Skip to content

Operation & Maintenance Best Practices Guidelines (Version 6.0)

Do you prefer the guidelines as a pdf file?

Download PDF

Are you interested in downloading a specific chapter?

Download PDF

Search the reports?

Search

Foreword
Executive summary
1 Introduction
2 Health, Safety, Security, and Environment
3 Personnel & training
4 Power Plant Operation
5 Power Plant Maintenance
6 Common Tests and Inspections
7 Revamping and Repowering
8 Spare Parts Management
9 Data and Monitoring Requirements
10 Key Performance Indicators
11 Contractual framework
12 Innovations and trends
13 O&M for rooftop solar
14 References
15 Annex
Foreword
Executive summary
1 Introduction
2 Health, Safety, Security, and Environment
3 Personnel & training
4 Power Plant Operation
5 Power Plant Maintenance
6 Common Tests and Inspections
7 Revamping and Repowering
8 Spare Parts Management
9 Data and Monitoring Requirements
10 Key Performance Indicators
11 Contractual framework
12 Innovations and trends
13 O&M for rooftop solar
14 References
15 Annex
09

Data and Monitoring Requirements

This chapter explores the pivotal role of SCADA (Supervisory Control and Data Acquisition) systems and effective data management in optimising solar photovoltaic (PV) plant performance. It highlights how these systems enable real-time monitoring, fault detection, and automation, contributing to improved efficiency and reliability. By leveraging robust data governance, advanced analytics, and integration frameworks, SCADA systems ensure seamless operations, secure communication, and data-driven decision-making. Together, these tools form the foundation for maximising energy production and ensuring the long- term sustainability of solar PV installations.

Effective SCADA (Supervisory Control and Data Acquisition) and data management systems play a pivotal role in optimising the performance of solar photovoltaic (PV) plants. These systems enable enhanced monitoring and fault detection by providing real-time and historical data, facilitating early identification of issues to minimise downtime and maximise energy production. Additionally, the collection and analysis of data support the calculation of Key Performance Indicators (KPIs), which are vital for benchmarking efficiency, identifying improvement opportunities, and tracking progress. SCADA systems also automate critical plant operations such as inverter control and grid synchronisation, reducing manual intervention and improving overall efficiency. By integrating operational data with weather or historical records, operators gain deeper insights into plant performance and contributing factors. Moreover, digitalising procedures and maintenance activities enhances accessibility, consistency, and knowledge sharing, streamlining operations and improving service quality.

In essence, a well-designed data and monitoring system acts as the central nervous system of a solar PV plant. By effectively collecting, analysing, and utilising data, we can achieve optimal performance, maximise energy production, and ensure long-term plant health and profitability.

9.1. Implications of Data, Infrastructure, and Governance

Optimising solar PV installations requires effective data management practices. The key elements:

•         Standardised Data Management:

•         Ensures data accuracy, consistency, and accessibility

•         Involves defined collection protocols, data ownership structures, and quality control mechanisms

•         Standardised formats and metadata improve discoverability and analysis

•         Robust Data Infrastructure:

•         Traditional storage may struggle with ever-growing data volumes

•         Consider cloud storage, distributed processing frameworks (Hadoop/Spark), and robust security

•         Utilise data lakes for raw data and data warehouses for structured analysis

•         Data Governance Frameworks:

•         Build on standardised procedures with a comprehensive management framework

•         Define roles, access controls, and ensure adherence to regulations

•         Mitigate risks like data breaches, privacy violations, and non-compliance

•         Modern Data Governance Paradigms:

•         Data lineage tracks data origin and transformations, fostering trust and transparency

•         Data provenance focuses on data origin and ownership, aiding compliance and attribution

By integrating these elements, organisations can cultivate a data-driven culture that empowers informed decision-making, enabling teams to act strategically based on accurate insights. This approach unlocks the full potential of data assets, driving innovation and operational optimisation across processes. Ultimately, such integration positions organisations for sustainable success, allowing them to thrive in an increasingly data-centric landscape.

9.2. Concepts

Interoperability-overcoming Data Silos

A significant challenge in solar PV installations is the presence of disparate systems that hinder data exchange, resulting in limited visibility and suboptimal performance. The solution lies in achieving interoperability, which enables seamless communication between SCADA (Supervisory Control and Data Acquisition) systems and Service Management Systems (SMS). This integration ensures cohesive data flow, enhancing operational transparency and facilitating better optimisation of plant performance.

Key Strategies:

•         Standardised Protocols: Use common protocols like Modbus or IEC 60870-5-104 for device-to- SCADA communication. Consider IEC 61850/61870 for broader system integration

•         Open Interfaces: Leverage RESTful APIs for effortless data exchange between SCADA, monitoring, and external applications

•         Unified Data Model: Implement a standardised data model for consistent data interpretation by the central platform, enabling a holistic view

Integrating SCADA, SMS, and financial systems provides enhanced visibility, enabling comprehensive analysis and informed decision-making. Streamlined operations are achieved through the automation of tasks and workflows, optimising maintenance processes and service dispatch. By incorporating extensible data models and broad protocol support, the system

is future-proofed to integrate new digital services seamlessly. This robust communication infrastructure empowers data-driven decisions, improves operational efficiency, and ensures the solar PV system’s adaptability to evolving technological demands.

SCADA

A SCADA system serves as the mission control centre for a solar PV plant, comprising a comprehensive suite of hardware and software designed to perform the following critical functions. Its primary functions include:

•         Real-time monitoring: Continuously gathers data on power generation, inverter status, weather conditions, and more

•         Control and automation: Based on pre-programmed settings or manual commands, the SCADA system can adjust tracker positions, trigger safety shutdowns, and perform other actions

•         Data acquisition and storage: Collects and stores historical data to enable performance analysis, fault detection, and trend identification

•         Alarm management: Monitors for critical conditions and generates alerts for potential issues

The specific hardware and software components of a SCADA system can vary depending on the size and complexity of the solar PV plant. Smaller installations might utilise a cloud-based SCADA system, while large-scale solar farms may have a more distributed architecture. However, we typically find field devices, data acquisition and processing devices and a communication network on the hardware side, while software allows to store, process, analyse and visualise this data, while ensuring sound communication between devices. Table 9 summarises the various hardware and software components of a SCADA system.

OSI Model

The OSI (Open System Interconnection) model provides a structured framework for understanding data communication within solar PV SCADA systems. By defining the specific roles of each layer,

it clarifies how data flows seamlessly from solar panels to control centres and external services, ensuring efficient and reliable communication.

