Digital security becomes the new standard for inverters (RED)

Legislation on digital security is accelerating. Since August 1st, stricter requirements have been in force for inverters. What does this mean for you as an installer? Quite simply: basic cybersecurity is now mandatory. This is no longer an optional extra, but an essential part of your craftsmanship.

What is the new legislation?

The European Radio Equipment Directive (RED) has been tightened. This law covers all devices that connect via Wi-Fi or Bluetooth, including inverters. The law obliges manufacturers to better secure their equipment against hackers, data breaches, and fraud. Why is this necessary? Solar panels are increasingly connected online, which poses risks such as the leakage of consumption data or the remote manipulation of solar systems.

The law sets minimum ‘hygiene requirements’ for the product itself, such as:

• Unique passwords per inverter (no standard factory settings).

• Encrypted network connections to protect data.

• No known vulnerabilities at the time of sale.

Your role as an installer

The law governs the basic security of the product, but the rest of the digital security starts with you. Customers expect you to take their concerns seriously. These are the crucial steps:

• Check the CE marking if necessary. Only inverters with a CE marking comply with the RED requirements.

• Inform your customer. Proactively inform your customer about the security measures. This builds trust and positions you as an expert.

• Adopt professional protocols. Use a unique password for each installation and properly secure your own installer account.

How to answer customer questions

Prepare for frequently asked questions:

• “Is a unique password set up?”

• Example answer: “Yes, according to the new European law, this is mandatory. Each system receives a unique, strong password.”

• “How is my data protected?”

• Example answer: “The device itself meets strict requirements for basic cybersecurity. Communication via the network is encrypted.”

• “What about a malfunction or data breach?”

• Example answer: “The manufacturer is responsible and can often solve problems with a software update. You can count on us to maintain the installation.”

What the future holds: Cyber Resilience Act (CRA)

This is just the beginning. A new law is coming soon, the Cyber Resilience Act (CRA). Where the RED protects the device itself, the CRA will also cover the manufacturer's apps and cloud environments. From 2027, the manufacturer will be responsible for this, which will further strengthen the security of the entire digital chain. We will inform you about this when it becomes relevant.

Digital security is no longer an afterthought, but a permanent part of your service.