(AI generated translation of the original EMI’s publication in BG)

In February, the European organisation of electricity distribution system operators, the EU DSO Entity, published a strategic analysis of the role of distribution system operators in energy resilience – Strengthening the Resilience of the EU Energy System: The Important Role of Distribution System Operators (DSOs). The document was developed by the EU DSO Entity (Country Expert Group) based on a structured survey of 23 DSO representatives from EU member states conducted between September and November 2025 and was prepared in parallel with the internal analysis of the incident on the Iberian Peninsula on April 28, 2025.

The central thesis of the report is that the traditional understanding of energy security, focused on resource adequacy and the balance between supply and demand (primarily the responsibility of transmission system operators), is insufficient in the context of a transforming energy system. A broader and more forward-looking approach is needed, focused on resilience—the ability to prevent, prepare for, adapt to, and recover from disruptions—in which distribution networks take on strategic importance.

Energy Security and Resilience: Distinction and Interconnection

The report makes a key distinction between the two concepts. Energy security encompasses the availability and reliability of an adequate energy supply at a reasonable price, including from the perspective of physical, price, and geopolitical dimensions. Resilience is defined as the ability to avoid, prepare for, minimize, adapt to, and recover from expected and unexpected energy disruptions in order to ensure energy availability and reliability.

The evolving energy system, which is becoming increasingly decentralized, digitized, and decarbonized, as well as the growing threats to the security and safety of Europe’s grid infrastructure, have shown that the importance of electricity grids is no longer limited to aspects of physical security of supply. Grids are increasingly affected by other challenges arising from the integration of renewable energy sources and distributed energy resources into the electricity grid, but also by emerging external challenges that expose their vulnerabilities. To address these challenges, power grids must become more resilient in their design and adopt an all-hazard approach to cope with natural disasters (e.g., extreme weather conditions, climate impacts), incident risks (e.g., technical failures), and man-made threats (e.g., sabotage).

Resilience follows an all-hazard approach that contributes to the EU’s overall energy security.

This conceptual shift is reflected in the EU regulatory framework: Directive (EU) 2022/2555 on measures for a high common level of cybersecurity (Network and Information Systems Security Directive – NIS2), the Directive on the Resilience of Critical Energy Infrastructure (2022/2557/EU), and the Network Code on Cybersecurity in the Electricity Sector (Regulation 2024/1366/EU). This framework introduces horizontal, binding obligations for resilience and risk management for critical energy entities, including ORCs.

The Growing Relevance of DSOs to EU Resilience

The EU’s new 3D (decentralized, decarbonized, and digitized) energy system requires distribution system operators (DSOs), which have traditionally focused more on passive infrastructure management, to adopt a more active approach with greater roles and responsibilities in the active management and operation of the grid and in strengthening the resilience of the EU energy system.

• DSOs as key integrators of RES and drivers of energy independence

DSOs connect 70% of new renewable energy (RES) capacity in the EU, including the target of 600 GW of installed solar capacity by 2030. By 2024, a total of 338 GW of photovoltaic capacity will be installed in the EU, of which 38 GW of new rooftop solar installations will be connected to the TSOs’ grid (by comparison, only 1.4 GW of new offshore wind capacity will be connected to the transmission grid). TSOs manage over 10 million km of cables and infrastructure out of a total of 11.3 million km of the electricity grid in Europe and supply energy to more than 250 million consumers (approximately 98% of industry is connected to the TSO grid). Alongside RES, TSOs are integrating growing volumes of distributed energy resources (DER), including electric vehicles and heat pumps.

• Active system management and grid stability

The report argues that TSOs are no longer passive “managers” of infrastructure but are taking on a growing portfolio of responsibilities: integrating RES and DER, providing flexibility through services to consumers, and ensuring reliable power supply through active system management. In an energy system increasingly dependent on variable and bidirectional energy flows, TSOs are taking on a key role in maintaining stability in coordination with transmission system operators.

Two technological areas are particularly significant. First, the grid-forming capabilities of inverter resources, which emulate inertia, maintain voltage and frequency references, and provide black-start capability during major outages. Second, the digitalization of distribution networks, including smart meters and digital technologies, enhances network observability, enables early fault detection, maintains the balance between supply and demand at the local level, and improves congestion management.

• External challenges: cybersecurity, climate, and physical security

The survey of 23 TSOs identified four main challenges to resilience by priority: extreme weather events and climate change (34%), cyberattacks (30%), risks of supply disruptions from decentralized systems (23%), and physical or military attacks (13%).

 

 

 

The specific shares by country are shown in the following chart.

Cybersecurity

The energy sector is the second most affected by cyberattacks in the EU according to ENISA: 200 incidents out of a total of 1,276 (15% of all incidents), mainly caused by system failures (47%) and malicious actions (42%). Destructive attacks have doubled in recent months, with a significant portion of them traced back to Russian groups. CSOs also face a serious shortage of cybersecurity personnel—an estimated 299,000 unfilled positions in the EU, with 81% of companies identifying hiring difficulties as a significant risk. About 100 CSPs have been designated as entities with critical or high impact under the Network Code on Cybersecurity.