The Layers:

•         Physical Layer: The foundation - hardware connections (cables, fibers) that transmit raw data. (Think: Ethernet cables linking devices to the network)

•         Data Link Layer: Ensures error-free data transfer. (Think: Protocols like IEEE 802.3 that manage communication between devices on the local network)

•         Network Layer: Routes data packets across networks. (Think: IP protocols that direct data from the plant to the control center or cloud)

•         Transport Layer: Guarantees reliable data delivery. (Think: TCP for secure transmission and UDP for streaming data from panels)

•         Session Layer: Manages communication sessions between applications. (Think: Protocols like NetBIOS that establish connections for data transfer)

•         Presentation Layer: Translates data for applications. (Think: Encryption and format conversion to ensure data is readable by the HMI)

•         Application Layer: Provides network services to applications. (Think: SCADA software interfaces, APIs for connecting with other systems, and cloud analytics platforms)

A robust SCADA system offers numerous benefits, including secure and efficient data flow, with each OSI layer contributing to optimised plant performance and secure data transmission.

Reliable data exchange enhances management capabilities by enabling informed decision-making. Ultimately, a well-designed SCADA system adhering to the OSI model supports improved plant operations and strengthens overall management efficiency, making it a cornerstone of effective solar PV plant management.

Vertical Integration

Vertical integration in solar PV SCADA systems offers a holistic approach to plant management by unifying control across all levels, from field devices to enterprise systems. This integration

optimises performance, enhances reliability, and extends asset life by enabling seamless data flow and robust connectivity between operational and management layers.

Seamless Data Flow

At the core of vertical integration is the efficient flow of real-time data:

•         Field devices, such as Programmable Logic Controllers (PLCs) and Remote Terminal Units (RTUs), transmit data to the central SCADA system.

•         The SCADA system processes this data, executes control commands, and integrates with higher-level systems, including:

•         CMMS (Computerised Maintenance Management Systems): For effective maintenance planning

•         ERP (Enterprise Resource Planning): To support data-driven decision-making at the organisational level

Vertical integration in SCADA systems offers significant benefits for modern solar PV plants.

Real-time monitoring and control enable informed decisions that maximise energy output while minimising downtime, optimising overall performance. Predictive maintenance, powered by data analysis, enhances reliability by preventing failures and ensuring continuous operation. Additionally, integration with CMMS and ERP systems streamlines maintenance planning, operating conditions, and spare parts management, extending the lifecycle of assets. As a best practice, vertical integration empowers solar PV plants to exceed performance, reliability, and asset management goals, leveraging the advantages of digital transformation in the renewable energy sector.

9.3. Hardware and Infrastructure

Hardware and Setup

To ensure a reliable and efficient solar PV system, specific hardware components and setup configurations are essential. These components work together to maintain optimal performance, secure communication, and uninterrupted operations.

Table 10 details the essential hardware and configurations for a reliable solar PV system, outlining minimum, best practice, and recommended setups for components like routers, switches, inverters, UPS systems, and environmental controls. These elements ensure optimal performance, secure communication, and system reliability. Proper hardware configuration enables the creation of a digital twin, a virtual model of the physical system that enhances solar energy management through advanced analytics, predictive maintenance, and real-time optimisation, improving efficiency and minimising downtime.

9.4. Data Types, Indicators & Formats

Data Types

For effective operation and maintenance (O&M) of solar PV installations, SCADA systems require a minimum set of data to ensure grid integration, safety, and performance monitoring. This data aligns with IEC 61850 and 61970 standards and serves as the foundation for generating operational reports and tickets.

By collecting these minimum data types, we ensure several important outcomes. First, grid compliance is achieved, fulfilling grid integration requirements and PPA terms, as outlined in IEC 61850 and 61724-1. Safety assurance is also maintained through continuous monitoring of breaker status, in accordance with IEC 61850. Performance monitoring is enabled by tracking real-time power output and irradiance data, as recommended in IEC 61724-1, allowing for effective assessment

of plant performance. Additionally, improved operations and maintenance (O&M) are facilitated by the generation of service tickets and reports, enabling proactive maintenance and ensuring full compliance with industry-standard contracting frameworks for O&M and asset management.

Building upon the minimum requirements, best practices expand the data collection and utilisation for enhanced O&M. By following these best practices, solar PV professionals can achieve several key benefits. Improved performance is one of the primary advantages, as early detection of underperforming strings and potential inverter issues allows for timely corrective actions, ensuring the plant operates at optimal efficiency. Additionally, monitoring grid connection parameters helps maintain grid stability, ensuring compliance with interconnection agreements and contributing to the overall stability of the grid. Enhanced operations and maintenance (O&M) is another significant benefit, as real-time monitoring, historical analysis, and automated alerts enable proactive maintenance, reducing downtime and extending the lifespan of plant assets.

Recommendations Beyond Best Practices: Data for a Fully Data-Driven O&M System

For a truly data-driven approach to solar PV operations and maintenance (O&M), consider collecting these additional data types beyond best practices:

1.       Advanced Data Analysis:

•         Weather Forecasts (e.g. irradiance, ambient temperature): Enables proactive performance predictions and optimisation strategies

•         Historical Performance Data (e.g. power output, string monitoring): Facilitates trend analysis for predictive maintenance, allowing for corrective actions before issues arise

2.       Financial Modeling Integration:

•         Energy Production Costs: Integrates with SCADA data to assess financial performance against benchmarks and PPAs (e.g. cost per kWh generated)

3.       Data Lake:

•         Weather Data: Provides environmental context for SCADA data analysis, improving performance insights

•         Financial Information (e.g. operation & maintenance costs): Enables cost-benefit analysis and data-driven resource allocation for O&M activities

4.       Machine Learning/AI models & agents (see Chapter 12. Innovations and Trends): Analyses vast amounts of data including:

•         SCADA Advanced analytics AI models (sensor data, inverter data, system status): Identifies patterns and anomalies in real-time operation for proactive maintenance

•         O&M Activity Data assistants (service ticket data, inspection reports): Provides historical context for machine learning algorithms to improve fault detection and root cause analysis

Source:   Indicators

Effective O&M of solar PV plants relies on a comprehensive set of device-measured indicators. In Table 12, we categorise these indicators based on IEC 61970 minimum requirements, best practices, and recommendations. Additionally, the subchapter lists some recommendations beyond best practices.

