The EU’s Economic Security Doctrine has identified solar inverters as a high-risk dependency, a move that the European Solar Manufacturing Council (ESMC) has lauded.
Announced earlier this month, the doctrine includes solar inverters and their supply chains among its assessment of risks to the EU’s critical infrastructure. It particularly highlights cybersecurity concerns and the “reliance on a single supplier” as points of risk.
Try Premium for just $1
- Full premium access for the first month at only $1
- Converts to an annual rate after 30 days unless cancelled
- Cancel anytime during the trial period
Premium Benefits
- Expert industry analysis and interviews
- Digital access to PV Tech Power journal
- Exclusive event discounts
Or get the full Premium subscription right away
Or continue reading this article for free
The ESMC said it “welcomes” the doctrine; secretary general Christoph Podewils said: “The security doctrine is a wake-up call for the EU member states: They now need to work on massively reducing dependencies and cyber risks.”
The EU Commission outlined possible plans to combine its “tools” to combat cyber and supply risks, including the NIS2 cybersecurity directive, the Net Zero Industry Act (NZIA) and assessments of overseas measures which may “distort the level playing field in solar energy markets, notably through subsidised imports”. Depending on implementation, this last point could mark a harder line than has previously been taken with solar module and cell manufacturing, which has largely departed the continent.
The ESMC said it particularly welcomes plans to “support the development of trusted suppliers of critical subcomponents in the EU and in trusted third countries so that there are viable alternatives” to the current Chinese-dominated inverter supply.
The trade body—which represents a group of European solar manufacturers—said that around 80% of “Europe’s new PV systems” use Chinese-made inverters, “with two vendors dominating Europe’s market”. Data from sun.store, the European PV wholesale platform, shows that Huawei, Sungrow and Deye have led installations for both hybrid and string inverters in much of 2025.
The EU has more than enough inverter manufacturing supply to meet its deployment demand, according to recent data from SolarPower Europe. Producers like SMA Solar and Fronius produce inverters in Europe and have some strong market penetration, though they have struggled in recent years with financial losses, which have led to job cuts.
The doctrine, which can be read in full here, describes plans to reserve “critical EU manufacturing capacities with the potential to scale up in times of global supply chain disruptions or health crises” as well as supporting “trusted suppliers”.
Solar inverters and cybersecurity
The announcement comes after the ESMC and SolarPower Europe both called for active support for the continent’s inverter manufacturers, after lower prices and greater competition from Chinese firms began to threaten their futures. Unlike solar module manufacturing, which involves heavily commoditised and fairly interchangeable, static products, inverters have become the “brains” of renewable energy systems, according to SolarPower Europe deputy CEO, Dries Acke, who spoke with PV Tech Premium earlier this year.
Once installed, solar and energy storage systems rely on inverters for continuous software operation, monitoring and flows of data, which exposes them to greater risk. The situation has been likened to a dependency on a flow of oil or gas rather than simpler shipments of solar panels.
This software dependency opens the door to security risks. The ESMC said: “Firmware or software updates could influence millions of systems simultaneously. This could result in serious harm for the European power system including large blackouts.”
Inverter cybersecurity has been making industry headlines in recent months, after a group of EU parliamentarians called for restrictions on Chinese inverters citing “energy security risks”, and both the Czech Republic and Lithuania introduced restrictions on Chinese products, specifically.
The EU’s Economic Security Doctrine did not explicitly mention China in its discussion of inverters, or anywhere else in the text, despite the “single supplier” likely being a reference to major Chinese companies.
In an interview with PV Tech Premium earlier this year, head of energy cybersecurity at the Czech Technical University in Prague, Erika Langerová, said that the Commission’s reluctance to explicitly mention China in protective measures around inverters could cause problems, “because you’re not able to do targeted mitigation measures, you just have vague recommendations.”
However, cybersecurity concerns are not limited to China. Langerová also told us that Russian hackers and bad actors are more aggressive towards Europe, and that technical vulnerabilities in servers, inverters or energy storage systems could be exploited by aggressors from anywhere.
You can read our full deep dive into European solar cybersecurity here.
