Risk Management of Microgrids in Power System for Enhanced Energy Security and National Resilience

Fita, Nicolae Daniel; Obretenova, Mila Ilieva; Marcu, Marius Daniel; Olteanu, Constantin Razvan; Popescu, Florin Gabriel; Manafu, Marius Gheorghe; Muresan-Grecu, Florin; Schiopu, Adrian Mihai; Diodiu, Ioan Lucian; Nicola, Aurelian; Popescu, Gabriela; Radu, Alexandru Andrei

doi:10.3390/electronics15112397

Open AccessArticle

Risk Management of Microgrids in Power System for Enhanced Energy Security and National Resilience

by

Nicolae Daniel Fita

^1,*

,

Mila Ilieva Obretenova

²

,

Marius Daniel Marcu

³,

Constantin Razvan Olteanu

⁴,

Florin Gabriel Popescu

³

,

Marius Gheorghe Manafu

⁵,

Florin Muresan-Grecu

³,

Adrian Mihai Schiopu

³,

Ioan Lucian Diodiu

⁶,

Aurelian Nicola

⁷

,

Gabriela Popescu

¹ and

Alexandru Andrei Radu

¹

Strategic Studies of Energy Security Research Center, University of Petrosani, 332006 Petrosani, Romania

²

Department of Electric Power Engineering and Automation, University of Mining and Geology St. Ivan Rilski, 1700 Sofia, Bulgaria

³

Automation, Computer, Electrical and Power Department, University of Petrosani, 332006 Petrosani, Romania

⁴

Mine-Oil-Gas Doctoral School, University of Petrosani, 332006 Petrosani, Romania

⁵

Industrial Engineering Doctoral School, National University of Science and Technology Politehnica Bucharest, 060042 Bucharest, Romania

⁶

Department of Computer Science and Electrical Engineering, Lucian Blaga University of Sibiu, 550024 Sibiu, Romania

⁷

Transport, Industrial and Mechanical Engineering Department, University of Petrosani, 332006 Petrosani, Romania

^*

Author to whom correspondence should be addressed.

Electronics 2026, 15(11), 2397; https://doi.org/10.3390/electronics15112397

Submission received: 11 May 2026 / Revised: 20 May 2026 / Accepted: 26 May 2026 / Published: 1 June 2026

(This article belongs to the Special Issue Application of Microgrids in Power System)

Download

Browse Figures

Review Reports Versions Notes

Abstract

The increasing penetration of distributed energy resources and the growing vulnerability of centralized power systems to natural hazards, terrorist attacks, acts of sabotage, technical incidents, and operational uncertainties have intensified the need for resilient and secure energy infrastructures. Microgrids have emerged as a promising solution to enhance energy security by enabling the localized generation, autonomous operation, and flexible integration of renewable energy sources. However, their effective deployment introduces complex risks related to technical, economic, and operational uncertainties. This paper presents a comprehensive framework for risk management in microgrids within modern power systems, aiming to improve the overall security and resilience of Romania’s power system. The study systematically identifies and evaluates the main risk scenarios affecting the power system: natural disasters, terrorist attacks, acts of sabotage, and technical incidents. In addition, to achieve an in-depth analysis, the paper also discusses the SWOT and PESTEL analyses of the Romanian power system, as well as its resilience. A multi-level risk assessment methodology is proposed, combining probabilistic analysis with severity (impact) analysis. The proposed approach is validated through case studies based on risk scenario assessments, demonstrating its effectiveness in improving microgrid performance under diverse disturbance conditions. The results highlight the critical role of proactive risk management in supporting energy security objectives, while ensuring stable and resilient operation of the Romanian power system. This research contributes to the development of adaptive and sustainable power systems, capable of addressing future challenges in an increasingly decentralized energy landscape, and can be adapted to any modern power system worldwide.

Keywords:

risk management; microgrids; power system; energy security; resilience

1. Introduction

The global energy landscape is undergoing a profound transformation, driven by the increasing integration of distributed energy resources (DERs) and the transition toward decentralized power systems. This shift, while promoting sustainability and efficiency, exposes centralized power infrastructures to heightened vulnerabilities, including natural hazards, technical failures, operational uncertainties, and deliberate threats such as terrorist attacks and sabotage. In this context, microgrids have emerged as a strategic solution to enhance energy security, offering localized generation, autonomous operation, and flexible integration of renewable energy sources. Despite their potential, the deployment of microgrids introduces complex technical, economic, and operational risks that require systematic management. This paper proposes a comprehensive framework for risk management in microgrids within modern power systems, with a specific focus on improving the resilience and security of Romania’s power system. The study systematically identifies and evaluates key risk scenarios—including natural disasters, terrorist threats, acts of sabotage, and technical incidents—and integrates qualitative and quantitative assessment tools such as SWOT and PESTEL analyses. A multi-level risk assessment methodology is developed, combining probabilistic approaches with severity analysis to quantify both the probability and impact of adverse events. The effectiveness of the proposed framework is validated through case studies, demonstrating its capability to support robust microgrid operation under diverse disturbance conditions. The findings underscore the importance of proactive risk management in safeguarding energy security, ensuring system stability, and enhancing resilience in an increasingly decentralized energy environment. By providing a structured approach to identify, assess, and mitigate risks, this research contributes to the development of adaptive and sustainable power systems, offering insights that are applicable to modern power networks worldwide [1,2].