Beyond best practices, advanced indicators such as Spectral Analysis and Soil Moisture provide deeper insights for performance optimisation. Spectral irradiance, measured in W/m²/nm using dedicated sensors, offers a detailed breakdown of sunlight wavelengths, enabling the analysis of spectral mismatch losses—particularly valuable for multi-junction or emerging PV technologies. Integrating these sensors with SCADA enhances data collection and system understanding. Similarly, soil moisture data, expressed as a percentage, supports the optimisation of irrigation systems to reduce water usage and minimise dust accumulation on solar modules. SCADA-compatible sensors ensure seamless integration, promoting both efficiency and improved power output.

Data Quality and Curation

Effective solar PV operations rely on high-quality data for accurate performance monitoring, proactive maintenance, and optimised decision-making. However, data collected from diverse sensors (energy meters, inverters, weather stations) across geographically dispersed plants, often in harsh environments, is susceptible to various quality issues.

Data quality challenges can significantly impact the accuracy and reliability of performance metrics and trend analysis. Common issues include missing data, which can occur due to sensor malfunctions, communication errors, or network outages. These gaps hinder KPI calculations and trend analysis. Additionally, outliers and spikes, such as unrealistic data points (e.g. negative irradiance values), can skew performance metrics if not properly identified and addressed.

Extended periods of missing data, resulting from sensor failures or network interruptions, also disrupt time-series analysis and forecasting models. Inconsistent or corrupted data, often referred to as “junk values,” can compromise data pipelines and affect downstream analytics. Moreover, sensor drift, the gradual degradation of sensors over time, introduces persistent biases, leading to inaccurate performance assessments.

To address these data quality challenges, several best practices for data curation and validation can be implemented. One key approach is the use of automated data validation processes, which leverage domain-specific knowledge and statistical methods to detect and correct issues in real time. Techniques such as Z-score anomaly detection, Inter-Quartile Range (IQR) outlier detection, and limit checking can help identify unrealistic data points and sensor malfunctions. For missing

data, imputation methods like linear or spline interpolation can be applied for short gaps, while more advanced techniques such as k-Nearest Neighbours (KNN) imputation can handle longer intervals.

Additional best practices include implementing data lineage tracking to document data origin, transformations, and quality checks. This facilitates root-cause analysis of discrepancies and ensures transparency in the data pipeline. Regular sensor calibration and maintenance schedules are also crucial to minimise sensor drift and maintain data accuracy. Furthermore, data cleansing and standardisation processes help remove identified anomalies, format data consistently, and manage missing values using appropriate imputation techniques. Finally, maintaining data version control enables tracking changes, facilitates rollbacks in case of errors, and supports historical analysis with different versions of the data.

Data Formats

Data format is critical for solar PV data usability. A breakdown of key considerations is shown in Table 13 on the following page.

To enhance data management and operational efficiency, several advanced recommendations can be implemented. Cloud integration is essential for scalability and performance, with data formats such as Apache Parquet offering optimised storage and retrieval on cloud platforms. Real- time streaming protocols like MQTT or WebSockets (WS) enable low-latency data transmission, ensuring timely access to critical information for decision-making. Additionally, adopting semantic interoperability standards such as RDF (Resource Description Framework) or OWL (Web Ontology Language) allows for sophisticated data integration and the creation of knowledge graphs.

Data in the Cloud

Cloud computing significantly transforms monitoring systems for solar PV installations, improving data management and enhancing profitability. Key benefits of cloud-based monitoring include real-time monitoring and visualisation, allowing for remote access to data and proactive issue identification to optimise power generation. Additionally, cloud-integrated digital twins—virtual replicas of the PV system—use real-time data to predict performance, enabling more effective

predictive maintenance. Furthermore, cloud-based platforms streamline operations by seamlessly integrating with Computerised Maintenance Management Systems (CMMS) and Enterprise Resource Planning (ERP) systems, fostering an interconnected ecosystem that enhances maintenance workflows, optimises resource allocation, and supports data-driven decision-making for improved overall PV system health.

Data Engineering

This section explores data engineering best practices for monitoring systems in solar PV installations, focusing on storage, processing, and getting data ready for analysis. Data-driven SCADA systems with cloud-based data engineering unlock exciting possibilities for solar PV installations, paving the way for advanced optimisation, self-maintenance, and potentially even autonomous control. Addressing security, latency, and regulatory considerations is crucial for successful implementation.

Minimum Requirements

Ensure basic data capture, storage, and visualisation for system health monitoring and performance analysis. Options include local databases, file storage, FTP data transfer, basic APIs, and batch processing with threshold-based alerts.

Best Practices

Enhance capabilities with cloud storage (object storage for raw data, time-series databases for processed data), industry standard data models (e.g. CIM), flexible schema design, secure

streaming protocols (MQTT, AMQP) for real-time data, hybrid data processing (batch for historical, real-time stream processing for latest data), and integration of data science libraries for advanced analytics and machine learning. Utilise cloud platforms for initial stage batch processing. Develop interactive dashboards for real-time and historical data visualisation.

Beyond Best Practices

Leverage cloud data engineering alongside SCADA functionalities for advanced optimisation and potential autonomous control.

•         SCADA Layer Integration. Establish a bi-directional communication channel for real-time data feedback. This allows processed data from the cloud to be fed back to SCADA for:

•         Dynamic Power Optimisation: Adjust inverter settings or tilt angles based on weather forecasts and historical data

•         Predictive Maintenance Integration: Trigger preventative maintenance tasks within SCADA based on machine learning analysis of potential equipment degradation

•         Advanced Data Engineering Techniques

•         Edge Computing Integration: Pre-process and filter real-time data at the SCADA system before transmission, reducing bandwidth and improving response times. Potentially lays the groundwork for autonomous control

•         Real-time Machine Learning Models: Deploy lightweight models at the edge or within the cloud processing pipeline for real-time anomaly detection and control adjustments within pre-defined constraints

•         Autonomous Control Considerations. While fully autonomous control is complex, a hybrid approach with human oversight for critical decisions and real-time data/ML for automated adjustments can optimise performance

The benefits of advanced system optimisation in solar PV installations are significant. Real- time, data-driven adjustments ensure maximum power generation and efficiency. Predictive maintenance and automated adjustments help minimise downtime and reduce maintenance costs. Additionally, this approach lays the foundation for future autonomous control systems,

enabling operations with minimal human intervention and further streamlining plant management.

Important Considerations

Important considerations for implementing autonomous control systems in solar PV installations include security, latency, and regulations. Robust security measures are essential to prevent unauthorised access and manipulation, especially when using bi-directional communication channels. Latency is also a critical factor, as real-time control requires minimal delays in data transmission and processing. It’s important to assess network infrastructure and processing power limitations, particularly when deploying edge computing or real-time machine learning models.

