Smartnening the energy networks and cybersecurity

An EU Action Plan for Grids

Interconnected and stable energy networks are the backbone of the EU’s internal energy market and key to enable the green transition. To help deliver the European Green Deal, in November 2023, the European Commission proposed a Grid Action Plan[1] to make sure that EU’s electricity grids will operate more efficiently and will be rolled out farther and faster. Overall, the Commission estimates that EUR 584 billion in investments[2] are necessary for the electricity grids this decade. This represents a significant part of the overall investment needed for the clean transition in the electricity sector.

The Action Plan highlighted two areas in which action will be needed in the years to come: cross-border interconnections and transmission and distribution grids within borders. In this latter respect, the Plan foresees that distribution grids will have to grow and change to connect large amounts of decentralised renewable generation, and new flexible demand (“loads”) such as heat pumps and charging stations for electric vehicles. These grids are gaining new roles, becoming facilitators of a range of new solutions that the system requires. They will need to turn into smart grids, becoming digital, monitored in real-time, remotely controllable and cybersecure. Research and innovation play an important role in supporting this transformation. Moreover, around 40% of Europe’s distribution grids are over 40 years old and need to be modernised. Industry estimates that around EUR 375-425 billion of investment in distribution grids is necessary by 2030^[3].

Smarter grids and smarter grid solutions

Smarter grids would deliver benefits in at least two respects. First, they will make the system more flexible and therefore able to support the transistion at lower costs. Smarter grids or smarter grid solutions can, at least in some cases, replace the need for network capital investments. Secondly, smarter grids would enable the connection and management of flexibilioty resources, which are going to be increasingly needed to support the greater penetration of intermittent renewable-based generation.

Smarter grids and smarter grid solutions should become an essential part of network development planning at all levels, transmission and distribution. Network operators should be encouraged and possibly incentivised to opt for smart grid solutions every time they represent a more effective and cheaper alternatives to traditional network investments. Regulators should make sure that the regulatory regime in place for grids does not directly or indirectly crwate a bias in favour of infrastructure investments and against smart solutions. Regulators may even consider promoting ther adoption of grid enhancing technologies or other smart grid solutions through appropriate incentives[4].

Highlights from the FSR policy workshop

In terms of technical potentials, smarter hardware and software solutions – such as dynamic line rating, advance power flow control, topology optimisation and digital twins – could be both alternatives and complementary to network expansion solutions. Smart grid solutions are incerasingly been implemneted at both TSO and DSO levels. A recent survey conducted by the  Joint Research Centre of the European Commission as part of its “DSO Observatory”, covering 68 DSOs supplying approx 182 million EU customers, found that many of the surveyed DSOs are involved in either small-scale pilot projects (76% of the surveyed DSOs), regulatory snadboxes (42%) or large-scale, policy-driven innovative technologies (25%). The use of artifical intelligence is also on the increase.

On the TSOs’ side, the path to digital smart grid requires the rcognition that: (I) substantial investments are required; (II) the performance on core TSO processes and system security need improvements; (III) innovation and new solutions should be acknowledged; (IV) there is no “un-boxing” solution; and (V)  a supportive regulatory framework is required.

From a regulatory perspective, the adoption of smart technologies could be promoted througb targeted regualtory incentives, e.g. benefit sharing. However, the current regulatory and incentive schemes seem unable to motivate a wide-scale deployment of efficient solutions. The benefit-based incentive scheme proposed by the FSR is a Report commissioned by ACER in 2023[5] could pave the way for implementation. ARERA, the Italian regulator, has been working on reversing the CAPEX bias, the tendency of system operators to favour CAPEX (network investments) over OPEX (improvements of procedures) by using a portfolio of regulatory instruments, including (i) the capitalisation of certain categories of OPEX, (ii) the use of fixed OPEX-CAPEX shares (FOCS) for regulatory purposes, (iii) TOTEX benchmarking with general efficiency targets or company-specific efficiency targets, and (iv) output-based regulation, comprising performance-related incentives and cost savings-related incentives.

