Cyber-physical risk management for PV photovoltaic plants

Document Type

Conference Proceeding

Publication Date



Department of Mechanical Engineering-Engineering Mechanics; Center for Cybersecurity


This paper presents a risk assessment method for evaluating a grid-connected Commercial Photovoltaic (PV) plants. Commercial PV plants are heavily dependent on technical information from control systems, some of which are dated relative to modern processors and communications. Through an initial case study of an existing PV plant, this paper explores the cybersecurity posture of a PV plant, examines the vulnerabilities and attack vectors against a PV plant, and identifies some issues that are unique to its Industrial Control System (ICS) architecture. Finally, the paper presents an initial risk management framework that addresses cybersecurity finding and best practices.

Publisher's Statement

© 2018 IEEE. Publisher's version of record:

Publication Title

2017 International Carnahan Conference on Security Technology (ICCST)