Additionally, compliance with industry regulations and safety standards is crucial to ensure the safe and lawful implementation of autonomous control functionalities.

Digital Twin

A well-designed digital twin for solar operations and maintenance (O&M) goes beyond simple visualisation to become a powerful tool for optimising plant performance. It utilises physics-based simulation models such as PVsyst or PVSol to replicate a solar plant’s physical setup, including panel types, string configurations, inverter specifications, and grid connections (voltage levels, power factor). By integrating real-time sensor data—such as DC/AC current, voltage, temperature— and weather inputs like irradiance, temperature, and wind speed, a robust operational data structure is created. This structure, coupled with comprehensive metadata, ensures accurate interpretation and analysis of plant performance.

Minimum Requirements: Optimising Performance

A digital twin foundation enables several key functionalities that are critical for optimising solar plant performance:

•         Performance Monitoring: By comparing real-time data with simulated outputs, a digital twin helps identify underperformance, such as string-level anomalies, allowing for prompt corrective actions

•         Scenario Analysis: “What-if” simulations allow O&M professionals to assess the effects of environmental changes (e.g. irradiance variations), component degradation, or different maintenance strategies on energy generation, enabling better decision-making

Best Practices: Granular Analysis and AI Integration

Advanced digital twins incorporate more granular analysis and leverage AI to further optimise operations. Best practices include:

•         Solar Shading Analysis: Using 3D modeling tools, digital twins can account for shading dynamics from nearby structures and objects, which can help optimise cleaning schedules and energy production

•         Individual String Modeling: This granular approach allows for performance analysis at the string level, facilitating targeted troubleshooting and maintenance to prevent system-wide failures

•         Inverter Loss Modeling: Detailed inverter loss models—such as partial load efficiency and reactive power management—enable more precise operational optimisations, enhancing the overall efficiency of the system

Additionally, the integration of AI and machine learning algorithms trained on historical and real- time data brings several benefits:

•         Anomaly Detection: By analysing sensor data, AI can proactively identify potential equipment failures, allowing for early intervention and reducing the likelihood of downtime

•         Performance Forecasting: Machine learning models can predict future energy generation based on historical data and weather forecasts, which helps improve grid integration and optimises maintenance scheduling

Beyond Best Practices: A Glimpse into the Future

Looking ahead, the potential of digital twins in solar O&M extends into more advanced, autonomous functionalities:

•         Closed-Loop Control: Digital twins, when combined with AI, could influence the physical plant’s operations. By feeding real-time insights into the SCADA system, the digital twin could adjust inverter settings dynamically based on weather conditions, maximising power output

•         Predictive Maintenance: Advanced AI algorithms, analysing sensor data, could predict equipment degradation and trigger preventative maintenance before failures occur, thereby reducing downtime and maintenance costs

•         Collaborative Digital Twins: A network of interconnected digital twins across multiple solar plants could facilitate knowledge sharing, process optimisation, and best practice dissemination, leading to overall performance improvements across the industry

In summary, digital twins represent a transformative tool in solar O&M, providing granular insights, enhancing predictive capabilities, and paving the way for more autonomous, optimised solar plant management in the future.

9.5. Monitoring Platforms

This section explores web platforms for solar PV plant operations and maintenance (O&M), outlining functionalities from basic to advanced. Web-based monitoring platforms are evolving from data visualisation tools to powerful platforms that leverage AI and real-time control to optimise solar PV plant performance and streamline O&M activities. This paves the way for a future of intelligent solar energy production.

Minimum Requirements: These features are foundational for effective O&M.

•         Universal Data Ingestion: Read data from any solar PV platform

•         Long-Term Data Archiving: Securely store all raw data in the cloud

•         Detailed Asset Modeling: Create a digital twin of the plant with layout and component information

•         High-Resolution Data Visualisation: Allow users to view and analyse data in various granularities

•         Diverse Data Presentation: Offer multiple visualisation formats (charts, heatmaps) and ensure responsiveness across devices

•         Customisable KPI Dashboards: Enable users to create personalised dashboards with chosen KPIs and drag-and-drop functionality

•         Data Quality Validation: Implement mechanisms to ensure data integrity and identify anomalies

•         Malfunction Detection: Use customisable alarms and machine learning to detect malfunctions and potential issues

•         Field Device Alert Handling: Seamlessly receive and manage alerts from field devices and integrate them with a ticketing system

•         KPI Calculation & Customisation: Calculate core KPIs and offer customisation options

•         Aggregated KPI Reporting: Generate reports for individual plants or entire portfolios with user- defined formats and scheduling options

•         Standardised Data Interface: Provide a secure API for data export and integration with other software systems

Best Practices for Enhanced O&M: These practices go beyond the minimum requirements and leverage data analytics for improved O&M.

•         Tailored User Interface: Offer role-based interfaces with intuitive navigation and clear data visualisations for different user types (O&M provider, investor, etc.)

•         User-Defined Alerts & Reports: Empower users to configure custom alerts and reports using drag-and-drop report builders with pre-defined data sets

•         Integrated Ticketing System: Facilitate efficient issue resolution with a built-in ticketing system that integrates with workflow management tools

•         Plant-Specific KPIs: Track and analyse KPIs specific to each plant for targeted performance optimisation

•         Third-Party Data Integration: Integrate external data sources (weather, irradiance) for enhanced insights and combine sensor data with external sources

•         Granular Data Downloads: Allow users to download data in various granularities for further analysis in external tools with secure download protocols

Advanced Functionalities for Real-Time Control & Optimisation: These functionalities leverage AI and real-time control for future advancements.

•         Real-Time Optimisation with AI: Utilise AI and machine learning for real-time recommendations on inverter settings, cleaning schedules, or maintenance based on weather, historical data, and predictive analytics

•         Predictive Maintenance: Analyse sensor data, historical trends, and weather forecasts to predict equipment failures and enable preventative maintenance actions

•         Real-Time Anomaly Detection & Root Cause Analysis: Employ machine learning to analyse sensor data and identify anomalies in real-time, allowing for quicker troubleshooting

Closed-Loop Control with Safeguards (imagining future capabilities):

•         Dynamic Inverter Control: Automatically adjust inverter settings based on real-time data to maximise power output

•         Autonomous Cleaning Scheduling: Trigger automated cleaning schedules based on satellite imagery, weather forecasts, and historical soiling data

•         Collaborative Platform Ecosystems: Imagine future developments where platforms work together

•         Interconnected Digital Twins: A network of interconnected digital twins across multiple plants could facilitate knowledge sharing and best practice dissemination

•         Blockchain-enabled Data Security and Transparency: Leverage blockchain technology to ensure data security, tamper-proof records, and transparent data provenance

CMMS & ERP

In this section we look at the importance of a well-orchestrated digital ecosystem for optimal solar PV plant performance and return on investment (ROI). It focuses on two crucial software systems: CMMS and ERP, outlining their functionalities and how they work together.

