E.DSO, ENCS and ENTSO-E: “Cybersecurity: Defence in Depth” workshop


How can we keep control over our European electricity grid infrastructure, now that it is no longer in doubt that nation-state online activities are targeting power grids? How is this done while new actors and technologies are connected to the grid at an ever-increasing rate?

These were the questions and the themes of the discussions at the high-level technical workshop organised by the Association of European Distribution System Operators (E.DSO), the European Network for Cyber Security (ENCS) and the European Network of Transmission System Operators for Electricity (ENTSO-E).

Leading cybersecurity experts from the grid operator community, public organisations and industry discussed the main cybersecurity threats requiring mitigation, strategic opportunities and how to stay ahead of the developments.

The grid operator community is expanding its successful approach of investing in expert pooling and community building around strategic themes. These include supply chain security, closing the skills gap and creating practical solutions fit for use in the wider community. 

A demonstration by ElaadNL and ENCS on “how vulnerabilities in EV charging infrastructure can be exploited to disrupt electricity supply,” showcased the urgent need to address security responsibilities in a multi-stakeholder environment.

“There are a lot of discussions around the concept of “sandboxing” these days at EU level. The long-standing cooperation among DSOs, TSOs and ENCS is a testament to the strength of this approach. Experimenting with, developing and deploying technology in a no-strings environment accelerates advancement in problem-solving, software development and product engineering”, stated Roberto Zangrandi, Secretary-General with E.DSO, the voice of Europe’s leading DSOs.

He added: “What’s more, this approach yields crucial knowledge to better inform the activities of policymakers and regulators in the sector”.

“While the European legislative framework for security is being implemented and expanded, it is now essential to focus on the right things”, said ENCS Managing Director, Anjos Nijk. “Regulators have to rely on new expertise and go beyond what they have become comfortable with in the past decades. The push for standards from manufacturers should be converted into a pull for standards from operators. After all, it is operators who are the risk owners and possess the key to the harmonisation of requirements and testing. Public funding (like the H2020 programme) is too bureaucratic and should become results-oriented instead.”

According to Laurent Schmitt, ENTSO-E Secretary-General, “our TSO Community is actively working to best anticipate the coming new network code on cybersecurity”, said ENTSO-E Secretary-General Laurent Schmitt. “Furthermore, TSOs and DSOs, governments and EU should cooperate not only to protect the energy sector in Europe from cyber threats but also to actively control or anticipate them. For instance, it is necessary to identify gaps in international cyber standards, carry out cross-border and cross-organisational risk assessments, and elaborate a secure procurement policy”.

Also speaking were the EU Commission Directorate-General for Communication, Networks, Content and Technology, Roberto Viola, asserted that: “Grid in infrastructure integration places coordination at the centre of energy security. Cybersecurity is a key priority for the new EU commission as we need to advance standards and regulatory tools”. 

Also present was Stefan Moser from the Directorate General for Energy, who declared that: “Energy needs digitalisation to master decarbonisation. Clean energy package foresees legal basis for network codes jointly developed by DSOs, TSOs and acer to develop common perspectives of what needs to be done”.

The event once again made it very clear that all stakeholders share the same objective and that only collaboration will allow Europe to stay ahead and surf the innovations with confidence and awareness.