The Romanian power system, a critical component of national energy infrastructure, consists of 81 power substations: one rated at 750 kV (currently operating at 400 kV), 38 operating at 400 kV, and 42 at 220 kV, as illustrated in Figure 1.

The Romanian power system is operated by the state-owned company Transelectrica, which acts as the sole transmission system operator on the national market and fulfills the following roles: transmission of electrical energy; management and operation of the national power system; ensuring the equilibrium between electricity generation and consumption; oversight of energy market activities and interconnection with foreign power systems; and expansion, upgrading, and modernization of the electrical network [3,4].

2. State of Art

The PESTEL and SWOT analyses of Romania’s power system are essential for understanding the economic, social, and environmental context in which the energy sector operates, identifying opportunities and risks, and supporting sustainable development strategies.

These analyses are complementary: PESTEL identifies external factors that can influence the energy system, while SWOT synthesizes both internal and external factors to guide strategic decisions.

In Romania, these analyses are crucial for:

planning the transition to green energy;
reducing dependence on fossil fuels;
integrating microgrids into existing energy systems;
increasing the resilience of the energy system to economic and climate changes.

2.1. PESTEL Analysis

A.: Political (factors): The energy sector in Romania is strongly influenced by national and European political decisions, playing a strategic role in the country’s energy security;
B.: Economic (factors): The energy sector is of major importance to Romania’s economy, as energy is an essential resource for industrial operation and economic development;
C.: Social (factors): Energy directly affects the population’s standard of living, as access to affordable and reliable energy is essential for social welfare;
D.: Technological (factors): Modernization of energy infrastructure is essential for developing the national power system, which includes all electricity production, transport, distribution, and consumption facilities in Romania;
E.: Environmental (factors): The energy sector has a significant environmental impact, being responsible for a large portion of greenhouse gas emissions;
F.: Legal (factors): The energy sector is regulated by a complex legislative framework, consisting of both national laws and European Union regulations.

Conclusion: The PESTEL analysis highlights that Romania’s power system is influenced by a complex set of political, economic, social, technological, environmental, and legal factors. The energy sector is undergoing a major transformation, driven mainly by the transition to clean energy, EU requirements, and the need to ensure energy security. In this context, Romania has the potential to become an important player in the regional energy market due to its diversified energy mix and natural resources. However, the sustainable development of the sector depends on investments, infrastructure modernization, and the stability of energy policies [1,2,3,4,5,6,7,8,9,10,11,12].

2.2. SWOT Analysis

A.: Strengths: Diversified Energy Portfolio; Strategic Geographic Position; European Union; Integration and Financial Support; Developed Transmission and Distribution Infrastructure;
B.: Weaknesses: Aging Infrastructure; Dependence on Fossil Fuels; Insufficient Energy Storage Capacity; Regulatory Complexity;
C.: Opportunities: Expansion of Renewable Energy; Grid Modernization and Smart Technologies; Regional Energy Trading; Decarbonization and EU Climate Targets;
D.: Threats: Energy security challenges; Price instability; Regulatory and Political Uncertainty; Climate-related Risks.

Conclusion: Romania’s power system demonstrates considerable resilience due to its diversified energy mix and advantageous geographic position. Nevertheless, it is confronted with significant challenges, including aging infrastructure and continued reliance on fossil fuels. The most promising opportunities are associated with the expansion of renewable energy sources, advancement of grid modernization, and increased participation in regional electricity markets. At the same time, concerns related to energy security and regulatory uncertainty persist as critical risks [1,2,3,4,13,14,15,16,17,18].

3. Microgrids—Elements of Ensuring Energy Security and Resilience

3.1. Definitions & Core Concepts

A microgrid is a geographically confined power system that integrates distributed energy resources, energy storage units, and local loads within a specified boundary. It is capable of operating in two distinct modes: (i) in grid-connected mode, where it interacts with the main utility network, and (ii) in islanded mode, where it functions autonomously during grid disturbances, outages, or emergency situations. This operational flexibility is fundamental to enhancing both system resilience and energy security.

