The report “Battle-tested power systems: Resilience and preparedness for Europe’s electricity sector” by Eurelectric starts from an uncomfortable premise: power infrastructure has become a target. And not only in open warfare, but also in so-called “grey-zone” scenarios, where sabotage and cyberattacks are harder to detect and even harder to attribute.

Building on a previous Eurelectric study published in February 2025, the report focuses on hybrid threats against physical assets. It does so through two main lenses. First, it examines the lessons learned in Ukraine during the first three years of the war and developments through the end of 2025. Second, it assesses the preparedness of European power utilities to face similar risks.

Within this framework, renewables emerge with a dual role. They are part of the vulnerability, due to their reliance on grid nodes and digital control systems. But they are also part of the response, as decentralisation can reduce the systemic impact of an attack.

Crucially, this operational perspective aligns with a broader strategic shift now gaining traction in Brussels: the need for a new European energy security model built around clean electrification, decentralisation and flexibility, rather than fuel stockpiles and import routes.

A parallel study by Compass Lexecon, commissioned by Eurelectric, argues that Europe’s energy security strategy must be fundamentally updated to reflect this transformation. The EU’s current framework dates back to 2014, when dependence on Russian hydrocarbons was high and renewables played only a marginal role. Today, the picture is radically different. Energy imports are expected to fall from 60% of EU supply in 2022 to just 13% by 2050, driven by electrification in transport and heating. By 2030, renewables should generate almost 70% of Europe’s electricity.

This transition, Eurelectric argues, is not only about climate policy. It is becoming a central pillar of Europe’s security architecture.

The Ukrainian lesson: the system holds, but the enemy changes tactics

The report describes how Russia has treated energy infrastructure as a central target in its war against Ukraine. Initial attacks focused on networks and grid assets, followed by strikes against generation facilities, and later by large-scale combined attacks aimed at overwhelming defences and destroying critical equipment.

In this evolution, renewables enter the picture in a specific way. According to the document, when Russia began targeting substations linked to wind and solar assets, it did so in a new operational context: increased ammunition capacity made it feasible to strike targets that previously would not have justified the cost.

Yet the report also explains why this tactic is not always efficient. It refers to a cost-opportunity calculation: expensive missiles generate higher “returns” when used against large, centralised assets. As a result, when renewables are targeted, the focus tends to fall on grid aggregation points, particularly nodal substations injecting power into the system, rather than on individual turbines or solar panels.

This highlights a central tension. Distributed generation disperses risk, but it does not eliminate bottlenecks.

Wind and solar: more distribution, less impact — and a new map of critical nodes

The report argues that the war has exposed the vulnerability of large, centralised generation assets, given their role in maintaining system stability. In response, investment strategies are increasingly shifting toward decentralised renewable capacity, particularly wind and solar.

The logic is resilience. If capacity is more widely distributed, a single strike cannot take down large portions of the grid. An attacker must deploy more resources to achieve the same disruption, which in security terms raises the cost of attack.

However, the report avoids idealising this transition. In the Ukrainian case, it notes that wind turbines have proven more attractive targets than solar panels, not for ideological reasons but for technical ones. Turbines are large, expensive components with long replacement times, and repairs are complex due to height constraints and the need for heavy lifting equipment.

The underlying conclusion is clear: resilience does not depend simply on “having renewables”, but on how they are connected, which components support them, and how quickly they can be repaired.

This is where Europe’s electrification strategy converges with security planning. The Compass Lexecon study stresses that a power-led energy system requires far more granular planning across networks, generation, storage and demand. Preparedness frameworks must integrate all energy vectors, extend over longer time horizons and systematically incorporate external threats — from extreme weather to sabotage — into grid development and investment decisions.

BESS: flexibility as a security asset

In the sections addressing system recovery and redesign, the report links decentralisation with another key requirement: flexibility and stability. It highlights technologies that can help sustain system operation under stress, including energy storage.

A concrete example is provided. According to the report, Ukrainian utility DTEK advanced during the war with decentralised assets, completing phase one of its Tyligulska wind farm and launching phase two, reaching a total of 500 MW. In September 2025, it also commissioned 200 MW of battery energy storage systems (BESS) using Fluence technology.

What matters is not only capacity, but system architecture. The storage project is spread across six sites in central Ukraine to “minimise the effectiveness” of potential attacks, the report states.

In Eurelectric’s framing, storage adds an extra layer of resilience. It does not replace the grid, but it can support supply and operational stability during disruptions, buying time for repairs and system reconfiguration.

This mirrors the recommendations of the Compass Lexecon study, which estimates that Europe will need at least 175 GW of new flexibility capacity — mainly storage and demand-side response — by 2030. Without these resources, variable renewables cannot deliver both decarbonisation and security of supply. Capacity mechanisms and targeted flexibility support schemes will therefore be essential to trigger the required investments.

Energy transition as preparedness, not just climate policy

The report advances a broader conclusion: pursuing the energy transition can reinforce security objectives. A more decentralised grid with flexible resources strengthens security of supply, including in the face of hybrid threats.

This logic is reflected in national planning. Ukraine, the document notes, treats decentralisation as a matter of national security, setting a target for 27% of energy consumption to come from distributed resources by 2030.

At EU level, the strategic narrative is converging. Clean electrification reduces dependence on imported fuels, shields consumers from commodity price shocks and limits geopolitical exposure. In a system increasingly based on domestic renewable generation, resilience becomes endogenous: security is built into the architecture of the grid itself.

But the emphasis is not on renewables as a slogan. It is on system design.

The report stresses that a decentralised and more complex power system requires advanced observability, control and stabilisation capabilities — in other words, real-time monitoring, automated responses and digital resilience.

The other side: digitalisation, cyber risks and supply chain concerns

The document repeatedly underscores that threats are not only physical. In Ukraine, cyberattacks accompany physical strikes. In the EU, they are described as a “lucrative” way to operate below the threshold of war.

As power systems become more digital, with growing deployment of power electronics and advanced control technologies, these risks increase. The report raises concerns about supply chains and the potential presence of “kill switches” or compromised equipment, citing solar inverters as a particular source of unease.

Rather than offering simple solutions, the report calls for cyber preparedness by design, including segmentation, robust protocols and workforce training, as well as exercises that integrate physical and digital threat scenarios.

What the report calls for: protect nodes, strengthen resilience and act before a major blackout

The report concludes with recommendations that take on concrete meaning for renewables and storage. It calls for proportionate physical protection of critical assets, including defences for primary substations. It stresses the importance of strategic stockpiling and managing long lead-time components such as transformers. And it urges that new investments adopt secure-by-design principles, incorporating redundancy and backup systems.

At the same time, it frames these efforts within a broader policy context. It distinguishes between wartime scenarios, where defence is primarily a state responsibility, and grey-zone pressures, where additional regulatory incentives and public support may be needed if utilities are expected to implement enhanced protection measures.

The closing message is stark. Europe may not be in a “hot war”, but hybrid threats are already a reality. In a system increasingly powered by electricity, resilience is no longer a technical add-on. It is becoming a strategic imperative.

And, as Eurelectric’s president Leonhard Birnbaum puts it, business-as-usual is no longer an option. Minimum preparedness should not be the goal — it should be the baseline.