PVPowered Data Collection Appears Secure-ish
My solar panels haven't quite passed inspection yet (next week?...fingers crossed), but they're producing and the data collection module for the PVPowered inverter is sending data out to the mvpvpowered.com web site.
I want to be able to push the data to my own site though (along with the weather station data). And in theory PVPowered will let me. The PVM1010 module's page states:
Communications options: Standard open protocols that work on TCP/IP such as UDP and MODBUS can be supplied for system users on request.
I've sent in a request and need to email another because I'm not sure the first request went in correctly.
In the meantime I thought I'd have a look at what the module does. First most obvious step was to point a web browser at the IP my router handed out when I plugged in the module. Nothing. Okay...port scan...nothing! Locked down. So next step was wireshark to watch for packets out of the module. And...after a few minutes I catch the once per fifteen minute squirt of data out to dcgateway.pvpowered.com. Amazingly it's an SSL encrypted session!
While this doesn't mean the embedded device is secure, and in theory it shouldn't much matter if it is just collecting data off the inverter's serial port and it can't actually send signals and harm the inverter, it does show that somebody at PV Powered put some proper engineering thought behind this module.
I'm impressed!
Though now I'm really counting on them to hook me up with a way to get at the data from the module.
Leave a comment