Energy Security vs. Resilience: Energy security refers to the uninterrupted availability of energy at acceptable cost levels under both normal operating conditions and anticipated stress scenarios. In contrast, resilience denotes the capacity of an energy system to anticipate, withstand, absorb, adapt to, and rapidly recover from severe disruptions, such as natural hazards or cyber incidents. Although closely related, these concepts differ in scope: energy security primarily addresses expected risks, whereas resilience focuses on rare but high-impact events.

3.2. Key Structural Elements of Microgrids

Physical Components;

Distributed Generation: Renewable (solar, wind, biomass) and conventional sources;
Energy Storage Systems (ESS): Batteries, hydrogen, flywheels for load balancing and islanding support;
Power Electronics and Converters: Enable flexible AC/DC interfaces and control;
Control and Communication Systems: Microgrid controllers, EMS, real-time sensors;
Load Management: Critical vs. non critical loads for prioritization during disruptions.

Control and Management Layers:

Centralized/Decentralized/Hybrid Controls tailor adaptability and fault tolerance;
Energy Management Systems (EMS) optimize energy dispatch, storage use, and islanding transitions.

3.3. Mechanisms Ensuring Energy Security & Resilience

Islanded Operation—Microgrids dynamically disconnect from the main grid during faults or disasters, ensuring continuous power to critical loads and reducing reliance on central grids;
Distributed Resource Diversity—Using multiple energy sources and storage increases redundancy and reduces vulnerability to single point failures;
Advanced Control and Forecasting—Adaptive control algorithms (e.g., predictive, AI based) and demand forecasting improve system anticipation and rapid response;
Networked and Multi-Microgrid Strategies—Interconnected or clustered microgrids share energy and support broader geographic resilience, enhancing stability and recovery;
Cyber–Physical Protection—Cybersecurity and robust communication protocols are critical, as digitalization increases exposure to cyber risks that can compromise resilience.

3.4. Benefits for Energy Security and Resilience

Operational Advantages:
➢
Reliable, uninterrupted supply even during grid outages;
➢
Energy autonomy for critical infrastructure (hospitals, military, industrial facilities);
➢
Greater flexibility in energy management and rapid adaptation to variable conditions.
Sustainability and Decarbonization: Integration of renewables reduces dependence on fossil fuels and lowers carbon emissions while improving local energy reliability;
Economic and Social Gains—Optimized local production and storage can stabilize energy prices and reduce operational costs. Community microgrids also promote energy access equity and localized control.

3.5. Challenges and Research Directions

Technical and Operational Challenges:
➢
High initial cost for energy storage, control systems, and communications;
➢
Complexity in control transitions between grid-connected and islanded modes;
➢
Standardization and interoperability issues for multi-vendor systems.
Cybersecurity Risks—Digital interfaces and communication networks introduce vulnerabilities requiring adaptive security frameworks.
Future Research Directions:
➢
AI/Machine Learning for predictive resilience and EMS optimization;
➢
Standardized resilience metrics and real world performance validation;
➢
Policy and regulatory frameworks that enable adaptable microgrid integration and energy markets.

3.6. Conclusion

Microgrids represent a transformative energy infrastructure enabling localized autonomy, increased system reliability, and rapid recovery from disruptions. By integrating advanced DERs, energy storage, real-time control, and adaptive strategies, they enhance both energy security under normal operations and resilience against extreme events. Research continues to focus on optimization, cybersecurity, and scalable implementations to ensure microgrids contribute effectively to sustainable energy transitions [14,15,16,17,18,19,20,21,22,23,24,25].

In Figure 2 is a map of microgrid schematic diagram.

This figure is a schematic diagram of a microgrid system, showing how different energy sources, control systems, and loads are connected and managed and illustrates how a microgrid integrates multiple energy sources with intelligent control, enabling reliable, flexible, and efficient power supply—especially important for resilience and renewable energy integration.

Figure 3 presents a map of microgrid schematic diagram.

This figure is a diagram of a microgrid system and how it connects to the main utility grid while managing local energy generation, storage, and consumption.

This figure shows how a microgrid integrates renewable energy (solar, wind), uses storage (batteries), maintains reliability (backup generator), supplies different types of users, and how to can operate independently if the main grid fails.

A typical microgrid comprises the following key components: distributed generation units (such as photovoltaic systems, wind turbines, and diesel generators), energy storage technologies (including batteries and supercapacitors), power electronic interfaces (e.g., inverters and converters), electrical loads (residential, commercial, and industrial consumers), and a utility grid interconnection that enables islanding operation.

