Efficient but fragile? How resilient are highly optimized power systems really?
On April 28, 2025, Spain and Portugal experienced a historic blackout. Around midday, the power supply on the mainland collapsed completely, and there were also brief disruptions in a neighboring area in the southwest of France. According to a report by the European Network of Transmission System Operators for Electricity (ENTSO-E), this was the most serious incident to occur on the European power system in over 20 years. Several million people were affected at times, traffic lights and rail services were down, and mobile communications only worked to a limited extent. The outage was preceded by a voltage increase that triggered a cascade of shutdowns within seconds.
The event raises the question as to what actually makes highly optimized power systems fragile, and what resilience mechanisms must planning, operation and industry provide to prevent these systems from collapsing in emergency situations?
What does the blackout across the Iberian Peninsula reveal about the vulnerability of highly optimized power systems?
The incident has drawn attention to voltage and dynamic stability. According to the ENTSO-E report, the event was characterized by voltage increases and the loss of voltage control; the exact cause has not yet been determined. The incident shows that with an increased share of inverter-coupled generation, central stability functions are no longer implicitly available and must therefore be specified, verified and monitored during operation.
Why are voltage and dynamic stability becoming the weak point of modern grids?
Optimization often reduces redundancy precisely in places where it is crucial when an incident occurs. Just enough reactive power, automatic voltage maintenance and protection coordination are cost-efficient in normal operation, but may no longer be sufficient in case of disruptions. Resilience isn’t primarily the capacity to cope with rare extreme events, but rather the ability to face multiple deviations, which are escalating, and which, taken individually, are still within technically permissible limits. A second weak point arises when large consumers and new load centers place a heavy load on the grid at certain points, while disruptions and bottlenecks move more easily from one region to the next via interconnectors, which can also increase resilience.
The third weak point is digital vulnerability. A threat to the resilience of a power grid doesn’t have to be physical damage to power lines or distribution boxes. In its Threat Landscape 2025, the European Union Agency for Cybersecurity (ENISA) describes a professionalization of digital attacks and points to an increase in cyber dependencies, in other words, attacks on third-party providers and supply chain interdependencies that can have an impact on the entire system.
What are the challenges facing Europe and the USA?
In Europe, the EU Commission is addressing grid connection as an important competitive factor, which is currently leading to long queues in many member states because demand is exceeding the available capacity. At the same time, the price for securing the grid is rising.The European Union Agency for the Cooperation of Energy Regulators (ACER) puts the cost of all support measures for security of supply in the 27 EU Member States at almost EUR 11 billion for 2024 and points to efficiency potential through greater cross-border cooperation.
The US is facing problems primarily with large loads. In its current Long-Term Reliability Assessment, the North American Electric Reliability Corporation (NERC) explains that new data centers and large industrial and commercial loads in particular account for the increase in demand and place planning and connection processes under time pressure. If new large loads grow faster than grids and system services, there is less buffer during operation. As a result, grid operators have to intervene more frequently to maintain voltage and stability limits and need a precise real-time picture, robust protection concepts and more automation.
What risk do cyber attacks pose?
Cyber attacks are particularly relevant for critical infrastructures because operational security is increasingly dependent on data quality, model consistency, patches, supply chain integrity and secure remote access. The risk is less a one-off “major” cyber incident than the combination of attacks on IT/OT systems, increasing complexity and operations that can hardly be run economically without digital support structures. At the same time, the debate needs clarity, because the key assumption for major power outages is that they are due to cyber attacks. In the case of the blackout in Spain and Portugal, technical reports showed no evidence of a cyber attack.
How can power systems be made resilient?
Resilience is not just about system architecture, it’s also about procurement and operational management. In an inverter-dominated world, system services must be specified, verified and monitored during operation as mandatory performance requirements – including central stability functions for secure grid operation. In terms of organization, this means designing incident data, model validation and responsibilities between transmission system operators (TSOs), distribution system operators (DSOs), generators and large loads in such a way that root cause analyses do not fail due to data gaps and countermeasures can be reliably implemented.
Components, control systems and protection technology not only need to be efficient, but also demonstrate robustness against transients, data uncertainty and multiple faults. Resilience is not created through general additional redundancy, but through specific demonstrated stability capabilities, resilient data paths and operating procedures that treat optimization as part of continuous risk management.