The hidden infrastructure risk that could derail America’s energy transition

On May 15, 2025, federal investigators disclosed that undocumented "ghost" communication modules were embedded in some Chinese-manufactured solar inverters. China produces about 70 percent of the world's inverters, according to the International Energy Agency. Multiply that share across the millions of distributed energy resources (DERs) the United States will deploy this decade and you have a network whose endpoints outnumber today's central-station assets by orders of magnitude.

Here's what keeps me up at night: Each inverter, battery-management system and smart meter contains firmware and communications devices that grid operators seldom inspect and cannot easily patch. As an industry, we’re essentially deploying millions of black boxes across our critical infrastructure. The energy transition's defining strength—scale—has become our biggest vulnerability.

Why conventional defenses fall short

Traditional perimeter tools were designed for a grid dominated by a few hundred control-room assets. Distributed energy completely flips that model:

• Scale: We're defending millions of endpoints instead of dozens of plants
• Diversity: Multiple vendors, protocols and code bases make uniform hardening nearly impossible
• Physical exposure: Rooftop and roadside installations lack utility-grade site security
• Supply-chain opacity: Operators receive only "black-box" documentation of embedded components

I've personally torn down equipment from major manufacturers and found undocumented hardware, hidden communication devices, and features that weren't in any manual. This isn't theoretical—it's happening right now.

Principles for a secure distributed grid

After years of building and securing distributed energy systems, here's what actually works:

1. Zero-trust architecture: Never trust vendor-supplied data paths. Ever. If you didn't build it, assume it's compromised.

2. Hardware agnosticism: Abstract your control logic from field devices. When (not if) you need to swap suppliers, you should be able to do it with minimal code updates.

3. Physical verification: Tear-down inspections and software bills of materials (SBOMs) must continue through the asset's entire operational life. A clean bill of health at installation means nothing if someone adds hardware during a maintenance visit six months later. Trust but verify? No, verify continuously.

4. Active anomaly detection: Layer RF sweeps and AI-driven behavioral analytics on top of traditional defenses.

Action items for key stakeholders For utilities and grid operators:

• Demand full SBOMs and disclosure of every communication interface—no exceptions
• Build capabilities that make it easy to diversify or switch suppliers
• Budget for ongoing field audits that go beyond factory acceptance tests

For policymakers:

• Expand production tax credits to incentivize secure, domestic inverter supply chains
• Fast-track approvals for technologies that can harden insecure channels
• Stop treating cybersecurity as separate from grid reliability and stability—they're the same thing

For manufacturers and integrators:

• Move security "left" in the product lifecycle—it's a design requirement, not a feature
• Publish peer-reviewed API documentation
• Share threat intelligence—attackers already share, why don't we?

Trust is the grid's real operating reserve

Here's the brutal truth: Customers adopt clean-energy technologies because they believe in the promise of a sustainable, reliable future. A single, well-timed exploit of an inverter fleet could shatter that trust overnight—and with it, public support for the entire energy transition.

The tools to prevent this outcome exist today. What we lack is the collective will to implement them before it's too late. Every day we delay is another day adversaries probe our infrastructure, map our vulnerabilities, and wait for the right moment to strike, if they haven’t already.

The energy transition is too important to falter over avoidable security gaps. By embracing transparent supply chains and secure-by-design principles today, we can deliver the resilient grid the public deserves.

The choice is ours. Let's get it right.