Quick summary
Much of Europe's grid is controlled by SCADA platforms and RTUs built for a centralised, fossil-fuelled system. As renewables, electrification and distributed generation reshape the grid, that ageing control layer has become a constraint on how fast new capacity can connect. This article sets out why legacy operational technology now limits the energy transition, and how transmission and distribution operators can modernise it in phases, securely and without interrupting supply.
Europe's electricity system is being rebuilt around renewables, electrification and decentralised generation, yet much of the machinery that monitors and controls it predates that shift. SCADA platforms, remote terminal units (RTUs) and substation controllers installed for a centralised, fossil-fuelled grid are now expected to coordinate millions of distributed assets in real time. According to the European Commission (2023), around 40 percent of Europe's distribution grids are over 40 years old, and the control systems layered on top of them are often just as dated.
For transmission and distribution system operators across Denmark, the Nordics and the DACH region, this creates a difficult question. Modernising operational technology (OT) cannot mean switching the grid off, and replacing everything at once is neither affordable nor safe. The realistic path is a phased modernisation of SCADA and RTU estates that improves visibility, interoperability and security while keeping supply uninterrupted.
The pressure on grid control systems comes from both demand and physics. EU electricity consumption is expected to rise by around 60 percent between 2023 and 2030 as heat pumps, electric vehicles and electrified industry come online (European Commission, 2023). At the same time, generation is shifting from a handful of large plants to vast numbers of small, variable sources connected close to consumers.
Older SCADA and RTU architectures were designed to supervise predictable, one-directional power flows. They struggle with bidirectional flows, rapid voltage fluctuations and the sheer volume of telemetry that distributed energy resources produce. The IEA (2023) found that at least 3,000 GW of renewable projects were sitting in grid connection queues worldwide, and in 2024 it still tracked around 1,650 GW of solar and wind in advanced stages awaiting connection. The reason this matters is that the system's ability to absorb new capacity, rather than the capacity itself, has become the binding constraint.
The bottleneck in the energy transition is increasingly the intelligence layer of the grid, not the cables and transformers beneath it.
Takeaway: Legacy SCADA and RTU systems were built for a grid that no longer exists, and their limits now shape how quickly new capacity can connect.
Underinvestment in grid control is expensive in ways that do not always show up on a balance sheet. Eurelectric (2024) estimates that EU distribution grid investment, including digitalisation, must rise to an average of €67 billion per year between 2025 and 2050, roughly double the recent figure of about €33 billion. The same study warns that failing to invest would put around 74 percent of planned connections for electric vehicles, heat pumps and renewables at risk.
Global spending tells a similar story. Investment in renewables has nearly doubled since 2010, while spending on grids stayed close to USD 300 billion a year for much of the past decade (IEA, 2023). The implication is that generation and grid capability have drifted apart, and the gap is widest at the digital and control layer, where modernisation has been the easiest line item to defer.
There is a clear upside to acting, though. Eurelectric (2024) found that grid-enhancing technologies and smarter operations could cut total system costs by around 18 percent, saving roughly €13 billion a year. Those savings depend on modernised control systems, because dynamic line rating, flexibility services and active network management all rely on accurate data delivered in real time.
Deferring control-system modernisation does not avoid the cost, it converts a capital decision into a slower and riskier energy transition.
Takeaway: The price of an ageing control estate appears as blocked connections and missed efficiency, not just rising maintenance bills.
Connecting legacy OT to modern networks unlocks visibility, but it also widens the attack surface. Systems that once operated in isolation were frequently designed without authentication or encryption, and exposing them to wider networks introduces risk that did not previously exist. This is not a hypothetical concern: energy infrastructure has become a recurring target for both state-aligned groups and hacktivists as industrial systems become more connected.
The constraints are structural as much as technical. ENISA (2025) reports that the energy sector faces particular difficulty protecting OT environments, where patching and downtime are operationally constrained, and that EU cyber resilience is held back by a skills shortfall of roughly 300,000 professionals. The reason this matters for modernisation is that a more observable substation is also a more reachable one, so security cannot be treated as a later phase.