CMMS (Centralised Maintenance Management System): Manages the lifecycle of physical assets in a solar PV plant.

CMMS (Computerised Maintenance Management System) is a software platform used to manage the lifecycle of physical assets in a solar PV plant, helping streamline maintenance processes

and improve asset performance. It tracks equipment details, schedules maintenance tasks, and integrates real-time data to enhance efficiency and minimise downtime.

Minimum requirement functionalities

•         Granular Asset Registry: Detailed records of all plant equipment (panels, inverters, transformers, BoP components) including:

•         Manufacturer, model, serial number, installation date, specifications, warranty information

•         Preventative Maintenance (PM) Optimisation: Creates and schedules PM tasks based on:

•         Manufacturer recommendations

•         Historical maintenance data (failure patterns, degradation trends)

•         Industry best practices (e.g. IEEE or IEC standards)

•         Real-time sensor data (for condition-based maintenance)

Best Practices for Enhanced CMMS Functionality

•         SCADA Integration: Integrate with SCADA systems for real-time equipment data and anomaly detection, enabling proactive maintenance

•         Mobile Workforce Management: Utilise mobile apps for technician work order access, updates, and field data capture for improved efficiency and data accuracy

•         Predictive Maintenance with Machine Learning: Analyse historical data, sensor readings, and weather forecasts to predict equipment failures, minimising downtime and costs

Recommendations Beyond Best Practices

•         Digital Twin Integration: Explore integrating digital twins with CMMS for further optimisation of maintenance strategies by leveraging virtual representations of physical assets

•         Augmented Reality (AR) Support: Investigate AR technology to provide technicians with real- time overlay information on equipment during maintenance tasks, improving efficiency and knowledge transfer

ERP (Enterprise Resource Planning): An information management platform that integrates various business functions for solar energy companies.

ERP (Enterprise Resource Planning) is an integrated software platform that streamlines and automates various business functions across a solar energy company, including financial management, supply chain operations, and resource planning. It helps optimise processes such as cost control, procurement, inventory management, and logistics, offering valuable insights for decision-making.

Minimum requirements for ERP in O&M

•         Financial Management with Cost Control: Tracks financial aspects including:

•         Maintenance labour costs

•         Spare parts and material costs

•         Contractor service fees

•         Supply Chain Management: Facilitates procurement of maintenance materials and spare parts by managing:

•         Purchase orders with vendor management

•         Inventory levels across locations

•         Logistics and transportation optimisation

Best Practices for Enhanced ERP Functionality

•         Real-Time Data Integration with CMMS: Establish real-time data exchange for automatic cost updates based on completed work orders and parts usage

•         Customisable Dashboards with KPI Tracking: Develop user-specific dashboards that combine data from CMMS (work order status, maintenance costs) and ERP (inventory levels, financial performance) for informed decision-making

•         Sustainability Reporting Integration: Integrate the ERP with sustainability reporting tools to track and report on key environmental performance indicators (KPIs) related to O&M activities

Recommendations Beyond Best Practices

•         Blockchain Integration for Secure Supply Chain Management: Explore blockchain technology to enhance supply chain transparency and traceability for spare parts, ensuring authenticity and origin verification

•         Internet of Things (IoT) Sensor Integration: Integrate IoT sensors with the ERP system to track the real-time location and condition of maintenance vehicles and personnel, optimising field service logistics and improving technician response times

By leveraging these digital tools and best practices, solar PV plants can achieve optimal performance, maximise ROI, and ensure efficient O&M processes.

Control Room and Monitoring Practice

A Control Room for operating Solar PV Plants using SCADA (Supervisory Control and Data Acquisition) is a centralised hub where operators monitor, control, and manage the operations of a solar photovoltaic plant. This facility is equipped with advanced communication systems, computer hardware, and software that allow for real-time data acquisition from the solar plant’s various components such as inverters, panels, and meteorological stations.

The primary function of a Control Room in this context is to ensure the optimal performance of the solar PV plant by continuously monitoring parameters like power output, efficiency levels, and system health. Operators use SCADA systems to detect any deviations from standard operating conditions. These systems provide visualisations through graphical user interfaces (GUIs), which include detailed schematics of the plant’s layout and real-time data charts.

Further we present the function and best practices for a Solar PV plant’s Control Room, equipped with SCADA systems for centralised monitoring, control, and management.

The control room serves as the centralised hub for monitoring, controlling, and managing solar PV plant operations. It facilitates real-time data acquisition from various plant components, including inverters, panels, and weather stations. By continuously monitoring key parameters such as power output, efficiency, and system health, the control room ensures optimal plant performance.

Through SCADA visualisations, it detects deviations from standard operating conditions, enabling timely interventions to maintain efficiency and prevent potential issues.

Effective monitoring of solar PV plant operations involves several best practices to ensure timely and efficient issue resolution. All issues, alarms, and malfunctions should be logged with

timestamps in a ticketing system that tracks Service Level Agreements (SLAs), enabling organised issue tracking. Remote root cause analysis should be conducted to identify the source of detected problems without requiring on-site presence, saving time and resources. For issues requiring physical intervention, detailed work orders must be generated to guide on-site teams. Whenever possible, remote mitigation actions should be implemented promptly to address identified issues and alarms, minimising downtime and maintaining plant performance.

