Sia Partners (a global management consulting firm with deep utilities and digital transformation practice) recently published a piece titled “Control Room of the Future” that maps how network operators need to evolve as grid complexity accelerates. It’s worth reading. The investment numbers alone tell the story: global grid digitalisation spend is projected to almost double from $81B in 2024 to $152B by 2030, with over a billion smart meters already deployed and distributed energy resource (DER) penetration climbing fast. The article argues, correctly, that the control room can no longer be a monitoring environment. It has to become an orchestration environment, coordinating renewables, DERs, demand response, market signals and automated decisions in real time.
Sia frames the future control room across six characteristics: predictive, integrated and market-responsive, automated and data-driven, structured and accountable, intelligent and real-time, collaborative and interoperable. Each one holds up. The methodology Sia describes, assess, roadmap, target operating model, is the kind of structured approach our sector needs more of.
The real opportunity is orchestration
For Australian Control Room Network Association (ACRNA) members, the bigger story is what an orchestration control room makes possible. Leading operators are already moving past the model where network operations, energy trading, Frequency Control Ancillary Services (FCAS) participation, DER orchestration and market settlement each live in separate rooms with separate teams and separate data. The conversations happening among control room leaders across the country are about collapsing those walls.
When that integration is done well, the orchestration upside is significant. A single operational picture lets a network operator respond to a constraint, bid into FCAS, dispatch a virtual power plant and update the market position in the same coordinated motion. Forecasting improves because the same models inform both engineering and commercial decisions. Workforce capability lifts because operators, traders and engineers build shared understanding of the system rather than handing off across silos. Resilience improves because the organisation sees the whole picture in real time.
And cybersecurity? Security Operations Centres (SOCs) belong in this conversation too. An event rarely announces itself as a cyber event at the onset. It usually masquerades as an operational fault first, which means the people sitting in the operational control room are often the first to notice something is wrong. That makes the relationship between the SOC and the control room a critical one. Not a merger, but a deliberate, well-rehearsed collaboration where signals move quickly in both directions and neither side waits for the other to escalate through a ticket queue.
Meanwhile, good practice is starting to emerge around combining physical security with the SOC. As the physical security world gets more digital, with gates, doors, sensors and telemetry all generating monitorable data, that capability belongs alongside cyber monitoring where the cross-domain signals can be read together. Several leading organisations around the country have already combined their SOC and physical security monitoring functions, and the early signals are that the cross-domain visibility is worth more than the sum of the parts. The next step, harder but more valuable, is wiring that combined capability into a working partnership with the control room.
This is the orchestration shift. It changes governance, workforce design, operator trust and the commercial value the control room delivers. Sia’s framework captures the operational side of this well.
The gap that needs more focus: cyber-physical
What the Sia paper underplays is what orchestration does to the cyber-physical risk profile. The more functions the control room coordinates, the more pathways exist for a compromise in one domain to produce a consequence in another. The attack surface is no longer the Supervisory Control and Data Acquisition (SCADA) human-machine interface. It is the entire decision loop between data, algorithm, operator and field device, now extended across trading, market interfaces, DER aggregation platforms, physical security feeds and engineering systems.
This is the cyber-physical gap. It is the space between the information technology (IT) systems generating recommendations and the operational technology (OT) systems acting on them. Orchestration widens that gap, and most transformation programs are not yet treating it as a first-class design problem.
Three areas deserve more focus from Australian critical infrastructure leaders.
- Treat the decision loop as a safety system, not an IT system.When automation acts on grid, pipeline, rail or water assets, the integrity of the data, models and commands flowing through that loop has the same status as a protection relay. That means engineering-grade assurance, change control, and failure mode analysis applied to AI models, forecasting tools and market integration layers. If a model can move a switch, or place a bid that moves a switch, the model is part of the safety case.
- Design the human-automation handoff before deploying the automation.Operator trust is a design problem. As control rooms become more predictive and automated, the harder questions are what happens when the operator disagrees with the automation, when the automation fails silently, or when a trading decision conflicts with an engineering constraint. Australian operators need clear protocols for override authority, degraded-mode operation, and the cognitive load operators carry when they are supervising rather than driving. This is where incident response in plant floor and control room environments gets difficult, and where detection-only thinking falls short.
- Build cyber-physical scenarios into resilience testing.Most tabletop exercises still treat cyber and operational incidents as separate streams. The orchestration control room will fail in ways that cross both, and increasingly across commercial and physical security systems too. A spoofed DER signal, a manipulated forecast, a compromised market interface, a tampered CCTV feed, each of these produces a physical outcome through an automated pathway. Resilience testing has to follow the consequence chain end to end, with engineering, operations, trading, physical security and cyber in the same room running the same scenario.
Where this leaves us
The Sia article is right that control rooms are the centre of gravity for the next decade of infrastructure transformation. For Australia’s critical infrastructure sectors, where the digital meets the physical every minute of every day, the orchestration opportunity is real and the operators moving fastest are already capturing it. The conversation worth having, and the one ACRNA is well placed to lead, is how we close the cyber-physical gap as orchestration expands, so the assurance keeps pace with the automation.
This is the work.
By Sam Mackenzie, VP – ACRNA