The current framework for digital activities in ENTSO-E is provided by its IT Strategy, which was approved in 2017. The ENTSO-E IT Strategy has clearly identified ­interoperability and cybersecurity as two of the founding capabilities for ENTSO-E’s information systems. This has led to the development of an ENTSO-E Cyber­security Strategy that was approved in the first quarter of 2019. In this context, relevant activities are steered as detailed in the following paragraphs.

Cybersecurity

Protecting TSOs’ systems and network operation tools against cyber-attacks is of paramount importance for system security. For several years now, ENTSO-E has been acting as a platform for the sharing of best practice between TSOs. The entry into force of the CEP tasked ENTSO-E with the mandate to promote cyber security and data protection in cooperation with relevant authorities and regulated entities (Art. 30.1.n Reg. 943/2019).

Under the framework of the Connecting Europe Facility (CEF) project, ENTSO-E carried out the following cybersecurity activities:

Moreover, ENTSO-E performed cyber risk assessments on the main ENTSO-E legally mandated IT platforms: CGM, EAS, Transparency Platform and OPC/STA. Regarding the latter, ENTSO-E performed external penetration testing to confirm the effectiveness of the overall security.

ENTSO-E also participated in the informal drafting team of the Network Code on Cybersecurity (composed of TSOs and DSOs under the EC leadership), which culminated in the publication of the “Recommendations for the European Commission on a Network Code on cybersecurity” in February 2021. Following the publication of the Framework Guideline by ACER, the formal drafting process of the Network Code on Cybersecurity started on 27 July 2021. The Network Code on Cybersecurity was co-drafted by ENTSO-E and the EU DSO Entity and, between November and December 2021, ENTSO-E conducted a public consultation on the Network Code proposal and organised two public workshops¹⁸.

In October 2021, ENTSO-E, together with E.DSO and ENCS, hosted the 4^th edition of their Cybersecurity event “Enhancing our grid resilience” discussing the challenges of increasing volume and the sophistication of malicious acts towards the European energy grid and how the Network Code on Cybersecurity will enhance our grid resilience.

Data exchange standards: Ensuring pan-European interoperability

Standards facilitate cross-border exchange and allow for the efficient and reliable identification of different objects and parties relating to the internal energy market and its operations. Standards also support the implementation of network codes in various ways, and several of ENTSO-E’s IT tools and data environment, such as the OPDE, rely on standards. In accordance with Art. 30.1.k of the Electricity Regulation (943/2019), ENTSO-E should contribute to the establishment of interoperability requirements and non-discriminatory and transparent procedures for accessing data.

ENTSO-E develops and maintains an Electronic Data Interchange library to enable interoperability between actors in the electrical industry in Europe.

The main standardisation activities in 2021 included the development of the Common Information Model (CIM) and implementation guides to support data exchanges required from the Network Codes, work on international standards, updating the CGMES, maintaining the harmonised role model, following-up on the implementing acts on data and interoperability, implementing Art. 55(2)(a, b, c) of the IEM regulation and Art. 24 of the IEM Directive, and training activities for the TSO–RSC community.

In June 2021, CGMES was published as an International Standard by the International Electrotechnical Commission (IEC).