Microgrids can operate in two primary modes: grid-connected mode, where they exchange power with the main utility network; and islanded (autonomous) mode, where they function independently during grid disturbances or outages.

4. Energy Security Assessment—Risk Management

4.1. Risk Scenario: 400 kV Power Substation Sequence of Technical Incidents—NPS (Blackout)

The causes and effects are described below [1,2,3,4]:

Causes: short-circuit faults in power equipment; loading conditions of key overhead transmission lines; overload conditions of certain power apparatus; degraded technical condition of power equipment; insufficient investment in power substations; malfunction of automatic control systems within generation units; inadequate maintenance and inspection of power equipment; aging of power substations (non-technical lifecycle considerations); incorrect configuration of power substations; operational errors performed by substation personnel; insufficient number of specialized and/or adequately trained operational staff; lack of communication or poor coordination with territorial or national energy dispatch centers; absence of established operational procedures for substations during crisis situations; insufficient training in risk management practices; and failure to complete the 400 kV Romanian transmission ring, representing a vulnerability of the national power system.

Effects: disruption of the electricity market between Romania and the European Union; disruption of electricity exchange between Romania and Serbia, Ukraine, and the Republic of Moldova; reduced reliability of the national power system; inability to supply electricity to neighboring power systems and EU grids; failure to ensure electricity supply to major consumers and key transmission lines of the national power system; significant material damages caused by electricity shortages; substantial material damages arising from the interdependence of critical infrastructure systems; potential occurrence of a national or regional blackout (large-scale power outage).

(a): Probability

Level		Probability Definition	Period
	1. Very low	It has a very low probability of occurring. Normal measures are required to monitor the evolution of the event.	over 13 years
	2. Low	The event has a low probability of occurring. Efforts shall be made to reduce the likelihood and/or mitigation of the impact produced.	10–12 years
X	3. Average	The event has a significant probability of occurring. Significant efforts are required to reduce the likelihood and/or mitigate the impact produced.	7–9 years
	4. High	The event is likely to occur. Priority efforts are required to reduce the likelihood and mitigate the impact produced.	4–6 years
	5. Very high	The event is considered imminent. Immediate and extreme measures are required to protect the target and evacuate to a safe location if the impact requires it.	1–3 years

(b): Gravity (severity)/Impact

The gravity (severity) of the consequences is given by the worst level of vulnerabilities and impact levels.

The vulnerability and capability analysis is shown in Table 1:

Analysis of impact: Impact analysis refers to a management-level assessment conducted at specific tiers to determine the consequences associated with the loss of resources within a European critical infrastructure, such as a nationally important power substation.

The overall severity of all scenario-related impacts is evaluated, and based on this evaluation, the degree of severity of the consequences arising from the identified hazard or threat is subsequently determined. The highest level of severity related to impacts will be chosen, as presented in Table 2:

Table 2. Impacts and level.

Impacts	Level
Significant damage resulting from the absence of electricity	1. Very low	temporary
	2. Low	medium damage
	3. Average	main damage
	4. High	big damage
	5. Very high	very big damage
Significant damage resulting from the interdependence of other systems	1. Very low	0–10%
	2. Low	11–20%
	3. Average	21–30%
	4. High	31–40% din
	5. Very high	over 41%
Potential environmental damage	1. Very low	0–20%
	2. Low	21–40%
	3. Average	41–60%
	4. High	61–80%
	5. Very high	over 81%
Strong social impacts	1. Very low	0–10% trust
	2. Low	11–20% trust
	3. Average	21–30% trust
	4. High	31–40% trust
	5. Very high	over 41% trust

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage.
	2. Low	The event causes minor material damage and limited disruption of the activity
	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision
X	5. Very high	The consequences are catastrophic resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(c): Level risk

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3					Risk Scenario
	Low 2
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 15 (probability 3 × gravity 5) HIGH RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

(d): Risk treatment

To reduce risk, measures are required to mitigate the following vulnerabilities and/or improve the following capabilities, as presented in Table 3:

After the application of risk mitigation measures, the measures set out in Table 4 are undertaken:

(e): Gravity (Severity)/Impact recalculation

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage
	2. Low	The event causes minor material damage and limited disruption of the activity
X	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service.
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision.
	5. Very high	The consequences are catastrophic resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(f): Level risk after applying the mesures

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3			Risk Scenario
	Low 2
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 9 (probability 3 × gravity 3) AVERAGE RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

4.2. Risk Scenario: Natural Disaster of National Power System—NPS → Blackout

The causes and effects are described below [1,2,3,4]:

Causes: short circuits affecting power equipment; earthquakes; landslides; lightning strikes; flood events; storm events; extreme temperature conditions (heat waves and cold waves); drought conditions; solar storms; inadequate or improperly designed power substations (from a seismic resilience perspective); operating/dispatch personnel lacking specialization for crisis situations; absence of operational procedures for substations during emergency conditions; lack of awareness, non-compliance, or insufficient knowledge of national and European procedures in the event of natural disasters; and insufficient training in risk management.

