their security controls

As the R²D² project enters its final year, the consortium convened in Paris on November 19–20, 2024, for a critical Plenary Meeting. Hosted by RTE, this gathering focused on assessing the progress of innovations and refining plans for implementing the project’s use cases across its four pilot sites (Serbia, Greece, Spain and Slovenia).

This milestone meeting addressed vital project areas, including dissemination strategies, tool integration, deployment, and the validation of solutions. Special emphasis was placed on the demonstration activities for use cases such as operational planning tools, crisis handling for cascading effects, wildfire impact simulations, and dynamic cybersecurity risk assessments among many others. Partners discussed the status of these use cases, challenges faced, solutions proposed, and the next steps to ensure their successful execution.

The R²D² project has made significant progress in standardization and recommendations by identifying relevant legislation and standards for its products, along with challenges and gaps for compliance and operation. Solutions were proposed to enhance legislation and standards, while addressing interoperability issues and applying security-by-design measures. Additionally, the project aligned its efforts with the objectives of the Digitalising the Energy System – EU Action Plan, contributing to a more secure and standardized energy ecosystem.

Spotlight on Cybersecurity

A dedicated session led by CyberNoesis highlighted the importance of addressing cybersecurity in energy systems. During this session, partners were introduced to the Self-Assessment Tool, as part of the PRECOG product (Prevention Systems For Energy Infrastructures Security). This tool is specifically designed to help Electric Power and Energy Systems (EPES) operators enhance the security of their supply chain practices and identify any possible gaps in their security controls regarding their supply chain practices. Once these gaps are identified, EPES operators can use the insights to develop actionable plans to implement the necessary controls. The tool also supports defining good vendor management practices, such as supplier qualification and auditing, which operators can adopt to strengthen their supply chain security. By leveraging these measures, EPES operators can effectively identify and mitigate security risks, reduce the likelihood of cyberattacks, enhance resilience to disruptions, and safeguard critical assets.

Now fully deployed, this tool is now ready to support stakeholders in strengthening their cybersecurity frameworks. From now, R²D² partners will test the tool to ensure its effectiveness in practical scenarios and provide valuable feedback.

The session also highlighted CyberNoesis’s efforts to finalize a demonstration plan aimed at engaging EPES stakeholders and ensuring the tool’s practical application. Recorded for wider accessibility, the session provided valuable insights into the tool’s capabilities and broader cybersecurity challenges. A recording of the session will be made available soon.

Replay the recorded session:

The Case for Open Source 

RTE partner brought an expert on Open Source, Boris Dolley – Head of Open Source Program Office and Sustainable IT, who provided an inspiring perspective to the meeting by advocating for open-source principles in software development. As energy systems grow more complex, with distributed renewable energy sources, electric mobility, and third-party smart services, solutions must evolve to monitor, control, and optimize these networks effectively.  Boris encouraged the consortium to embrace a cultural shift “move from ‘control and forbid’ to ‘motivate and enable’: foster openness, trust in technical communities, and collaboration to create value and drive innovation.” This sparked a robust debate among attendees, highlighting the opportunities and challenges of adopting open source in the energy sector.

Beyond the project

Finally, a discussion took place regarding the exploitation plans for the various products of R²D². While a preliminary plan was defined by partners at the beginning of the project, efforts are now being focused on refining and implementing it. Partners have already defined the intellectual property and are currently working on identifying and detailing the Key Exploitable Results (KERs). Internal discussions are ongoing to finalize the identification and definition of these KERs. The next steps involve outlining the exploitation intentions, conducting a thorough characterization and risk assessment, exploring use options, and defining a comprehensive roadmap. Additionally, recognising the importance of replication and scalability in this process, partners have developed a scalability questionnaire to support this analysis.