TL;DR
European regulators have announced restrictions on funding for projects using high-risk Chinese inverters, marking a significant policy shift. Experts caution that banning Chinese inverters alone won’t address broader cybersecurity vulnerabilities in renewable energy infrastructure.
The European Commission has announced restrictions on EU funding for solar projects that use high-risk inverter vendors, primarily targeting Chinese-made inverters. This move marks a significant policy shift aimed at reducing dependency on Chinese technology amid cybersecurity concerns, but experts warn it may not effectively address the sector’s vulnerabilities.
The European Commission’s decision, announced in March 2026, restricts funding for projects utilizing certain high-risk energy technology vendors, including Chinese inverters. This policy is part of a broader effort to enhance energy security and reduce reliance on foreign suppliers perceived as cybersecurity threats. According to sources familiar with the policy, approximately 10-20% of new solar project financing in Europe could be affected, with plans to expand similar restrictions to wind and battery storage systems.
However, cybersecurity specialists, including Uri Sadot of SolarDefend, emphasize that banning Chinese inverters alone will not eliminate systemic vulnerabilities. Over 300 GW of Chinese-made inverter capacity is already operational across Europe and will remain in use for years. Many Western manufacturers also rely on Chinese components, blurring the line between ‘Chinese’ and ‘non-Chinese’ technology. Moreover, cyberattacks often target other connected systems such as data loggers, network gateways, and control devices, which are not necessarily linked to the inverter’s country of origin.
Implications for European Energy Security Policies
This development signifies a strategic shift in European energy policy, emphasizing supply chain diversification and increased cybersecurity measures. While restricting Chinese inverter use may support industrial independence, experts warn it could lead to increased costs and supply chain complexities. More importantly, it highlights the need for comprehensive cybersecurity standards that go beyond hardware sourcing, including better asset visibility and network security practices. The debate underscores that cybersecurity risks in renewable energy are multi-faceted and cannot be mitigated solely through hardware bans.

Shophubio Solar Grid Tie Inverter 1600W, Inverter with MPPTs, IP65 Waterproof, Wireless APP Monitoring for Home Balcony Power Station System(1600w)
- High-Precision Monitoring: Accurately tracks component performance
- Enhanced Safety Design: Individual safety features for each component
- Maximized Power Output: Optimizes efficiency with MPPT technology
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Broader EU Cybersecurity and Energy Policy Developments
Earlier this year, the European Commission released the draft Cyber Security Act 2 (CSA 2), which explicitly identified solar energy as a critical sector requiring enhanced cybersecurity measures. The draft recommends phasing out high-risk vendors in areas like 5G infrastructure, indicating a broader policy initiative aimed at reducing dependency on foreign technology perceived as a threat. Discussions involving policymakers, industry groups, and manufacturers are ongoing in Brussels, signaling that the current restrictions on Chinese inverters are part of a larger strategy to bolster energy and cyber resilience.
“Banning Chinese inverters alone won’t solve Europe’s cybersecurity vulnerabilities. The real challenge lies in securing the entire ecosystem of connected devices and implementing comprehensive standards.”
— Uri Sadot, SolarDefend founder
Unresolved Challenges in Solar Cybersecurity
It remains unclear how effective the funding restrictions will be in practice, given the extensive existing Chinese inverter capacity and the reliance on Chinese components within Western-made inverters. Additionally, the actual impact on cybersecurity risks is still being assessed, as attackers often exploit other vulnerabilities in connected systems beyond hardware origin. The extent to which these policies will influence the broader threat landscape remains uncertain.
Next Steps in EU Cybersecurity and Industry Response
European policymakers are expected to continue discussions on expanding restrictions and implementing technical standards for cybersecurity in energy infrastructure. Industry stakeholders are likely to push for clearer regulations, better asset visibility, and international cooperation to address supply chain vulnerabilities. Monitoring how these policies influence project financing, supply chains, and attack vectors over the coming months will be critical to understanding their true effectiveness.
Key Questions
Will banning Chinese inverters eliminate cybersecurity risks in Europe’s solar grid?
No, experts warn that cybersecurity vulnerabilities extend beyond hardware origin to include connected devices, network security, and human factors. Banning Chinese inverters alone is unlikely to fully mitigate risks.
How much of Europe’s solar capacity relies on Chinese-made inverters?
Over 300 GW of Chinese-made inverter capacity is already installed across Europe and is expected to remain operational for years, making a complete replacement highly challenging and costly.
What other measures are being considered to improve cybersecurity in renewable energy?
Beyond hardware restrictions, the EU is exploring technical standards, asset visibility enhancements, and stricter cybersecurity regulations for connected devices and network infrastructure.
Could these policies impact the cost and deployment of renewable energy projects in Europe?
Yes, increased supply chain restrictions and the need for system upgrades could raise costs and slow project deployment, though the long-term goal is to improve security and independence.
When will the EU’s cybersecurity measures for energy be finalized?
Discussions are ongoing, with final policies expected to be clarified in the coming months as part of the broader implementation of CSA 2 and related regulations.
Source: PV Magazine