How can we keep control over our European electricity grid infrastructure now nation state online activities targeting power grids are no longer in doubt, while new actors and technologies are connected to the grid at an ever-increasing rate? These were among questions at a technical workshop organised by the Association of European Distribution System Operators (E.DSO), the European Network for Cyber Security (ENCS) and the European Network of Transmission System Operators for Electricity (ENTSO-E).
Cybersecurity figures from grid operators, public bodies and industry discussed the main cybersecurity threats requiring mitigation, and how to stay ahead of the developments.
From the EU Commission Directorate General for Communication, Networks, Content and Technology, Roberto Viola, said that “Grid in infrastructure integration places coordination at the centre of energy security. Cybersecurity is a key priority for the new EU commission as we need to advance standards and regulatory tools”. Stefan Moser, from the Directorate General for Energy, said that “Energy needs digitalization to master decarbonization. Clean energy package foresees legal basis for network codes jointly developed by DSOs, TSOs and acer to develop common perspectives of what needs to be done.”
The event heard that grid operators are expanding an approach of investing in expert pooling and community building around strategic themes. These include supply chain security, closing the skills gap and creating practical solutions fit for wider use.
A demonstration by ElaadNL and ENCS on “how vulnerabilities in EV charging infrastructure can be exploited to disrupt electricity supply,” showed the urgent need to address security responsibilities in a multi-stakeholder environment.
Roberto Zangrandi, Secretary General with E.DSO, the voice of European DSOs said: “There are a lot of discussions around the concept of “sandboxing” these days at EU level. The long-standing cooperation among DSOs, TSOs and ENCS is testament to the strength of this approach. Experimenting with, developing and deploying technology in a no-strings environment accelerates advancement in problem solving, software development and product engineering.” He added: “What’s more, this approach yields crucial knowledge to better inform the activities of policy makers and regulators in the sector”.
ENCS Managing Director, Anjos Nijk said: “While the European legislative framework for security is being implemented and expanded, it is now essential to focus on the right things. Regulators have to rely on new expertise and go beyond what they have become comfortable with in the past decades. The push for standards from manufacturers should be converted into a pull for standards from operators. After all, it is operators who are the risk owners and possess the key to harmonisation of requirements and testing. Public funding (like the H2020 program) is too bureaucratic and should become results-oriented instead.”
According to Laurent Schmitt, ENTSO-E Secretary General, “our TSO Community is actively working to best anticipate the coming new network code on cybersecurity”, said ENTSO-E Secretary-General Laurent Schmitt. “Furthermore, TSOs and DSOs, governments and EU should cooperate not only to protect the energy sector in Europe from cyber threats, but also to actively control or anticipate them. For instance, it is necessary to identify gaps in international cyber standards, carry out cross-border and cross-organisational risk assessments, and elaborate a secure procurement policy.”
