TenneT Netherlands has deployed ReFlow, an in-house grid analysis platform built on the open source framework PowSyBl. The system has delivered at least a tenfold improvement in performance across standard grid security processes.

The platform is used by the operator of the Dutch high-voltage grid, where control room teams run continuous security studies, congestion management analysis and capacity calculations to support round-the-clock operations.

These workloads had been growing faster than previous tools could handle, as larger datasets, higher time resolutions and stricter regulatory requirements increased pressure on existing systems. One European intraday coordinated security analysis process was taking longer than the required time resolution, limiting its value for operational decision-making.

The new system combines PowSyBl, an open source framework for grid modelling and simulation, with ReFlow, an internal orchestration layer developed by TenneT to run large numbers of calculations in parallel. ReFlow takes standardised CIM/CGMES 3.0 inputs, including domestic and foreign network models and operational forecasts, then automatically launches the necessary calculations and closes them when the work is complete.

Operational pressure

Congestion has become a central issue for the Dutch grid, which TenneT describes as a major direct cost and lost opportunity for society. The operator is addressing the problem through new congestion management products, market design changes, network expansion and better use of existing assets, including weather-based dynamic line rating and machine learning-led topology optimisation.

The value of those measures increases when they are brought into a single security assessment framework. In practice, this allows operators to assess whether an action that solves one problem, such as an oscillation, could create another constraint elsewhere on the network.

More advanced integrated assessments could also change how outages are planned. Rather than only checking whether a planned outage is safe under expected conditions, the system could help identify the best future time windows for outages, improving operational flexibility and asset use.

Open source choice

PowSyBl was originally developed by French transmission operator RTE and is hosted by LF Energy. It is already used in production by RTE and by two regional coordination centres, BalticRCC and Coreso, for functions including European merging, coordinated security analysis and capacity calculation.

That existing operational use appears to have helped TenneT avoid building a new analysis engine from scratch. Instead, it focused on creating a system around PowSyBl that could meet its own throughput and automation requirements at national transmission system operator scale.

“We consider PowSyBl the most advanced open source power-system analysis engine available,” said Hugo Pfister, manager of grid security applications at TenneT Netherlands. “We benefit directly from years of investment by RTE and the broader LF Energy community.”

Pfister said ReFlow was designed with a modular structure to avoid dependence on a single supplier or analysis engine. While PowSyBl is the main engine for static security assessment, the architecture is intended to accommodate other engines for functions such as dynamic security assessment and short-circuit analysis.

“By embedding PowSyBl within ReFlow, we can use it in a highly automated, mission-critical context,” Pfister said. “ReFlow is built on a ‘single deployment, multi-customer’ principle. We build once, deploy once, and scale on demand.”

Five-month build

ReFlow moved from project start to first production release in five months. TenneT credited that pace to two factors: the availability of a modern on-premises platform environment based on Kubernetes, Kafka and S3-compatible storage, and a development team of software engineers embedded in the business with direct knowledge of grid security processes.

The main difficulty lay in aligning data producers and consumers on common integration patterns and standardised data products across several domains. That work took time but created a stronger foundation for scaling the system further.

TenneT also argued that the open source model was central to the project rather than incidental. In Pfister’s view, using open source software reduced procurement friction while giving the operator greater freedom to adapt and extend tools for its own purposes.

“The open source model allowed us to adopt a state-of-the-art solution without a lengthy procurement process,” Pfister said. “It also gives us the flexibility to adapt and extend the tooling to our specific needs. More importantly, open source promotes knowledge sharing within the industry and makes high-quality software accessible to smaller TSOs, which strengthens the collective digital capabilities needed for the energy transition.”

Pfister said the approach has implications beyond software sourcing. “Beyond its technical benefits, the open source model acts as a catalyst, enabling engineers and specialists to move beyond technology constraints and think in terms of process opportunities.”

LK Bennett, founded back in the 90s, entered administration in January, with John Noon and Mark Firmin of Alvarez & Marsal Europe LLP appointed joint administrators.

Immediately following their appointment, the LK Bennett brand and related intellectual property were sold to US firm Gordon Brothers, which also owns Laura Ashley and Poundland.

However, LK Bennett’s nine stand-alone and 13 concession stores were not included in the deal, leaving them at risk of closing.

Its website explains: “The LK Bennett stores were not included in the transaction and continue to trade under the Administration.”

All LK Bennett stores set to close

LK Bennett has now revealed that all its remaining stores will close for good in four days.

In an Instagram post on Tuesday (April 21), the fashion retailer said: “Only 6 days remain before our stores close.

“Visit us exclusively in-store to enjoy up to 80% off across all collections. Once it’s gone, it’s gone — don’t miss your final chance to shop.”

There is also a countdown on the LK Bennett website, informing shoppers of how long they have before their local store shuts for good.

Full list of LK Bennett stores set to close

The full list of LK Bennett stores set to close on Sunday is:

Stand-alone stores

• Lower Guildhall Mall (Bluewater)
• Canary Wharf (London)
• Eastgate Square Shopping Centre (Chester)
• Duke of York Square (London)
• Harrogate
• Knightsbridge (London)
• New Bond Street (London)
• Richmond
• White City Westfield (London)

Concession stores

• Arnotts (Dublin)
• The Bentall Centre (Kingston upon Thames)
• Brown Thomas (Dublin)
• De Gruchy (Jersey)
• Hoopers (Tunbridge Wells)
• Hoopers (Wilmslow)
• Jarrold (Norwich)
• John Lewis (Edinburgh)
• John Lewis (High Wycombe)
• John Lewis – Oxford Street (London)
• John Lewis (Manchester)
• John Lewis (Oxford)
• John Lewis (Cheadle)

LK Bennett shuts down its website

The closure of all LK Bennett stores comes after the retailer shut down its website last week.