The report highlights numerous best practices: the Portuguese CSP E-REDES implements internal programs to enhance cyber culture; the joint PCI Selena project between Slovak, Hungarian, and Czech ORCs is establishing a cross-border cybersecurity and resilience center; Italy’s National Cybersecurity Perimeter (PSNC) is introducing government approval for major network technology upgrades.

Climate Adaptation

2024 is the warmest year on record, with temperatures more than 1.5°C above pre-industrial levels. Extreme weather events have caused average annual economic losses of €12 billion, and a total of over €145 billion across the EU. Southern Europe is most affected by extreme heat, Northern Europe by icing and winter storms, while floods and strong winds affect the entire continent.

TSOs are investing in the physical resilience of the grid: undergrounding overhead lines in high-risk areas, waterproof substations, heat-resistant cables, improved vegetation management, and medium-voltage automation. At the same time, they are strengthening monitoring and emergency response through weather forecasting tools, AI-based vulnerability assessment models, and business continuity management (BCM) plans. Specific examples: Spain’s TSO i-DE has invested €100 million in network redesign following Storm DANA (October 2024, with 180,000 customers without power, 85% restored within 48 hours); France’s Enedis plans to invest €1 billion annually in grid modernization and resilience, and to bury 20,000 km of its total 48,000 km of overhead lines by 2032; Italy’s E-Distribuzione has invested over 1 billion euros between 2017 and 2024 and plans to invest approximately 3 billion euros for 2025–2027 under a resilience program.

Physical protection of infrastructure

In the context of geopolitical tensions, the report highlights the need for enhanced physical protection of distribution infrastructure against sabotage, intrusion, and malicious attacks, including those from foreign states and hybrid threats. DSOs implement perimeter security, video surveillance, radar systems, and drone defense. Slovak DSOs (ZSD, SSD, VSD) are introducing next-generation automated substations and anti-drone defense systems as part of the PCI Selena and Danube InGrid projects.

Regulatory Framework and Necessary Measures

• Forward-Looking and Proactive Regulation

The transformation of the energy system requires significant investments in distribution networks, accounting for two-thirds of total network investments in the EU. The total projected investment need for distribution networks is €730 billion by 2040, of which €33 billion is specifically for resilience for the period 2020–2030 (an estimate predating the REPowerEU targets). Regulatory frameworks should shift to a long-term, forward-looking, and proactive approach that allows TSOs to plan investments based on forecasts rather than just current needs. The EC’s Guidelines on Forward-Looking Investments (COM 2025/3291/EU) explicitly include investments in grid resilience as eligible forward-looking investments.

• Implementation of cybersecurity legislation

The report calls for the effective implementation of already adopted legislation, rather than new regulations. The implementation of the Network Cybersecurity Code has been delayed in several countries due to the absence of designated national competent authorities and the prioritization of the transposition of NIS2. TSOs need sufficient time to comply and for the associated costs to be recognized within the regulatory frameworks. DSO Entity and ENTSO-E are jointly developing guidelines on conditions, methodologies, and timelines to support implementation—two such documents have already been provided to national regulatory authorities.

• TSO–NRA Cooperation and Incident Response

The Iberian blackout of April 28, 2025, which affected millions of citizens, industrial enterprises, telecommunications, and generators in Spain, Portugal, and parts of France, demonstrated that in an interconnected and decarbonized system, security of supply depends on all levels of the system. The report calls for the formal inclusion of DSO Entities in the investigation of pan-European incidents and in the development of the Incident Classification Scale (ICS) methodology, particularly for incidents of scale 2 and 3. DSOs should be represented on the ICS expert panel on an equal footing with TSOs.

• Permit Procedures and Technical Standards

Permits for grid infrastructure at the distribution network level take up to 8–10 years for medium and high voltage. Although the revised Renewable Energy Directive (REDIII, 2023/2413/EU) and REPowerEU introduce new provisions to streamline procedures, transposition in Member States is slow. The report welcomes the proposals in the Grids Package’s permitting framework, including a new permitting system for OSD and TSO projects, but warns that reopening recently adopted legislative texts could introduce additional complexity and delays.

Separately, the adoption of the revised Network Code on Requirements for Generators (RfG 2.0) as a delegated act has been delayed by more than two years following ACER’s proposal in December 2023 and is expected in the first half of 2026. This is crucial for updating technical standards for the connection of inverter-based resources, including grid-forming functions, and for preventing delays in the integration of RES.

Key Messages and Recommendations

The report formulates four key recommendations at the EU level:

• Rapid implementation of the EC’s guidelines on forward-looking investments (C/2025/3179/EU) and the related provisions of the reform of the Electricity Market Directive (2024/1711/EU) to ensure a forward-looking regulatory framework for investments in grid resilience.
• Focus on the effective implementation of existing legislation: transposition of cybersecurity legislation at the national level, particularly the Cybersecurity Network Code; recognition of compliance costs; accelerating the transposition of the enabling provisions under RED III and ensuring consistency in the negotiation of the Grids Package.
• Timely adoption of RfG 2.0: the delegated act is crucial for updating the technical requirements for secure grid operation and for the integration of RES.
• “System of Systems” approach to energy security: greater involvement of DSOs as equal partners of TSOs and enhanced TSO–DSO cooperation in assessing pan-European security incidents, with the DSO Entity as a privileged partner.