Output-based regulation of electricity transmission in Italy started in 2007-2008, initially focussing on continuity of supply. Since 2016 it has been expanded to the regulation of other outputs, such as: increases in the transfer capacity up to a target value (i.e. transmission system needs) at each cross-zonal boundary and their CAPEX efficiency vs. a reference value defined by the NRAs, and Incentives for savings on redispatching costs. Two types of incentives are provided: performance-based regulatory mechanisms, i.e. mechanisms which reward or penalise the TSOs based on actual performances; and benefit-based regulatory mechanisms, i.e. mechanisms which are based on the concept of sharing some benefits (including estimated benefits) with the TSOs as an incentive

At the same time, demand is still not as flexible as it was hoped, due to weak price signals and technical inability to act. This might change in the future with higher prices/tariffs and the revenue stacking provided by different flexibility markets and/or mechanisms.

Going forward, digitalisation will impact all levels and grid users would need to be educated in order to enable their particiopation in the market

A snarter network is more prone to be cyber-attacked. A Network Code on Cybersecurity for the EU electricity network (NCCS)[6] was adopted last year. It sets a European standard for the cybersecurity of cross-border electricity flows and includes rules on cyber risk assessment, common minimum requirements, cybersecurity certification of products and services, monitoring, reporting and crisis management. A  wide range of emtities are within the scope of the NCCS: producers, suppliers, TSOs, DSOs, NEMOs, eaggregators, demand-response providers, storage providers, operastors of electric-vehicles recharging points, balance responsible parties, organised market places, ENTSO-E, the EU DSO Entity, the RCCs, the critical ICT service providers and managed security service providers (providers of outsourced cybersecurity services). The NCCS covers four main aspects – cyber-risk assessment, information sharing, supply-chain security, and a common electricity cybersecurity framework – and considers a number of main threats, including: (I) a severe and unexpected corruption of the supply chain: (II) the unavailability of ICT products, ICT services, or ICT processes from the supply chain; (III) cyber-attacks initiated through actors in the supply chain; (IV) leaking of sensitive information through the supply chain, including supply chain tracking; (V) the introduction of weaknesses or backdoors into ICT products, ICT services, or ICT processes through actors in the supply chain; (VI) attacks through communication networks; (VII) attacks through removable media; (VIII) unauthorized system access; (IX) malware intrusion; (X) social engineering; (XI) physical attacks; and (XII) insider threats.

From a regulatory perspective, different approaches are possible along two main axes: incentives for rule-based security investments and incentives for risk-based secutity investment. While emphasis on both dimensions would provide the strongest security, budget constraints might impose a trade-off between the rwo dimensions. Therefore, regulatory measures should be balanced and efficient

As the future smart grids will be a complex system, charactierised by complex interdependencies between technologies and processes, cooperation between operators will be ever more essential.

[1] Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, Grids, the missing link – an EU Action Plan for Grids, Brussels 28.11.2023, COM/2023/757 final.

[2] Implementing the REPower EU Action Plan, SWD(2022) 230 final

^[3] See Connecting the dots, conducted by Eurelectric in cooperation with E.DSO. Grids’ share of total energy supply costs has evolved from 27% on average in the previous decade, to 37% this decade – see Commission’s Investment needs assessment SWD(2023) 68 final

[4] In the US, the Federal Energy Regulatory Commission, after considering incentives for grid enhancing technologies, eventually resolved to mandate the adoption of some of them. Mandating, however, faces the problem that it often does not take into account the costs and benefits of specific solutions applied in specific situations and circumstances.

[5] FSR, Benefit-based remuneration of efficient infrastructure investments, Final report, RSC/FSR 2024, available at: https://www.acer.europa.eu/sites/default/files/documents/Publications/2024_Report_Benefit_based_remuneration_infrastructure_investments.pdf.

[6] Commission Delegated Regulation (EU) 2024/1366 of 11 March 2024 supplementing Regulation (EU) 2019/943 of the European Parliament and of the Council by establishing a network code on sector-specific rules for cybersecurity aspects of cross-border electricity flows.