Digitalisation, Data Access and Cyber Resilience

WeStorix submitted Feedback on the European Grids Package Consultation in response to the European Commission’s call for evidence on the upcoming European Grids Package (initiative 14672):

Digitalisation, Data Access and Cyber Resilience

Grid optimisation and flexibility markets depend on secure, standardised data exchange between DSOs, TSOs, storage operators, and large consumers. Today, data formats and access rules vary widely; in some Member States, real-time or even historical hosting capacity data is unavailable. Meanwhile, rising digital interconnection elevates cyber risk to critical infrastructure – an issue highlighted by the EU’s Grid Action Plan.

Several EU-level instruments are already addressing these challenges. The Digitalising the Energy System Action Plan (2022) promotes the development of interoperable and secure energy data-sharing frameworks. The new Network Code on Cybersecurity for Electricity (2024) introduces mandatory cybersecurity protocols for TSOs and DSOs, while the NIS 2 Directive and Cyber Resilience Act extend cybersecurity requirements to essential infrastructure operators and digital energy devices.

However, these measures do not yet fully address the specific needs of grid-integrated battery storage, microgrid campuses, or decentralised energy service providers like WeStorix. In particular:

• There is still no binding EU requirement for real-time hosting capacity data or cross-DSO interoperability standards for flexibility assets.
• Cyber certification and risk standards for storage systems and microgrids remain undefined or only partially covered under broader TSO/DSO frameworks.
• Digital permitting tools and data interfaces for energy infrastructure are encouraged, but lack clear EU support or technical assistance pathways.

To bridge these gaps and fully support the deployment of secure, data-driven clean energy infrastructure, WeStorix recommends:

• Establish EU-wide minimum data access and interoperability standards for grid and flexibility assets, including hosting capacity visibility and secure real-time APIs
• Align cyber certification and risk management standards for storage and microgrid operators with existing EU critical infrastructure rules under the Network Code and NIS2
  Provide EU technical assistance and funding support for Member States to implement digital permitting systems and secure data interfaces for clean energy projects

WeStorix recommends: These targeted actions would complement existing EU frameworks while enabling flexible, decentralised projects to scale in a secure and standardised way across the Union.