Effects: potential loss of life; potential severe accidents with major consequences; fire incidents; significant material losses resulting from electricity supply interruption; substantial material losses due to interdependencies with other systems; risk of local, regional, or national blackout events; energy–economic system collapse; crisis situations.

(a): Probability

Level		Probability Definition	Period
	1. Very low	It has a very low probability of occurring. Normal measures are required to monitor the evolution of the event.	over 13 years
X	2. Low	The event has a low probability of occurring. Efforts shall be made to reduce the likelihood and/or mitigation of the impact produced.	10–12 years
	3. Average	The event has a significant probability of occurring. Significant efforts are required to reduce the likelihood and/or mitigate the impact produced.	7–9 years
	4. High	The event is likely to occur. Priority efforts are required to reduce likelihood and mitigate the impact produced.	4–6 years
	5. Very high	The event is considered imminent. Immediate and extreme measures are required to protect the target, evacuate to a safe location if the impact requires it.	1–3 years

(b): Gravity (severity)/Impact

The severity of the consequences is determined by the highest-rated vulnerability and impact levels.

The vulnerability and capability assessment is conducted in accordance with Table 5:

Impact analysis: Impact analysis is a management-level assessment conducted to identify the consequences associated with the loss of resources within a European critical infrastructure, specifically a power substation of national importance.

The overall severity of all impacts resulting from the scenario is evaluated in order to determine the corresponding severity level of the consequences of the hazard or threat under consideration.

The highest severity level among the identified impacts is selected, as presented in Table 6.

Table 6. Impacts and level.

Impacts	Level
Significant impacts arising from power outages.	1. Very low	temporary
	2. Low	medium damage
	3. Average	main damage
	4. High	big damage
	5. Very high	very big damage
Significant damage resulting from the interdependence among other systems.	1. Very low	0–10%
	2. Low	11–20%
	3. Average	21–30%
	4. High	31–40%
	5. Very high	over 41%
Potential environmental damage	1. Very low	0–20%
	2. Low	21–40%
	3. Average	41–60%
	4. High	61–80%
	5. Very high	over 81%
Strong social impacts	1. Very low	0–10% trust
	2. Low	11–20% trust
	3. Average	21–30% trust
	4. High	31–40% trust
	5. Very high	over 41% trust

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage
	2. Low	The event causes minor material damage and limited disruption of the activity
	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision
X	5. Very high	The consequences are catastrophic, resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(c): Level risk

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3
	Low 2					Risk Scenario
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 10 (probability 2 × gravity 5) AVERAGE RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

(d): Risk treatment

To reduce risk, it is necessary to implement measures that address the following vulnerabilities and/or enhance the corresponding capabilities, as outlined in Table 7.

After the application of risk mitigation measures, the measures presented in Table 8 are undertaken:

(e): Gravity (Severity)/Impact recalculation

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage
	2. Low	The event causes minor material damage and limited disruption of the activity
X	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service.
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision.
	5. Very high	The consequences are catastrophic resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(f): Level risk after applying the mesures

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3
	Low 2			Risk Scenario
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 6 (probability 2 × gravity 3) LOW RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

4.3. Risk Scenario: 400 kV Power Substation Terrorist Attack → Blackout

The causes and effects are described below [1,2,3,4]:

Causes: explosions triggered by terrorist incidents, subsequently leading to fire outbreaks; non-compliance with fire safety regulations; insufficient or inadequate training of staff responsible for critical infrastructure protection systems; shortage of personnel specialized in fire suppression and emergency response; insufficient deployment of physical security staff; cyberattacks targeting critical systems; vulnerabilities in hardware components; weaknesses in software systems; security gaps in encrypted or confidential data transmission channels within critical infrastructures; deficit of personnel trained in cybersecurity; vulnerabilities within SCADA (Supervisory Control and Data Acquisition) environments; use of insecure and/or underperforming software applications; lack of secure communication channels with the national energy dispatch, regional energy dispatch centers, and cybersecurity management entities; and insufficient investment in cybersecurity infrastructure and technologies.