Monitoring Schedules

•         Plant Level Monitoring (3-4 times/day):

•         Detect outages and major performance deviations (excluding curtailment)

•         Manage alarms within the platform (close acknowledged alarms, create exceptions for outages outside O&M control, link outage alarms to exceptions as needed, and clear unnecessary alarms)

•         Inverter Level Monitoring (2-3 times/day):

•         Detect outages of inverters or string combiner boxes

•         Identify major deviations (outside inverter alarm configuration boundaries)

•         Close/acknowledge alarms and create exceptions for outages outside O&M control, clear unnecessary alarms

•         String Level Monitoring (3-4 times/week):

•         Detect faulty strings with zero current and/or voltage

•         Identify major deviations, close/acknowledge alarms, and create exceptions for outages outside O&M control, clear unnecessary alarms

•         Sensor & Data Quality Monitoring (2-3 times/week):

•         Check sensor data availability, ensure data quality (readings match physical reality), close/ acknowledge alarms, and create exceptions for outages outside O&M control. Clear unnecessary alarms, especially for meters and sensors impacting Performance Ratio (PR) and Energy Performance Index (EPI) calculations. Consolidate data with alternative satellite data when sensor data is unavailable

•         Data & Networking Monitoring (1-2 times/day):

•         Check mobile connection to routers, ensure data availability from loggers and devices, coordinate with the monitoring SaaS provider for displayed data, close/acknowledge alarms, and create exceptions for outages outside O&M control. Clear unnecessary alarms, considering exceptions like faulty loggers pending RMA or data discontinuity while devices remain operational

Adhering to monitoring guidelines provides numerous benefits, including comprehensive oversight of plant performance, which allows for the early detection and proactive resolution of issues. This approach helps maintain system integrity, ensuring enhanced operational efficiency and reliability. As a result, it contributes to the longevity and profitability of the solar investment, safeguarding its continued success and performance over time.

Control Room Operators

Control room operators play a critical role in the efficient and safe operation of solar plants. These highly skilled professionals typically have backgrounds in electrical engineering, renewable energy, or related fields. Their expertise is essential in ensuring the smooth operation of the plant, as they are responsible for interpreting complex data from SCADA systems in real-time and making quick, informed decisions.

A successful control room operator must possess a deep understanding of SCADA systems and be adept at analysing large datasets to identify operational anomalies or irregularities. They are highly analytical and detail-oriented, capable of recognising potential issues before they escalate, and ensuring optimal plant performance. In addition to their technical skills, they are proficient in using plant monitoring and performance management software tools, which allow them to oversee the plant’s operations efficiently.

Effective communication is another key aspect of the control room operator’s role. Operators must coordinate seamlessly with on-site personnel to resolve issues and ensure that any operational concerns are addressed promptly. Their ability to communicate effectively is essential for teamwork and maintaining plant safety.

Safety is a top priority for control room operators. They are rigorously trained in adhering to strict safety protocols and are well-prepared to execute emergency procedures when necessary. This training ensures that operators can manage unexpected situations without compromising the safety of the plant or personnel.

Furthermore, control room operators are committed to continuous professional development. To stay ahead of industry trends, new technologies, and best practices, they regularly update their knowledge and skills. This ongoing learning is crucial for maintaining high levels of performance and ensuring the long-term success of the plant.

For a more comprehensive understanding of the training and qualifications required for control room operators, refer to Chapter 3. Personnel and Training.

Data Governance

The European Union places significant emphasis on data ownership and privacy, underscoring key principles that must be adhered to. Ownership of data collected through monitoring systems and data loggers, even when stored in the cloud, must remain with the asset owner or Special Purpose Vehicle (SPV), ensuring that both current and historical data are readily accessible to them. Access to this data should be managed carefully, with specific permissions granted to stakeholders based on their roles. For instance, O&M service providers need access to support plant operation and maintenance tasks, asset managers require data for financial and commercial management, and auditors may need access during due diligence processes. To maintain security and efficiency, a minimum of two access levels should be implemented: read-only access for viewing and reporting purposes, and full access for modification and management of data settings.

Monitoring System Hardware

The monitoring system hardware can be supplied either by the O&M service provider or a third- party monitoring service provider, with distinct responsibilities in each scenario. When the O&M service provider supplies the hardware, they assume full responsibility for ensuring data protection and maintenance, safeguarding data security and integrity, as well as guaranteeing the proper functionality of the monitoring system. Alternatively, if a third-party monitoring service provider supplies the hardware, the responsibility for data protection and maintenance shifts to the third party. However, the O&M provider must still verify these aspects to ensure compliance. Additionally, the O&M provider is responsible for verifying the accuracy of performance monitoring, ensuring the data accurately reflects the plant’s actual performance and adheres to industry best practices.

Data Management and Data Flows

The role of a data manager is critical in ensuring effective data governance and utilisation within the system. Data managers are responsible for defining the structure and format of collected data through data modeling. This involves organising data from sources such as monitoring systems, service tickets, and inspection reports to ensure consistency and streamline analysis. They also design data flow paths, determining how data moves from its origins, like sensors or technicians, to various applications and storage locations. This process optimises data usage and prevents bottlenecks. Ultimately, the data manager’s work supports the generation of insightful reports

for higher-level stakeholders, such as asset managers and energy off-takers. These reports offer valuable insights into plant performance, maintenance requirements, and energy production, enabling informed decision-making at strategic levels.

Ownership of Additional Data

Beyond monitoring data, ownership of other data types plays a critical role in ensuring comprehensive asset management. Service tickets, which include details such as repairs and parts used, are typically owned by the asset owner, though the O&M provider may have temporary

access to facilitate maintenance activities. Similarly, inspection reports, containing information like visual observations and potential issues, are generally the property of the asset owner. Ownership of data within monitoring platforms, however, can vary depending on the platform and the terms of the agreement. In some instances, the platform provider may retain ownership of raw data, while processed and analysed data remains the property of the asset owner, emphasising the importance of clear contractual arrangements.

O&M Service Provider Responsibilities

Evaluating the O&M provider’s ability to effectively manage and utilise the monitoring system is essential for ensuring optimal performance and data governance. If gaps in expertise are identified, the O&M provider should receive appropriate training to enhance their proficiency with the system. For third-party monitoring providers, data access must be carefully restricted to essential tasks, such as bug fixing and system development, to maintain security and protect sensitive information.

By following these best practices, asset owners can ensure their data is secure, accessible to authorised personnel, and used responsibly for optimal solar PV plant operation. This ensures a clear understanding of data ownership throughout the lifecycle of a solar PV plant and facilitates effective reporting to key stakeholders for informed decision-making.

9.6. Cybersecurity

Cybersecurity involves the implementation of tools, processes, and controls to protect systems, networks, and data from cyberattacks, thereby minimising risks and preventing unauthorised access to critical infrastructure. A key strategy in enhancing cybersecurity is minimising network complexity by reducing the number of devices on the network, as each device represents

a potential vulnerability. Additionally, network monitoring and traffic analysis are crucial. Continuously monitoring network traffic can help identify unusual patterns, such as excessive bandwidth usage, which may signal a cyberattack. These measures collectively strengthen an organisation’s defence against evolving cyber threats.

Securing Physical and Digital Access

Securing Physical and Digital Access focuses on protecting critical infrastructure by implementing measures to control access and safeguard against unauthorised entry, both physically and digitally. This includes enforcing stringent access policies, utilising professional-grade hardware, and maintaining up-to-date documentation and procedures to ensure comprehensive security management.

