[RFI] Rogue backdoors found in solar inverters made in China

[AA5CT]

 Without further clarification, this could range from anything the 'researchers' noted from a JTAG (Boundary Scan) 'port' to an RS-232 / serial data port that's active during boot-up of the uProcessor ... who knows what triggered their 'call' on an undocumented comms feature. 

The Enphase series of panel mounted inverters have built-in wireless comms capability - why wouldn't the competition have something similar?  Without specificity I'm having trouble accepting this on face value. And I'm saying this as an engineer who has done product design/development with such comms capability 15 yrs back now.
I just reviewed a video the other day where an ABB made industrial VFD used in the field (application was irrigation out in a literal field on the plains) used a wireless connection to a smartphone to convey realtime operational parameters useful during troubleshooting w/o having to be glued to the local control and interface panel (which had limited display real estate for display of data). Don't know if the 'air interface' was ZigBee, Bluetooth, WiFi or 4G LTE data, but the interface to the smartphone was wireless ...

de Jim AA5CT  



    On Thursday, May 15, 2025, 4:38:10 PM GMT-5, Rob Atkinson <ranchorobbo at gmail.com> wrote:  
 
 Reuters reports that solar power inverters made in China have in some
cases, contained undocumented devices for communications.  Do you
have, or are installing any solar power panels?  Do a check for
anything that doesn't seem to belong amongst the circuitry.

https://www.reuters.com/sustainability/climate-energy/ghost-machine-rogue-communication-devices-found-chinese-inverters-2025-05-14/

This isn't without precedent.  Dock cranes many of which are made in
China have also been found to contain similar undocumented
communication/control devices.

73

Rob
K5UJ

_______________________________________________
RFI mailing list
RFI at contesting.com
http://lists.contesting.com/mailman/listinfo/rfi