Effects: potential loss of life; accidents potentially resulting in severe consequences; fire incidents; unauthorized access to classified information regarding the Romanian national power system; use of confidential information on Romania’s national power infrastructure for terrorist purposes; sudden shutdown of remotely controlled energy equipment due to cyberattacks; significant material damage caused by disruptions in electricity supply; significant material damage resulting from interdependencies with other critical systems; risk of local, regional, or nationwide blackouts; energy–economic system collapse; potential systemic crises; and energy, economic and national insecurity.

(a): Probability

Level		Probability Definition	Period
	1. Very low	It has a very low probability of occurring. Normal measures are required to monitor the evolution of the event.	over 13 years
	2. Low	The event has a low probability of occurring. Efforts shall be made to reduce the likelihood and/or mitigation of the impact produced.	10–12 years
X	3. Average	The event has a significant probability of occurring. Significant efforts are required to reduce the likelihood and/or mitigate the impact produced.	7–9 years
	4. High	The event is likely to occur. Priority efforts are required to reduce likelihood and mitigate the impact produced.	4–6 years
	5. Very high	The event is considered imminent. Immediate and extreme measures are required to protect the target, evacuate to a safe location if the impact requires it.	1–3 years

(b): Gravity (severity)/Impact

The severity of the consequences is determined by the highest-ranked vulnerability and the corresponding impact level.

The analysis of vulnerabilities and capabilities is performed in accordance with Table 9.

Analysis of impact: Impact analysis refers to a management-level assessment conducted at defined tiers to determine the consequences associated with the loss of resources within a European critical infrastructure, specifically a nationally significant power substation.

The assessment considers the overall severity of all impacts resulting from the scenario in order to establish the corresponding severity level of the consequences associated with the identified hazard or threat.

The highest observed severity level among all impact categories is selected as the final result, as presented in Table 10.

Table 10. Impacts and level.

Impacts	Level
Extensive impacts caused by power outages	1. Very low	temporary
	2. Low	medium damage
	3. Average	main damage
	4. High	big damage
	5. Very high	very big damage
Significant damage resulting from the interdependence of other systems	1. Very low	0–10%
	2. Low	11–20%
	3. Average	21–30%
	4. High	31–40%
	5. Very high	over 41%
Potential environmental damage	1. Very low	0–20%
	2. Low	21–40%
	3. Average	41–60%
	4. High	61–80%
	5. Very high	over 81%
Strong social impacts	1. Very low	0–10% trust
	2. Low	11–20% trust
	3. Average	21–30% trust
	4. High	31–40% trust
	5. Very high	over 41% trust

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage.
	2. Low	The event causes minor material damage and limited disruption of the activity
	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision
X	5. Very high	The consequences are catastrophic resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(c): Level risk

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3					Risk Scenario
	Low 2
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 15 (probability 3 × gravity 5) HIGH RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

(d): Risk treatment

To reduce risk, it is necessary to implement measures that address the following vulnerabilities and/or enhance the following capabilities, as outlined in Table 11.

After the application of risk mitigation measures, the measures presented in Table 12 are undertaken:

(e): Gravity (Severity)/Impact recalculation

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage.
	2. Low	The event causes minor material damage and limited disruption of the activity
X	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision
	5. Very high	The consequences are catastrophic resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(f): Level risk after applying the mesures

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3			Risk Scenario
	Low 2
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 9 (probability 3 × gravity 3) AVERAGE RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

4.4. Risk Scenario: 400 kV Power Substation Sabotaje → Blackout

The causes and effects are described below [1,2,3,4]:

Causes (human risk factors): manufacturing defects or substandard quality of photovoltaic (PV) panels; degradation or failure of step-up transformers and overhead/underground cables due to aging or equipment wear; overloading of the PV plant caused by excessive electricity demand within the power station; pccurrence of short circuits in transmission lines or electrical distribution panels; reduced performance, limited lifespan, and low quality of electrical equipment; absence of energy storage systems; inadequate or insufficient SCADA (Supervisory Control and Data Acquisition) systems; lack of robust cybersecurity measures or programs; insufficient maintenance activities or poor-quality repair interventions; human operational errors in the management or control of the PV plant and associated electrical networks; acts of vandalism, theft, or intentional sabotage; insufficient investment in infrastructure and system development; incorrect system configuration of PV panels, inverters, transformers, and power evacuation lines; Improper operational or switching actions performed by operational or dispatch personnel; lack of adequately trained or specialized operational staff; poor or insufficient communication with territorial energy dispatch centers or the national energy dispatcher; absence of standardized operating procedures for crisis situations; non-compliance with, or lack of knowledge of, national and European regulations in the event of major incidents (e.g., blackouts); insufficient training in risk management practices; and inadequate physical security of PV installations.

