As concerns about cybersecurity and energy security increasingly shape renewable energy policies worldwide, India is facing a growing debate over its dependence on imported solar inverters, especially those from China.
According to the latest report from JMK Research & Analytics, over 27.5 GW of inverter shipments were recorded in India in the first quarter of 2026 by 19 suppliers of both central and string inverters. In the central inverter segment, Chinese manufacturers held a dominant share, with Sungrow, Sineng Electric and Hopewind accounting for nearly 85.5% of total shipments. In the string inverter segment, Sungrow, Sineng Electric and TBEA together held approximately 45.7% of the market.
While growing cybersecurity concerns have prompted the EU to consider restrictions on financing PV projects that use inverters supplied by high-risk suppliers like China, experts say India may need a more calibrated approach – one that strengthens security oversight without disrupting solar deployment.
Cybersecurity risks to the national power grid
Sonam Chandwani, Managing Partner at KS Legal & Associates, says the main concern surrounding imported Chinese inverters extends beyond commercial dependence to cyber security and strategic vulnerability.
“Modern inverters are intelligent digital systems connected to the power grid and capable of remote communications. This raises concerns about data access, power grid security and excessive dependence on foreign-controlled technology in critical infrastructure,” she said.
According to Santosh Jinugu, partner at Deloitte India, the growing dependence on imported PV inverters in India’s solar farms poses a significant cybersecurity risk to the national grid.
“These inverters are closely linked to OT, IT and enterprise systems for monitoring and metering and are also connected to the grid through Load Dispatch Centers. This level of connectivity creates potential entry points for cyber threats,” Jinugu said.
Jinugu noted that there is a real risk that imported inverters may contain backdoors, such as embedded IoT components with radio or 4G/5G capabilities that can communicate with external systems. Such modules can be extremely difficult to detect due to their size and packaging and can potentially be exploited to disrupt remote power generation.
Teppo Hemiä, founder and CEO of Wirepas, said that as energy systems become increasingly digital and interconnected, cybersecurity must be treated as a fundamental requirement for grid resilience and operational continuity.
“Potential vulnerabilities in connected energy infrastructure can arise in several areas, including insecure remote access mechanisms, weak authentication or credential management, unpatched firmware or software, unsecured communication interfaces, insufficient network segmentation, lack of visibility into connected devices and data flows, and vulnerabilities introduced by third-party integrations in the supply chain,” Hemiä said, before adding that cybersecurity in large-scale industrial and utility environments must be addressed holistically across all devices, connectivity, cloud systems and operational systems. processes.
Existing regulations
India has gradually tightened quality and compliance requirements for solar inverters.
Megha Arora, partner at CMS INDUSLAW, says the procurement of inverters for government-funded and subsidized solar projects in India is increasingly regulated by a combination of quality control requirements, localization preferences and cybersecurity mandates.
“As per the Solar Systems, Devices and Components Goods Order, 2025 issued by the Ministry of New and Renewable Energy (MNRE), Bureau of Indian Standards (BIS) certification is mandatory for all solar inverters supplied in India, including off-grid, grid-tied and hybrid inverters. Manufacturers must comply with Indian standards such as IS 16221 (Part 2): 2015 and IS 16169:2019, with model-wise efficiency testing is also mandatory under applicable standards. Products manufactured in different facilities must undergo separate testing and mandatory marking requirements apply,” Arora said.
“At the same time, the Bureau of Energy Efficiency (BEE) introduced a standardization and labeling program for grid-connected solar inverters.
“Further, the MNRE issued cybersecurity compliance requirements under Prime Minister Surya Ghar: Muft Bijli Yojana in July 2025, which mandated that inverter communications equipment should connect only to national servers operated by the government or designated agencies. The use of communications systems that transmit data to foreign servers has been discouraged for cybersecurity and energy security reasons.”
Although India has not introduced a specific ALMM-style domestic content mandate for inverters, the government is increasingly favoring local manufacturing.
“SECI tenders often require tenders from ‘Class I local suppliers’ under the Public Procurement (Preference to Make in India) Order, 2017, which generally requires at least 50% local content. In addition, bidders from countries sharing a land border with India remain subject to registration restrictions under Rule 144 (xi) of the General Financial Rules,” Arora said.
Gaps remain
Government procurement frameworks already provide tools to impose technical standards, data localization requirements and trusted supplier criteria, without imposing an outright ban on Chinese-made inverters. However, experts emphasize that important gaps still exist in the current regulatory framework.
According to Jinugu, while India’s current testing procedures under the Bureau of Indian Standards (BIS) and the Compulsory Registration Scheme (CRS) evaluate security, grid compatibility and efficiency, they do not adequately address cybersecurity risks.
“While importers are required to submit construction data forms and critical component lists to disclose internal components, these mechanisms rely on self-reporting and can be circumvented if malicious components are deliberately omitted,” he said.
Jinugu suggested that the government should ensure that all OEMs and importers adhere to IEC 62443-4-1, which focuses on the secure product development life cycle (the process), and the technical security requirements of IEC 62443-4-2. He believes that strengthening these measures will be essential to protect India’s energy infrastructure from evolving cyber threats.”
Is a European-style restriction feasible??
Experts warn that India may not yet be able to implement restrictions similar to those being considered in parts of Europe.
Chinese manufacturers dominate inverter shipments to India due to their technological maturity, large-scale manufacturing ecosystems and competitive pricing.
Arora highlights that India’s domestic inverter manufacturing ecosystem is still underdeveloped relative to the size of the country’s fast-growing solar market, especially in advanced utility-scale inverter technology.
India’s cumulative installed solar capacity was around 150 GW as of March 2026, with more than 44 GW in the 2025-2026 financial year alone. This pace of deployment has created significant demand for solar inverters and related power electronics equipment.
“Chinese manufacturers have dominated the Indian inverter market for several years due to their economies of scale, mature manufacturing ecosystems and advanced power electronics technology. This cost advantage is especially important in India as utility-scale solar projects are awarded through highly competitive rate-based bidding processes where reducing capital costs is critical,” Arora said. “The same commercial logic that enabled China’s dominance in solar panels applies even more strongly in the inverter segment, where India’s domestic manufacturing capacity is significantly weaker.”
“Inverter manufacturing requires advanced electronics, semiconductor integration and strong research capabilities,” Chandwani added. “Chinese companies dominate because they have scale, price advantages, mature supply chains and proven technology. India has growing manufacturing potential but is still heavily dependent on imported components and technology.”
Chandwani said domestic companies are doing better but it would be commercially difficult to immediately replace Chinese dominance.
A phased approach is preferred
Industry experts view full localization of inverter technology as a mid- to long-term goal and not a short-term possibility. According to them, an immediate restriction on Chinese inverters could cause supply chain disruptions and increase project costs at a time when India is pursuing ambitious renewable energy targets.
Chandwani argues that a phased regulatory framework would be more practical and legally sustainable than a sudden ban.
“India should avoid an abrupt blanket ban, similar to those being considered in parts of Europe, as its domestic ecosystem is not yet fully prepared to replace Chinese suppliers on a large scale,” she added. “However, India has the right to impose stricter cybersecurity audits, trusted supplier requirements, phased localization standards and restrictions on sensitive government projects.”
Rather than specific geopolitical measures or supplier restrictions, Hemiä believes that the priority should be to establish strict cybersecurity and resilience requirements that apply to all critical infrastructure technologies and suppliers.
Building resilient, interoperable and secure infrastructure ecosystems is essential to supporting long-term operational continuity and energy security.
