PM Surya Ghar: MNRE Drafts IoT-Based Inverter Rules to Guard Against Cyber Threats

The Ministry of New and Renewable Energy (MNRE) has released draft guidelines for Remote Monitoring System (RMS) inverters. Under the latest draft, MNRE mandates the RMS inverter with a centralized communication platform via a data logger. The proposed system would be implemented under the PM Surya Ghar: Muft Bijli Yojana. MNRE has sought responses for the draft until July 31, 2025.

Advertisment

MNRE in the latest draft guideline outlines the communication and security architecture required for the integration of Remote Monitoring Systems (RMS), deployed in grid-connected solar power plants, with the Centralised Platform. The draft serves as a reference for developers and system integrators to ensure standardized, secure, and interoperable data exchange across the solar energy ecosystem.

As per the notification released by MNRE, "All inverter communication devices/dongles/data loggers deployed under the scheme shall have a Machine-to-Machine (M2M) SIM communication protocol to enable secure and reliable data transmission."

The Ministry is finalising vendor-neutral, open-protocol guidelines for secure data communication and monitoring of Rooftop Solar (RTS) systems via the National Portal. Integration testing of inverter communication devices will begin on September 1, 2025, following a separate government notification.  

Advertisment

Equipment in the RMS Communication & Security Architecture:

The ministry detailed the following equipment in the RMS Communication & Security Architecture:

1. Security Architecture
2. RMS Registration
3. MQTT Topic Structure
4. Communication Modes
5. Communication Protocol
6. Keyword Abbreviation
7. MQTT Message Structure
8. Annexure: JSON Formats with parameter keywords, sample values, and description

Emphasizing the importance of RMS inverter development, the ministry in the draft said, “The communication security architecture between the RMS and centralized IoT platform will prevent third parties from intercepting or ‘sniffing’ encrypted data. This ensures protection from ISPs, employers, network administrators, and cybercriminals attempting packet sniffing, and guards against man-in-the-middle (MitM) attacks.” The architecture includes a private TLS/SSL VPN for enhanced data protection.

The draft also proposes an OTP-based mechanism for every message exchange to help restrict spammers and bots. “Such an OTP-based mechanism will provide transaction-level security, which is essential for remote operations,” the ministry noted.

Additionally, the guidelines recommend adopting an MQTT message structure for communication between the RMS and centralized IoT platform through a Device Management Server. This message format includes system-reserved keywords in the header section and equipment-specific parameters.

According to MNRE, solar systems comprise several communicable components—including inverters, energy meters, string combiner boxes, and weather stations—installed and monitored at both the plant and block levels. To ensure standardized data reporting, each measurable parameter must be uniquely identified. Additionally, MNRE has provided a keyword designer to be used for preparing the JSON annexure.