Effects: absence of electricity within transmission or distribution networks, potentially leading to localized, regional, zonal, or nationwide blackouts in the national energy system; significant material losses caused by power outages affecting critical infrastructure, households, and industrial consumers; substantial economic damage arising from the dependence of interconnected systems on continuous electricity supply; and a condition of heightened energy, economic, and national security vulnerability.

(a): Probability

Level		Probability Definition	Period
	1. Very low	It has a very low probability of occurring. Normal measures are required to monitor the evolution of the event.	over 13 years
	2. Low	The event has a low probability of occurring. Efforts shall be made to reduce the likelihood and/or mitigation of the impact produced.	10–12 years
X	3. Average	The event has a significant probability of occurring. Significant efforts are required to reduce the likelihood and/or mitigate the impact produced.	7–9 years
	4. High	The event is likely to occur. Priority efforts are required to reduce the likelihood and mitigate the impact produced.	4–6 years
	5. Very high	The event is considered imminent. Immediate and extreme measures are required to protect the target, evacuate to a safe location if the impact requires it.	1–3 years

(b): Gravity (severity)/Impact

The severity of the consequences is determined by the highest levels of both vulnerability and impact. The analysis of vulnerabilities and capabilities is presented in accordance with Table 13.

Analysis of impact: Impact analysis refers to an assessment conducted at specific management levels to identify the consequences resulting from the loss of resources within a European critical infrastructure, such as a nationally important power substation. The overall severity of all impacts associated with the scenario is evaluated in order to determine the level of severity of the consequences arising from the considered hazard or threat. The highest severity level among the identified impacts is selected, as presented in Table 14.

Table 14. Impacts and level.

Impacts	Level	Impact
Severe damage resulting from power supply interruptions.	1. Very low	temporary
	2. Low	medium damage
	3. Average	main damage
	4. High	big damage
	5. Very high	very big damage
Significant damage arises from the interdependence among other systems.	1. Very low	0–10%
	2. Low	11–20%
	3. Average	21–30%
	4. High	31–40%
	5. Very high	over 41%
Risk of environmental damage.	1. Very low	0–20%
	2. Low	21–40%
	3. Average	41–60%
	4. High	61–80%
	5. Very high	over 81%
Strong social impacts.	1. Very low	0–10% trust
	2. Low	11–20% trust
	3. Average	21–30% trust
	4. High	31–40% trust
	5. Very high	over 41% trust

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage.
	2. Low	The event causes minor material damage and limited disruption of the activity
	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service.
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision.
X	5. Very high	The consequences are catastrophic resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(c): Level risk

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3					Risk Scenario
	Low 2
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 15 (probability 3 × gravity 5) HIGH RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

(d): Risk treatment

To reduce risk, measures are required to mitigate the following vulnerabilities and/or improve the following capabilities, as presented in Table 15:

The proposed measures are aimed at eliminating human risk factors.

After the application of risk mitigation measures, the measures presented in Table 16 are undertaken:

(e): Gravity (Severity)/Impact recalculation

Level		Gravity (Severity) Consequences
	1. Very low	The event produces a minor disturbance in the activity, without any material damage.
	2. Low	The event causes minor material damage and limited disruption of the activity
X	3. Average	Injuries to personnel, and/or certain loss of equipment, utilities, and delays in providing the service.
	4. High	Serious personnel injury, significant loss of equipment and facilities, delays, and/or interruption of service provision.
	5. Very high	The consequences are catastrophic resulting in death and serious injury to personnel, major losses of equipment, facilities and facilities, and cessation of service provision

(f): Level risk after applying the mesures

P R O B A B I L I T Y	Very high 5
	High 4
	Average 3			Risk Scenario
	Low 2
	Very low 1
	0	Very low 1	Low 2	Average 3	High 4	Very high 5
G R A V I T Y/C O N S E Q U E N C E S
Note: The risk is given by the product between the probability of a hazard/threat and the gravity (severity)

Risk: 9 (probability 3 × gravity 3) AVERAGE RISK	LEVEL RISK CALCULATE
	LEVEL	SCORE
	Very low	1–3
	Low	4–6
	Average	7–12
	High	13–16
	Very high	17–25

4.5. Simplified Illustrative Probabilistic Risk Analysis (PRA) for a Blackout in the Romanian Power System

Scenario—Event: partial or national blackout during winter evening peak.

Initiating condition: high load + low renewable output + reduced import availability.

Top event: loss of supply to more than 20% of national demand for more than 2 h, as presented in Table 17.

Probability of blackout path:

P (blackout) = 0.08 × 0.12 × 0.25 × 0.15 × 0.20 = 7.2 × 10⁻⁵ per year

Therefore, the model estimates: annual probability ≈ 0.0072%, or about 1 event in 13,900 years for this exact path (Table 18).