Securing physical and digital access requires a multifaceted approach to safeguard network devices and critical infrastructure. Physical access control measures should restrict entry to network devices and include deterrents against unauthorised access. A robust password policy is essential, avoiding default credentials and requiring regular updates. For secure remote access, firewalls with strict

rules should control internet traffic, port forwarding must be minimised, and Virtual Private Networks (VPNs) should be used to ensure secure connections. Unique passwords must be assigned to each plant, and up-to-date documentation of network devices should be maintained to ensure thorough security coverage. Role-Based Access Control (RBAC) should be implemented to grant permissions based on user needs, while USB ports for storage devices should be disabled to prevent malware transfer. Regular verification of system administrator privileges ensures only authorised personnel have elevated access. Additionally, security incident reporting procedures must be in place for rapid threat response. Finally, investing in professional, industrial-grade hardware with advanced security and manageability features further enhances the security framework.

Vulnerability Management

Vulnerability Management focuses on proactively identifying, addressing, and mitigating security weaknesses to protect systems from potential threats and cyberattacks.

Effective vulnerability management involves several key practices to mitigate security risks. Regularly updating software and firmware on all devices is essential to address known

vulnerabilities and ensure systems remain secure. Additionally, utilising up-to-date anti-virus software helps protect against malicious threats. Wireless access should be minimised, as wireless connections are typically less secure than wired ones, reducing the potential for unauthorised access. Conducting regular penetration testing and network audits with external security experts is also crucial to identify vulnerabilities and test defences through simulated cyberattacks, ensuring potential weaknesses are addressed before they can be exploited.

Employee Awareness and Training

Employee Awareness and Training focuses on equipping employees with the knowledge and tools to recognise and mitigate cybersecurity risks, ensuring a secure work environment. This involves ongoing training, access management, and proactive measures like internal audits and anti- phishing campaigns to maintain high security standards.

IT security training is crucial for educating employees on cybersecurity best practices and helping them identify potential threats. Implementing the principle of least privilege ensures that access to plant information and systems is granted only to employees who need it for their specific job functions. Employee access changes, such as when an employee leaves or changes positions, should be promptly addressed by updating plant passwords. To prevent data loss, it’s important

to regularly synchronise important documents and files with managed file storage solutions like OneDrive. Raising awareness through internal company posters can also help inform employees about potential cyber threats, offering tips on recognising suspicious emails, safe internet usage, and secure data handling. Regular internal audits assess the security status of IT systems and data management processes, identifying weaknesses and allowing for timely corrective actions. Additionally, controlled anti-phishing campaigns, including simulated phishing attacks, test and enhance employees’ ability to recognise phishing threats and respond appropriately.

Comprehensive Cybersecurity Management System (CSMS)

Best practice dictates that solar PV plants implement a formal Cybersecurity Management System (CSMS) based on a thorough risk assessment. This system should follow a continuous improvement cycle, typically the plan-do-check-act (PDCA) model, and include the following key components:

•         Cybersecurity Policy: A documented policy that outlines cybersecurity protocols and expectations for all personnel, establishing a clear framework for security practices across the organisation

•         Roles and Responsibilities: Clearly defined roles and responsibilities for cybersecurity within the organisation, ensuring accountability and effective management of security measures

•         System Architecture Analysis: A comprehensive evaluation of the plant’s system architecture to identify potential vulnerabilities and implement necessary countermeasures to protect the infrastructure

•         Technical Countermeasures: Implementation of various technical controls, such as firewalls, encrypted communication channels, access controls, and security monitoring tools to safeguard the system

•         Physical and Procedural Controls: Enforcing physical access restrictions and maintaining updated procedures to ensure ongoing awareness and preparedness against evolving cyber threats

Data Security Requirements

In addition to general cybersecurity measures, specific security requirements must be applied to the data generated by the solar PV plant to ensure its integrity and confidentiality:

•         Tickets: Implement a ticketing system with access and modification rights determined by user roles. For critical tickets, consider utilising data encryption and digital signatures to enhance security

•         Reports: Control access to reports based on user roles and the sensitivity of the data. Reports should be generated in secure formats, and data classification policies must be in place to ensure proper handling of sensitive information

•         Other Data: The same security principles should be applied to all types of plant data, including sensor data, historical records, and performance metrics. For non-critical data, data anonymisation can be considered as an additional layer of security

•         Email Encryption: Enable email encryption for internal and external communications to ensure confidentiality and protect sensitive information from unauthorised access

•         Document Classification: Introduce a document classification system to properly manage and secure various types of information based on their sensitivity and importance

•         Hard Drive Disposal: Securely dispose of hard drives using methods that prevent unauthorised access to data after the drive is no longer in use, ensuring that no sensitive information is recoverable

Minimum Requirements for Cybersecurity in Data Loggers and Monitoring Systems

To ensure the cybersecurity of data loggers and monitoring systems in solar PV plants, the following minimum requirements should be implemented:

•         Data Logger Security: Data loggers should not be directly accessible from the internet and must be protected by firewalls to prevent unauthorised access

•         Secure Data Server Connections: Ensure that connections between data loggers and data servers are secure and restricted to authorised systems only, minimising exposure to potential cyber threats

•         Manufacturer Security Information: Request detailed security information from data logger and monitoring platform manufacturers. This should include details about penetration testing, activation channels for command protocols, and security audits for their products

•         Secure Communication Protocols: Utilise secure Virtual Private Network (VPN) connections for sending command functions to control devices. Implementing double authentication adds an extra layer of security for communication

Separate Partition for Service Engineers: Create a separate partition on service engineers’ computers to isolate critical data and tools from other applications, ensuring that sensitive information remains secure during maintenance or servicing tasks.

Security Scenarios Tested for Continuity of Operations

It is also relevant to implement tested security scenarios that allow for a continuity of operations when faced with a disruption, and that encompass a set of procedures and actions aimed at preparing an organisation to handle various emergency situations. Regularly testing these scenarios helps assess operational readiness and the identification of potential security gaps, which enables effective risk management and minimises downtime.

It is notably relevant to test scenarios for disruptions such as:

•         Loss of access to SCADA infrastructure at the photovoltaic farm: Simulate situations where SCADA (Supervisory Control and Data Acquisition) infrastructure is inaccessible to test the operational readiness of the team

•         Unavailability of the IT service provider: Test responses to situations where the IT company responsible for technical support is unavailable

•         Suspected ransomware attack: Conduct simulations of ransomware attacks to assess the team’s readiness to quickly respond and recover data

•         Unavailability of a key employee: Test procedures for replacing key employees in the event of their sudden absence

9.7. Analytics and Data Science

In this section we look at how data science and mature Artificial Intelligence (AI) can be leveraged with digital twin models of solar plants to optimise performance. Here, we focus on established practices using machine learning and Statistical techniques.