Every step that makes a substation more observable also makes it more reachable, so security has to be designed into modernisation rather than added afterwards.
Takeaway: Closing the visibility gap in OT without closing the security gap simply trades one risk for another.
Because the grid cannot pause, modernisation works best as a sequence rather than a single replacement. A brownfield approach lets operators introduce modern capabilities alongside existing equipment, retiring legacy components as confidence grows. The European Commission (2023) frames the destination plainly: distribution grids must become digital, monitored in real time, remotely controllable and cybersecure.
In practice, a phased programme tends to address several layers in turn:
This staged model fits the reality of European grids, where assets from many vendors and decades sit side by side. In the Nordics, DACH and Benelux markets in particular, operators rarely run a single homogeneous platform, so interoperability across generations of equipment becomes the practical core of any upgrade rather than an afterthought.
The hardest part of grid modernisation is rarely the new technology, it is making it coexist safely with the old technology that cannot yet be removed.
Takeaway: A phased, interoperability-first programme lets operators modernise continuously without a risky single switchover.
The most durable way to frame SCADA and RTU modernisation is as building a data capability, not swapping hardware. Once telemetry is accurate, secure and available in real time, it becomes the foundation for forecasting, flexibility markets and active network management. Eurelectric (2024) projects that by 2050 around 70 percent of renewable generation and storage will connect at distribution level, which only works if distribution operators can see and steer those assets.
This reframing also changes how the investment is justified. Instead of a defensive replacement of obsolete equipment, modernisation becomes the platform on which efficiency and new services depend. The distinction matters because data-led modernisation tends to deliver compounding value over time, whereas like-for-like replacement locks in yesterday's limitations at tomorrow's prices.
Treating modernisation as a data platform turns a maintenance cost into the basis for grid flexibility and optimisation.
Takeaway: Modernisation framed around data, rather than hardware, is what makes flexibility and optimisation possible later.
The energy transition is often described through turbines, panels and cables, but its pace is increasingly set by the systems that monitor and control them. With around 40 percent of Europe's distribution grids over 40 years old and demand climbing steeply, the SCADA and RTU layer can no longer be treated as a background concern.
A phased, security-aware and interoperability-first approach lets operators in Denmark, the Nordics, DACH and across the EU modernise without interrupting supply. The operators that treat control-system modernisation as a data platform, rather than a one-off hardware refresh, will be the ones able to connect new capacity quickly, safely and at lower overall system cost.
SCADA, which stands for supervisory control and data acquisition, is the central platform operators use to monitor and control the grid. An RTU, or remote terminal unit, is the field device at a substation or asset that collects measurements and carries out commands. The RTU gathers local data and relays it to SCADA, which gives operators a system-wide view. In a modernisation programme the two are usually upgraded together, because better field devices are only useful if the central platform can interpret what they send.
A complete replacement is rarely practical, because the grid has to operate continuously and a single large switchover concentrates risk into one event. Operators also run equipment from many vendors and decades, so a phased, brownfield approach that bridges old and new systems is safer and more affordable. It allows legacy components to be retired gradually, as new capabilities prove themselves reliable in live operation.
IEC 61850 is an international standard for communication within and between substations. It supports interoperability between equipment from different vendors, faster data exchange and clearer data models than older point-to-point protocols. Adopting it lets operators integrate modern devices while bridging to legacy IEC 60870 links, which is central to a phased modernisation strategy.
Yes. Many legacy OT systems were designed to run in isolation and lack built-in authentication or encryption, so connecting them widens the attack surface. ENISA has highlighted that the energy sector finds OT especially hard to protect, partly because patching and downtime are operationally constrained. The practical response is to design security into modernisation from the start, aligning controls with standards such as IEC 62443 rather than bolting protection on afterwards.
The NIS2 Directive sets baseline cybersecurity and incident-reporting obligations for energy operators classed as essential entities, while IEC 62443 provides technical controls for industrial automation and control systems. National regulators and the EU Action Plan for Grids reinforce the expectation that grids become digital and cybersecure. Operators typically combine regulatory compliance with these technical standards rather than treating them separately.