EnerCise II – recommendations on practical cybersecurity exercises for distribution system operators
Detailed descriptions of the concept, process and observations during cybersecurity exercises

Two cybersecurity exercises for distribution system operators were organised under the title ‘EnerCise – cybersecurity exercises for grid operators’. The aim of the exercises was to develop and test routines and response mechanisms. The aim was also to network the stakeholders involved.
The second exercise, EnerCise II, took place at the Future Energy Lab in April 2024. A consortium of Fraunhofer FKIE and Fraunhofer FIT carried out the exercise. Two aspects showed a need for improvement:
- The communication between the groups
- Utilisation of the available options for action
EnerCise II makes it clear that there is an urgent need for cybersecurity exercises in the energy sector. In addition, it is essential to combine interdisciplinary expertise, resilient communication and organised crisis management. Cybersecurity exercises are an appropriate and important means for distribution system operators to both minimise risks and prepare for dealing with crisis situations. dena recommends regular implementation – possibly with different focal points – in order to increase cybersecurity in these critical infrastructures in the long term.
dena provides comprehensive information about EnerCise II in this document. You will receive detailed descriptions of the exercise setup and how to proceed with it. These are supported by the observations made on the day of the exercise. The observations relate on the one hand to the exercise concept and, on the other, to the participants’ decisions during the exercise. The design is evaluated on the basis of the observations. The publication also draws attention to the relevant situations in the decisions made by the participants (in both a positive and negative sense).