DOME Tour Sweden 2026 continues in Luleå – Insightful discussions and strong engagement
DOME Tour Sweden 2026 continues in Luleå – Insightful discussions and strong engagement DOME…
At the beginning of this decade, a typical solar power plant was a technically straightforward entity: a row of inverters, a substation, a physical fiber-optic connection, and a traditional serial communication protocol. The system’s isolation and simplicity were its best defenses against cyber threats.
Today, the landscape is radically different. A modern renewable energy facility is a hyper-connected hybrid that communicates constantly with multiple stakeholders, utilizes cloud services, and operates on the electricity market in fractions of a second. Simultaneously, the importance of these plants to national security of supply and grid frequency stability has become critical.
The question remains: Has your infrastructure protection kept pace with the technological leap, or are you operating on borrowed time?
The death of isolation: Why your “safe” off-grid logic is obsolete
In the traditional model, a solar plant’s Power Plant Controller (PPC) handled data transfer to the grid operator via a protected fiber connection and a serial-based protocol (e.g., IEC 101). Because the traffic was not IP-based, the attack surface was inherently limited.
Modern architecture has become significantly more complex at power grids. For instance, the Baltic states’ transition away from the Russian power grid (the BRELL system) toward synchronization with continental Europe has made local frequency management more vital than ever. This shift has given rise to hybrid plants where solar power and Battery Energy Storage Systems (BESS) work seamlessly together.
This evolution has introduced at least four critical communication requirements:
- DSO (Distribution System Operator): Ensures safe and stable operation of the distribution network.
- TSO (Transmission System Operator): Enables participation in the reserve and balancing markets.
- EMS (Energy Management System) and energy trading platforms: Supports optimization, forecasting, and market participation.
- Manufacturers of cloud services: Provide remote diagnostics, performance monitoring, and warranty compliance.
In many deployments, these communication streams are routed through a single 4G/5G gateway alongside multiple VPN connections. This convergence introduces a substantial cybersecurity risk, one that remains insufficiently addressed across a significant portion of the industry.
The invisible “phone call to home”: Are you trading national security for a warranty?
One of the greatest silent risks in renewable energy relates to the cloud connectivity required by equipment manufacturers. Approximately 80–90% of global inverter and battery capacity comes from Chinese manufacturers, whose hardware requires a constant online connection to their own servers to maintain warranty validity.
This creates a risk that is difficult to manage through traditional means. Without proper monitoring, it is nearly impossible for an operator to know exactly what data is moving through the manufacturer’s channel or what commands can be remotely injected into the hardware. When dealing with equipment that regulates national frequency, the risk no longer concerns just the plant owner, it threatens the infrastructure of the entire society.
Ask yourself: Are you certain who is really in control of your assets?
Milliseconds matter: Is your nerve center too slow to survive?
Previously, the PPC had a simple task: adjust power up or down. Now, it is the plant’s nerve center, managing active and reactive power, regulating voltage, and delivering demanding balancing such as FCR (Frequency Containment Reserve), aFRR, and mFRR.
Four fatal flaws: The ticking time bombs in modern OT environments
Based on our experience, there are currently four significant vulnerabilities in renewable energy sites that most owners choose to ignore:
- Unmanaged cloud connections: Devices may update their software automatically without coordination or approval, bypassing your security protocols entirely.
- Neglected hardware: Operational Technology (OT) update cycles are traditionally slow, but the regulatory clock is ticking. In Latvia, the TSO already mandates critical security updates within 60 days. Are you ready to move that fast?
- The expertise gap: Cybersecurity for OT is a specialized discipline. Relying on traditional office-IT expertise is a gamble you are likely to lose.
- Systemic sabotage: Recent observations in Europe suggest that attackers may seek to control large battery capacities to intentionally disrupt grid frequency.
Compliance isn’t security: Why passive monitoring is a fast track to failure
Cybersecurity is not a static state or a box to be checked; it is a continuous war of attrition. Netcontrol has developed the DOME service also to move renewable energy assets from passive vulnerability to active defense.
DOME is not just a software solution; it is a comprehensive service that supports operator resilience. Our top experts in the Nordics and Baltics monitor network events, analyze anomalies, and react to threats in real-time. It offers operators and investors genuine security rather than mere regulatory compliance.
The DOME service complements our ONE maintenance service, which covers the life cycle management and proactive maintenance of Netcontrol’s RTU hardware, as well as our VALVOT full SCADA service, ensuring total operational efficiency.
Security by design or chaos by default? The choice is yours.
Cybersecurity and lifecycle management must be integral parts of a power plant’s design phase, not an expensive add-on implemented after a breach. Retrofitting is a costly admission of failure and rarely as effective as “security by design.”
Today’s energy transition requires a smarter grid, but intelligence must not come at the cost of stability. It is time to throw out the old playbook and update your cybersecurity strategy to face the realities of modern warfare in the renewable energy sector.
At the ESELO 2026 event in Riga, Latvia, Kristaps Alcmanis, Managing Director from Netcontrol SIA, held a keynote speech titled “Management and cybersecurity of hybrid parks of solar power plants and Battery Energy Storage Systems (BESS)”. In the speech, Kristaps highlighted the importance of cybersecurity in renewable energy and how cyber risks and attacks shape the way utilities respond to the energy transition.