with minimal oversight and highly variable cybersecurity maturity. The resources that make up the digital supply chain can include software, code, data, as well as other digital components. However as clean energy technology advances, cybersecurity threats and vulnerabilities continue to evolve and grow in sophistication. Solar PV faces a unique challenge in which it can be deployed in residential buildings and purchased by a consumer directly. This makes the supply chain of PV a unique challenge, where responsible parties for cybersecurity vary widely depending on the type of solar PV being deployed. Supply chain cybersecurity for solar PV represents a critical area for ensuring safe operations as the U.S. moves towards a clean energy future.},
url = {https://cmix.openei.org/submissions/144},
year = {2023},
howpublished = {C-MIX - Community Microgrid Information Exchange, NLR, https://cmix.openei.org/submissions/144},
note = {Accessed: 2026-06-18}
}
Details
Data from Aug 1, 2023
Last updated Mar 30, 2026
Submitted Jun 2, 2026
Organization
NLR
Contact
Danish Saleem
Authors