Performance Optimisation with Statistical Process Control (SPC)

Statistical Process Control (SPC) is a powerful tool for analysing historical power generation data to identify deviations from expected performance baselines. This analysis can uncover potential issues such as soiling, panel degradation, or inverter malfunctions. Control charts, such as Shewhart charts, are used to monitor key performance indicators (KPIs) like DC power output or inverter efficiency. When deviations exceed control limits, alerts are triggered, prompting further investigation to address potential problems and maintain optimal plant performance.

Time Series Analysis with Seasonality and Weather

Advanced time series analysis techniques, such as ARIMA models, are invaluable for capturing seasonal variations and weather-induced fluctuations in power generation. These models can be further enhanced by integrating exogenous variables, such as solar irradiance and ambient temperature, to account for external factors influencing performance. This integration improves the accuracy of both forecasting and anomaly detection, enabling more reliable predictions and timely identification of potential issues.

Explainable Statistical Modelling with Feature Importance

Statistical models can be employed to predict future energy production by leveraging historical data and weather forecasts. To enhance the interpretability and reliability of these models, feature importance analysis techniques, such as LIME, can be used to assess the contribution of various input features, such as historical power output and forecasted irradiance, to the model’s predictions. This approach not only builds trust in the model’s reasoning but also identifies opportunities for targeted data collection, further refining model accuracy and performance.

Predictive Maintenance with Supervised Learning and Root Cause Analysis

Supervised machine learning algorithms trained on historical sensor data and labelled equipment failure events can significantly improve anomaly detection by identifying subtle deviations in voltage, current, or temperature patterns that indicate potential failures. Classification algorithms, such as Support Vector Machines (SVMs) or Random Forests, are particularly adept at detecting anomalies by learning from past failure patterns. These same algorithms can also be employed for root cause analysis after anomalies are detected. By analysing sensor data associated with anomalies and comparing it with historical data from past interventions, the models can suggest the most likely

causes, guiding technicians toward efficient repairs and helping to prevent similar issues in the future.

Time-Series Data Correlation with Aerial Inspection Reports

Digital twin models can be enhanced by integrating time-series data with additional information sources, such as aerial inspection reports, to provide a more comprehensive view of potential issues. By correlating sensor data with inspection findings, physical damage such as micro- cracks in panels can be identified more effectively. This integration is achieved by synchronising timestamps from data acquisition events, like sensor readings, with those of aerial inspections, enabling a unified and detailed analysis of the solar plant’s performance and condition.

By leveraging these techniques, solar PV plants can achieve substantial performance optimisation. Early detection of potential issues allows for prompt intervention, while a deeper understanding of root causes ensures more effective solutions. Targeted maintenance interventions further enhance operational efficiency, leading to increased overall performance and significant cost savings.

9.8. Cybersecurity

As solar PV power plants have inverters and power plant controllers (and monitoring systems) that are connected to the internet to enable surveillance and remote instructions by operators, there are significant cybersecurity risks.

Cybersecurity comprises technologies, processes and controls that are designed to protect systems, networks, and data from cyber-attacks. Effective cyber security reduces the risk of cyber-attacks and protects organisations and individuals from the unauthorised exploitation of systems, networks, and technologies.

Cybersecurity is a vast area and multiple measures are possible. The following hints may help as a starting point:

  • Keep it simple: If possible, reduce the type of network devices to a minimum. 
  • As a recommendation, traffic of the network devices may be monitored to detect abnormally high use of bandwidth. 
  • Secure physical access to the network devices and implement a secure password policy. Avoid the use of standard passwords and change all factory setting passwords. 

Control access from Internet via strict firewall rules:

  • Port forwarding should not be used because this is a big security gap. Only router ports that are necessary should be opened
  • Reduce remote access to the necessary use cases
  • The use of VPNs (Virtual Private Networks – a secure connection built up from the inside of the private network) is necessary
  • VPN access to the site from outside is a minimum requirement
  • A VPN server or VPN service which works without requiring a public IP on-site is preferred
  • Each solar PV power plant should have different passwords
  • Keep your documentation up to date to be sure that no device has been forgotten
  • Use different roles to the extent possible (e.g., read only user, administration access)
  • Use professional (industrial grade) hardware; only this hardware provides the security and administration functions your plant needs to be secure

Implement vulnerability management (i.e., identifying and fixing or mitigating vulnerabilities, especially in software and firmware):

  • Improve insecure software configurations
  • The firmware and software of devices should be kept up to date
  • Use anti-virus software if possible and keep it up to date
  • Avoid wireless access if it is not necessary
  • Audit your network with the help of external experts (penetration tests)

Keep your company safe:

  • Do not store passwords in plain text format, use password manager (e.g., 1Password, Keepass, etc.)
  • Train your employees on IT security awareness
  • Do not share access from all plants to all employees. Give access only to those who need it. This way damage can be limited if an individual employee is hacked
  • Management of leaving and moving employees; change passwords of plants which are overseen by an employee who has left the company or moved to another department

It is therefore best practice that installations undertake a cyber security analysis, starting from a risk assessment (including analysis at the level of the system architecture) and implement a cybersecurity management system (CSMS) that incorporates a plan-do-check-act cycle. The CSMS should start from a cybersecurity policy, and definition of formal cybersecurity roles and responsibilities, and proceed to map this onto the system architecture in terms of detailed countermeasures applied at identified points (e.g., via analysis of the system in terms of zones and conduits). These will include the use of technical countermeasures such as firewalls, encrypted interfaces, authorisation and access controls, and audit/detection tools. They will also include physical and procedural controls, for example, to restrict access to system components and to maintain awareness of new vulnerabilities affecting the system components.

As a minimum requirement, data loggers should not be accessible directly from the internet or should at least be protected via a firewall. Secure and restricted connection to data servers is also important.

The manufacturer of the datalogger and the monitoring platform should provide information on penetration tests for their servers, any command protocol activation channels, and the results of security audits for their products. Command functions should be sent using a secure VPN connection to the control device (best practice). Double authentication would be an even more secure option.

For further information, beyond the scope of this document, please look at the EU Cybersecurity Act (EC, 2019) and the European Parliament’s study “Cyber Security Strategy for the Energy Sector” (EP, 2016).