Original post date: September 4, 2024
Last updated: September 4, 2024
Recently, a security researcher discovered that it may be possible to disrupt a power grid from an app. You can read the coverage here (shorter version) or here (longer coverage and background).
The problem comes from the management apps for solar panels, which have grown in number in recent years and already contribute to an important part of total power production.
The power grid is quite fragile, and a rapid shutdown can destabilize it. For example, if a large number of solar panels stop producing at the same time, this could happen.
Shutting them down in sync is possible because the management of such panels is often done via an app hosted by the panel manufacturer. Someone could be able to shut down all panels of a given manufacturer voluntarily or due to a breach.
This situation prompts a critical question: Is it wise to entrust the control of all our embedded systems to cloud-based apps?
Over the years, this has become a preferred method of many manufacturers because it saves the costs of developing a remote control or a screen.
Perhaps it’s time to reconsider this approach. Would a small embedded web server offering more localized control be a better alternative?
(*) The leading image is AI-generated.