Online sales via the LK Bennett website continued following the administration announcement earlier this year, until last week.

The website has now been shut down with a message reading: “Website and phone order now closed- Shop in store for a limited time.”

Online orders already placed by customers will still be processed as normal, according to the website.

Customers can still access the website (at the time of writing), but only for information on topics like returns, size guides, and store locations.

There is now a big banner on the home page advertising the closing-down sale, which reads: “Final Days! Everything must go,” with up to 90%.

Is there an LK Bennet store closing near you? Let us know in the comments below.

Anthropic AI’s Mythos model has prompted warnings from cyber security specialists, heightening concerns about how generative AI could increase the scale and sophistication of cyberattacks.

The response follows reports that unauthorised users accessed Mythos by simply changing the model name. Security experts say the incident shows how quickly advanced AI systems can move beyond controlled environments into wider circulation.

Security leaders are urging boards and executives in the UK and elsewhere to treat AI-driven cyber risk as a strategic issue. They argue that recent developments expose both the fragility of AI infrastructure and the potential for these systems to industrialise existing cybercrime techniques.

Sujatha S Iyer, Head of AI Security at ManageEngine, Zoho’s IT division, said the emergence of tools such as Mythos should force organisations to rethink their assumptions about threat actors and the speed of attacks.

“As AI lowers the barrier of entry for cybercriminals, the baseline for defence must too rise. Anthropic AI’s Mythos model is a wake-up call – reminding us that cyber resilience isn’t just an IT issue. This is a priority that requires board-level attention,” said Sujatha S Iyer, Head of AI Security, ManageEngine, Zoho.

AI systems built for code analysis, content generation or research can also help attackers. Security professionals say these models can support malicious users with reconnaissance, phishing, vulnerability discovery and exploit development, even when guardrails are in place.

Iyer said AI is changing the mechanics and speed of common attack types, putting new pressure on organisations that still rely on traditional defences.

“We’re entering a phase where attackers can automate reconnaissance, personalise phishing at scale, and identify vulnerabilities faster than many organisations can respond. This fundamentally shifts the balance in favour of threat actors,” said Iyer.

Many businesses still depend on perimeter-based security architectures that assume a clear boundary between trusted internal systems and the outside world. But as cloud services, remote work and software-as-a-service platforms have expanded, that boundary has become less distinct.

Companies now face adversaries that can adapt their methods in near real time, Iyer said.

“What’s critical now is that businesses move away from reactive security models. Traditional perimeter-based approaches are no longer sufficient when threats are becoming more adaptive and intelligent. Instead, organisations need to prioritise continuous monitoring, identity-first security, and rapid incident response capabilities that can keep pace with AI-driven threats,” said Iyer.

Security teams are also focusing on basic operational processes, including patching, configuration management and staff training. Experts say AI-enabled attackers can rapidly scan public-facing systems for known flaws that remain unpatched.

Weaknesses in day-to-day practice often undermine investments in advanced tools, Iyer said.

“There’s also a growing need to strengthen cyber hygiene at every level of the organisation. Even the most advanced tools can be undermined by poor patch management or lack of employee awareness,” said Iyer.

Concerns about Mythos intensified after reports that external users had accessed the model without authorisation. The method described involved changing a model identifier rather than breaching infrastructure through more complex means.

Shane Fry, Chief Technology Officer at RunSafe Security, said the incident illustrates how exposed AI systems can become even when providers intend to limit access.

“Unauthorized users were able to access Anthropic’s Mythos model, reportedly by just changing a model name. Even if their intent is just to explore, it shows how easily these systems can be exposed. The reality is these AI capabilities are already out there, ‘hacked’ or not, and they’re going to accelerate how quickly vulnerabilities are found and exploited. Software teams will need to look at how to harden their code so those vulnerabilities can’t be used in the first place,” said Shane Fry, Chief Technology Officer, RunSafe Security.

Security practitioners say the Mythos episode raises questions about access control, monitoring and logging for advanced models. It also highlights how powerful AI systems, once exposed, can become part of the wider cyber ecosystem regardless of a vendor’s policies.

For UK organisations, the comments from Iyer and Fry reflect a broader shift in cyber security thinking. Boards are being asked to treat AI as both a tool for defence and a risk multiplier for adversaries.

Vendors and security teams are now assessing how AI models can be integrated into monitoring and response workflows without creating new attack surfaces. At the same time, they are examining how adversaries might use the same class of models to probe public infrastructure, corporate networks and the software supply chain.

Regulators in the UK and Europe have signalled tighter oversight for providers of advanced AI systems. The Mythos case is likely to feed into ongoing debates about model access, transparency and safety requirements.

The incident has also renewed attention on software hardening. Fry said teams maintaining critical systems will need to assume that automated vulnerability discovery will become faster and more accurate, whether through legitimate tools or models such as Mythos.

Security leaders now expect AI-enabled offensive tools to move into the mainstream of cybercrime. They say the balance between defenders and attackers will depend on how quickly organisations improve monitoring, identity controls and secure development practices.