New regulatory requirements and rising digitalization are reshaping the operational and security paradigms of Italy’s renewable energy assets. Two resolutions adopted by the country’s energy regulator, ARERA, in 2025 — 385/2025/R/EEL and 564/2025/R/EEL — are accelerating this transition, particularly for photovoltaic and wind plants above 100 kW connected to medium voltage, which must now comply with advanced grid integration functionalities such as remote active power control (PF2).
Deliberation 385/2025/R/EEL mandates that PV system owners install a Controllore Centrale di Impianto (CCI), a central controller that monitors plant status and communicates with the grid operator, and activate the PF2 function to enable remote active power limitation. Compliance deadlines vary by plant size, and failure to meet them can result in suspension of economic incentives and loss of payment for energy injected into the grid.
ARERA also provides financial contributions to offset upgrade costs, encouraging timely adaptation. The regulation ensures that plants are grid-aware, enhancing stability and compliance with CEI 0‑16 standards. Owners are advised to verify CCI installation, plan upgrades if needed, coordinate with their DSO for proper commissioning, and submit compliance documentation by the deadlines to maintain incentives.
Deliberation 564/2025/R/EEL extends the deadlines and provisions of 385/2025/R/EEL. For PV plants of 1 MW or more, the new compliance deadline is 31 December 2026; plants between 500 kW and 1 MW must comply by 31 December 2027; and systems between 100 kW and 500 kW have until 31 March 2028. The resolution also revises the schedule for claiming forfait-type financial contributions, providing up to €10,000 ($11,514) for 500 kW–1 MW plants and up to €7,500 for 100–500 kW plants, with amounts indexed to the timing of compliance notification.
Join us on Apr. 29 for pv magazine Webinar+ | Decoding the first massive cyberattack on Europe’s solar energy infrastructure – The Poland case and lessons learned Industry experts will explore real-world cyberattack scenarios, highlight potential vulnerabilities in solar and storage systems, and share practical, actionable strategies to protect your energy assets. Attendees will gain valuable knowledge on how to anticipate, prevent, and respond to cyber threats in the rapidly evolving solar energy sector. At the center of this regulatory shift is the increasing exposure of energy infrastructures to cyber threats. As PV plants and storage systems become more interconnected through SCADA platforms, remote-control architectures, and cloud-based energy management systems, their attack surface grows significantly. “Operators are increasingly exposed to cybersecurity risks due to the growing digitalization of plants and their integration with automation and remote-control systems,” Claudio Contini, CEO of DigitalPlatforms, told pv magazine. “Among the main threats are unauthorized access to control systems and the manipulation of operational data, which can affect service continuity.” In response, technology providers are prioritizing cybersecurity solutions tailored to operational technology (OT) environments. Key tools include network intrusion detection systems (NIDS) that monitor industrial communication protocols and detect anomalous behavior in real time. These systems are increasingly augmented with artificial intelligence (AI) and machine learning, enabling more accurate threat detection and adaptive responses across complex grid environments. “We are developing OT security solutions capable of analyzing industrial network traffic and identifying anomalies, leveraging AI and machine learning,” Contini said. AI applications, however, are not limited to security. In the PV and storage sectors, AI is also used for production forecasting, battery optimization, and predictive maintenance. By processing large volumes of operational data, AI-driven platforms can enhance asset performance and reduce inefficiencies. Market demand, on the other hand, reflects this convergence. Utilities, transmission and distribution operators, and engineering firms are increasingly seeking integrated solutions that combine cybersecurity monitoring, anomaly detection, and AI-based analytics. “We are observing growing interest from operators in integrating cybersecurity systems with advanced data analytics,” Contini added, noting that AI is increasingly applied “to optimize production, storage management, and plant maintenance.” Looking toward 2030, the expansion of renewable generation, storage capacity, and energy-intensive digital infrastructures such as data centers will intensify these challenges. The integration of energy and digital systems will require not only greater efficiency and flexibility, but also robust, embedded cybersecurity frameworks from the design stage. This content is protected by copyright and may not be reused. If you want to cooperate with us and would like to reuse some of our content, please contact: editors@pv-magazine.com.
By submitting this form you agree to pv magazine using your data for the purposes of publishing your comment.
Your personal data will only be disclosed or otherwise transmitted to third parties for the purposes of spam filtering or if this is necessary for technical maintenance of the website. Any other transfer to third parties will not take place unless this is justified on the basis of applicable data protection regulations or if pv magazine is legally obliged to do so.
You may revoke this consent at any time with effect for the future, in which case your personal data will be deleted immediately. Otherwise, your data will be deleted if pv magazine has processed your request or the purpose of data storage is fulfilled.
Further information on data privacy can be found in our Data Protection Policy.