Editorial 2 : Renewable and protected
Context
India’s wind sector must innovate and secure, not just scale.
India’s renewable energy
- India, after all, aims to achieve 500 GW of non-fossil-based electric installed capacity by 2030, including an ambitious target of over 100 GW from wind
- For years, the renewable energy sector has diligently optimised turbine efficiency, improved grid integration and focused on speedy deployment. These remain essential.
- However, an equally pressing threat looms quietly in the background: Cybersecurity and the pace of maximum value addition and localisation in manufacturing.
- Unlike finance or defence sectors, where digital safeguards have long been entrenched, robust cybersecurity measures are only now being introduced into India’s renewable energy framework.
- And it’s about time. A compromised SCADA (Supervisory Control and Data Acquisition) system or remote-access breach could disable a wind farm — or multiple sites — in mere seconds.
The road ahead
- The proposed amendment requires all operational wind turbine data to be stored within Indian territory.
- Foreign entities will no longer be allowed to remotely access or control Indian wind farms, a clear attempt to eliminate vulnerabilities to external cyber threats.
- More importantly, Original Equipment Manufacturers (OEMs) will be required to establish R&D facilities in India, signalling a decisive shift from passive assembly to active domestic innovation.
- This aligns with NITI Aayog’s 2024 roadmap, emphasising localisation of both hardware and control systems.
- Given the various global incidents where cyberattacks have crippled energy grids, India’s push for digital self-reliance isn’t just necessary — it’s urgent.
- Mandating local R&D isn’t just about job creation or investment; it’s about creating wind turbine technology designed for India’s grid, climate, and challenges.
- India — not China or Europe — must become the epicentre for wind turbine innovation and manufacturing.
The ways to achieve
- Firstly, there is a greater need to build capacity for enforcement. Without a concrete monitoring mechanism, these rules risk becoming paper mandates.
- Secondly, the amendment needs to articulate India-specific design adaptation clearly. Renewable energy projects here face extreme operating conditions — temperatures exceeding 45°C, saline coastal air, monsoon deluges, and erratic grid voltages.
- Third, the policy skirts the need for embedded systems security. Today, power converters used in wind turbines and solar inverters in solar projects are effectively software-defined assets.
- They depend on SCADA systems, PLCs, and firmware that may be compromised — often subtly and invisibly. Without mandatory audits of software stacks and hardware backdoors, especially from OEMs in adversarial jurisdictions, India’s wind and solar assets remain vulnerable.
- To operate in India, vendors/OEMs must obtain certification and clearance from Indian authorities and adhere to Government of India (GOI) regulations.
- These regulations should include provisions for force majeure situations, where vendor/OEM-supplied equipment may fail to receive support and patches, potentially leading to significant security breaches and national security risks.
- This ensures that even in times of geopolitical uncertainty, India’s energy infrastructure remains operable, supported, and secure.
Way forward
- Additionally, existing regulatory frameworks — like the Central Electricity Authority’s temperature thresholds or the National Institute of Wind Energy’s certification protocols — are treated as optional references, not core requirements.
- This disconnect must be addressed if we want turbines that are not just “Made in India” but truly Engineered for India.