Software and automation in the energy industry

Quick summary

The European grid has become the constraint on the energy transition, and the bottleneck is increasingly software rather than steel. This guide explains how operational technology, protocols, market systems and regulation now fit together for transmission and distribution operators.

Introduction

For most of its history, the power grid was a hardware story. Capacity meant conductors, transformers and substations, and the software that ran on top of them was a supporting actor. That order has reversed. Each year about USD 400 billion is now spent on grids worldwide against roughly USD 1 trillion on generation, and the International Energy Agency expects annual grid investment to rise by about 50 percent by 2030 to keep pace with demand (IEA, 2026). A great deal of that money is going into digitalisation, because the grid cannot absorb renewables, manage bidirectional flows or balance in near real time without a far more capable data and control layer.

The result is that transmission system operators, distribution system operators and the integrators who serve them are running what are effectively large software estates with physical consequences. The themes that follow, modernising operational technology, fixing interoperability, feeding faster markets and documenting security, are not separate projects. They are facets of one programme, and the operators who treat them as connected are the ones positioned to connect generation at the pace the transition demands.

The operational technology layer is the real bottleneck

Much of Europe's grid still runs on remote terminal units and supervisory control and data acquisition systems that were specified for a stable, one-directional network. They have performed reliably for decades, which is precisely the problem: they were never designed for distributed generation, volatile flows or the granular observability a renewable-heavy grid demands. As those same assets move onto the critical path for connecting wind and solar, their limitations stop being a maintenance footnote and become a strategic constraint, a shift examined in detail in the analysis of the hidden cost of legacy RTU systems in modern grids.

The instinct to rip and replace is usually the wrong one. Grids cannot be switched off while their control systems are rebuilt, so modernising legacy SCADA and RTUs is a staged exercise in coexistence: new systems run alongside old, data is migrated incrementally, and protection and control are never interrupted. This is software engineering and migration discipline far more than it is procurement, and the projects that fail tend to be the ones that underestimated exactly that.

What makes the migration tractable is observability. Continuous OT asset visibility and monitoring gives operators the means to trust that a modernised system behaves as its predecessor did, which is the precondition for retiring anything.

Takeaway: Grid modernisation is a software and migration challenge first, and a hardware replacement second.

Interoperability decides whether modernisation succeeds

If the operational technology layer is the bottleneck, protocols are the connective tissue. The older telecontrol world built on IEC 60870-5-104 has to coexist with, and eventually give way to, the IEC 61850 model that underpins the digital substation. That transition is where a great deal of modernisation effort concentrates, because protection and control schemes are unforgiving: a mapping error between protocols is not a cosmetic bug but a potential safety and reliability hazard.

The practical path runs through careful coexistence and relentless testing, the substance of moving from IEC 60870-5-104 to IEC 61850 in substations. A digital substation only repays its cost when its data can be trusted across vendors and equipment generations, which is why interoperability testing, rather than the protocol choice itself, tends to determine whether the investment delivers.

This same interoperability discipline extends beyond the substation fence. As electric vehicles and smart metering proliferate, the software keeping them aligned with EU standards becomes part of the grid's operational fabric rather than a consumer-side concern, a point developed in the analysis of how software keeps EV charging and metering compliant across the wider system.

Takeaway: Protocol migration is the connective tissue of grid modernisation, and it lives or dies on interoperability testing.

Faster markets turn trading software into infrastructure

As renewables push generation closer to real time, the market layer has to move with it. The old rhythm of day-ahead scheduling no longer matches a system where output can swing with the weather, and continuous intraday markets with 15-minute products change what energy trading and risk management systems must do. They have to value and rebalance positions almost continuously, which is a different engineering problem from the batch-oriented systems many operators still run, as set out in the treatment of ETRM and the shift to continuous intraday trading.

Underneath the market sits the physical reality of congestion. A renewable-heavy grid produces power where the wind blows and the sun shines, not necessarily where demand is, and reconciling the two falls to redispatch and congestion management. The cost and complexity of that work are climbing across Europe, and the data and software behind redispatch and congestion management in EU grids increasingly determine how efficiently a system can run. Trading and balancing software, in other words, has stopped being a commercial convenience and become operational infrastructure.

Takeaway: Faster markets and tighter balancing turn trading and metering software into operational infrastructure.

Security and compliance are now grid deliverables

Regulators have caught up with the fact that grid software is critical infrastructure. NIS2 places binding cybersecurity obligations on essential entities, much of the energy sector among them, and ENISA found that 53.7 percent of recorded incidents in its latest reporting period concerned entities defined as essential under the directive (ENISA, 2025). For substation, SCADA and RTU environments, what NIS2 means for substation and SCADA security is a concrete set of documentation and risk-management duties rather than a general aspiration.

The directive sets the legal expectation; the engineering answer comes from standards. IEC 62443 supplies the security levels, zones and conduits that let operators turn a legal obligation into a defensible architecture, and the mapping between the two is the subject of IEC 62443 explained for industrial and energy operators. The practical consequence is that security evidence has become a deliverable an operator must be able to produce on demand, not a quality it can simply claim to possess.

Takeaway: For energy operators, security documentation is now a regulatory deliverable, not an optional extra.

Conclusion

Seen whole, the energy industry's software agenda is a single connected programme. The operational technology layer has to be modernised in place, interoperability has to be solved at the protocol level, faster markets and tighter balancing have to be fed with trustworthy data, and all of it has to be documented against NIS2 and IEC 62443. None of these stands alone, and treating them as separate initiatives is how budgets are wasted and deadlines missed. The operators making real progress are those who recognise that the grid is now a software system with physical consequences, and who invest accordingly.

FAQ

Why is grid software now as important as grid hardware?

Because electrification, distributed generation and near real-time balancing all depend on the data and control layer. Physical capacity delivers nothing if the software cannot observe, balance and dispatch it, which is why the IEA's call for sharply higher grid investment is as much about digitalisation as about new lines.

Can operators modernise SCADA and RTUs without downtime?

In most cases yes, through staged migration and coexistence rather than wholesale replacement. New systems run alongside legacy ones while data and control are moved across incrementally, with interoperability testing ensuring protection and control are never interrupted.

How do NIS2 and IEC 62443 relate?

NIS2 sets the legal obligations for essential entities, including much of the energy sector. IEC 62443 provides the technical framework, with security levels, zones and conduits, that operators use to demonstrate they meet those obligations in a way auditors can examine.

Sources

Electricity 2026, Grids – IEA – 2026 – https://www.iea.org/reports/electricity-2026/grids
ENISA Threat Landscape 2025 – ENISA – 2025 – https://www.enisa.europa.eu/publications/enisa-threat-landscape-2025
World Energy Investment 2025, Executive summary – IEA – 2025 – https://www.iea.org/reports/world-energy-investment-2025/executive-summary

About Author Wirtek is a Danish tech company with 25 years of experience, specialising in three core domains: energy, connectivity & automation and digital engineering. We build, connect and operate digital solutions through software development, Internet of Things (IoT), quality assurance and ready-made products. Founded as a Nokia spin-off, we combine deep know-how with EU compliance to partner with companies on their journey to modernise systems and extend capabilities while reducing risk. Since 2022, we have focused strongly on shaping solutions that power the sustainability transition.