Victorian solar and storage assets are remotely monitored for thirty-year lives, yet cybersecurity is often treated as an IT afterthought. Solar Powerstations Victoria integrates segmentation, patching discipline and access control into SCADA specification—not as a bolt-on policy document after energisation.
Portfolio operators face ransomware risk, credential theft and vendor remote access that bypasses corporate controls. A single compromised VPN path to inverters or PPC systems can affect market bidding, safety interlocks and insurer warranties.
Architecture principles
We specify defence in depth: DMZ between field devices and enterprise networks, role-based access, multi-factor authentication for remote sessions, and logging that supports incident response. Flat networks that “simplify” commissioning create long-tail exposure.
- Separate OT and corporate VLANs with controlled jump hosts
- Inventory all remote access paths—including vendor maintenance tunnels
- Document firmware baselines and patch windows with rollback plans
- Align with DNSP and AEMO telemetry requirements without exposing control planes
Vendor and O&M reality
O&M contractors need efficient fault response, but open RDP to combiner-level equipment is not acceptable. We implement time-bound access, session recording where appropriate, and contractual cybersecurity obligations in O&M agreements.
Hybrid sites such as Wimmera add battery management interfaces; each additional protocol is another surface to harden.
Cybersecurity is availability insurance. An unavailable SCADA system is curtailment by another name.
Monitoring and governance
Owners should receive quarterly summaries of patch status, failed login attempts and configuration changes—not only monthly MWh reports. We support alignment with common frameworks without claiming checkbox compliance equals safety.
Company view
We refuse handover where default passwords remain, undocumented remote access exists, or critical patches are indefinitely deferred. Those conditions create liability for owners and operators alike.
Supply chain and firmware governance
Inverter and PPC vendors publish firmware on varying cadences. We maintain a register of approved versions, test benches for upgrades and rollback media stored offline. Unauthorized technician laptops on site networks are prohibited—jump hosts only.
Incident response and insurance
Owners should rehearse loss-of-telemetry scenarios: who can manually curtail, who speaks to AEMO and DNSP contacts, and how vendor support is engaged under pressure. Insurance policies increasingly ask about patch cadence and remote access—documentation from commissioning should be maintained in the data room.
Penetration testing on OT environments should be scoped to avoid disruptive tests during market peak periods. We coordinate windows with operators and document remediations with severity ratings.
Telemetry integrity and market operations
Corrupted telemetry can trigger market penalties or missed FCAS payments. We validate time sync, redundant communication paths and alarm prioritisation so operators see actionable faults first. Hybrid plants require clear ownership of setpoints when solar and storage vendors disagree.
Legacy assets retrofitted with new PPC systems need migration plans—parallel running, rollback and training for control room staff. Cybersecurity for retrofits is harder than greenfield; budget accordingly.
Third-party O&M and hosting
When owners appoint third-party O&M, access credentials must be provisioned through identity systems—not shared passwords. Contract schedules should require evidence of patch compliance quarterly. We review O&M cybersecurity schedules at bid stage.
DNSP remote disconnect capabilities and market operator interfaces should be documented in network diagrams with explicit trust boundaries. Any path that can curtail generation is a critical asset.
Training for on-site staff covers phishing risks and USB media policies—simple controls that prevent disproportionate harm. Annual tabletop exercises with owners and O&M validate that runbooks work when telemetry fails during heatwave curtailment events.
Technical enquiries: connect@solarpowerstations.net. See also BESS revenue stacking for market interface dependencies.
Common questions
Is remote access required?
Often yes—but segmented, logged and patched—not open vendor tunnels.
What about legacy plants?
Migration plans with rollback are harder than greenfield—budget accordingly.
Do operators need training?
Phishing and USB policies matter as much as firewalls for availability.
Discuss your project
Share site or portfolio context for structured assessment.