Consequence estimate:

Assume:

Table 18. Consequence variable and value.

Consequence Variable	Value
Unserved load	3000 MW
Duration	4 h
Energy not supplied	12,000 MWh
Value of lost load	€8000/MWh

Expected consequence if the blackout occurs:

Cost = 12,000 × €8000 = €96 million

Annualized risk:

Risk = 0.000072 × €96 million ≈ €6912/year

Mitigation case

Suppose investments in remedial action schemes, voltage/reactive support, operator tools, and battery reserves reduce (Table 19):

New annual probability:

0.08 × 0.12 × 0.25 × 0.07 × 0.10 = 1.68 × 10⁻⁵/year

New annualized risk:

1.68 × 10⁻⁵ × €96 million ≈ €1613/year

Interpretation: This example suggests the dominant risk drivers are not only the initiating fault, but also whether the system is already stressed, whether N-1 security is preserved, whether voltage/frequency instability propagates, and whether emergency controls work. For a real Romanian PRA, the probabilities should be replaced with Transelectrica outage statistics, ENTSO-E operational data, historical remedial actions, load-flow simulations, and Monte Carlo adequacy/security studies.

4.6. Representative Microgrid Model

System: 13.8 kV, 5 MVA radial microgrid with 5 buses (Table 20).

Lines: (Table 21).

Generation assumption is according with Table 22.

1.: Power-flow study

Using a backward-forward sweep load-flow method on a 5 MVA base: Table 23.

Grid import:

P = 1.657 MW

Q = 1.160 Mvar

Total load net of DER:

P = 1.650 MW

Q = 1.150 Mvar

Network losses:

P loss = 7.3 kW

Q loss = 9.8 kvar

Result: all voltages remain within the common ±5% operating range, so the base case is acceptable.

2.: Peak-load/low renewable case

Assume PV output drops to zero and the battery is not discharging (Table 24).

Grid import:

P = 2.666 MW

Q = 1.171 MVar

Losses:

P loss = 15.8 kW

Result: voltage remains acceptable, but losses roughly double compared with the DER support case.

3.: Frequency stability/islanding analysis

For islanded operation, the simplified swing-frequency model is:

\frac{2 H}{f_{0}} \frac{d f}{d t} = P_{m} - P_{c} - D △ f

Assume: Table 25.

Approximate steady-state frequency deviation:

△ f = \frac{- 0.6}{0.8 + 0.8} = - 0.375 H z

So the final frequency is approximately:

f = 50 − 0.375 = 49.625 Hz

Result: the islanded microgrid remains stable, but the frequency dip is significant. A battery fast frequency response would improve nadir and settling time.

4.7. Key Findings:

The representative microgrid is technically feasible under normal and peak-load conditions. DER support reduces grid import by about 1 MW and halves real power losses. During islanding, stability is maintained if the diesel generator and battery provide droop/frequency support, but the battery should be prioritized for fast response after PV or grid disturbances.

4.8. Large-Scale Risk-Based Simulation Scenarios for Microgrid Resilience Assessment

Suggested simulation platform: Multi-microgrid test system: urban hospital/campus, military/critical facility, rural community, and islanded/remote microgrids connected through a distribution feeder. Include PV, wind, diesel/gas gensets, BESS, EV charging, demand response, and critical/non-critical loads. This aligns with resilience-focused microgrid literature emphasizing islanding, storage, critical-load support, cyber–physical control, and long-duration outages, according with table below:

Scenario	Risk event	Simulation Purpose	Key Variables	Main Metrics
1. Long-duration blackout	Transmission/distribution outage for 24 h, 72 h, 7 days, 14 days	Test energy security under prolonged grid loss	BESS SOC, diesel fuel, renewable forecast error, load priority	Critical load served, unserved energy, autonomy hours, restoration time
2. Extreme weather disaster	Storm/flood/heatwave damages feeder lines and DER assets	Evaluate resilience to natural hazards	Line failure rate, PV derating, wind cut-out, repair delay	Energy not served, resilience index, load recovery curve
3. Coordinated cyberattack	False data injection, SCADA outage, inverter-control manipulation	Test cyber–physical risk management	Communication delay, compromised sensors, control fallback	Frequency/voltage violations, detection time, critical-load loss
4. Fuel supply disruption	Diesel/gas delivery unavailable for 3–10 days	Assess dependence on fossil backup	Fuel stock, generator efficiency, renewable penetration	Fuel autonomy, renewable contribution, blackout probability
5. Renewable intermittency + forecast error	Sudden cloud cover, wind ramp-down, forecasting error	Test operational flexibility	PV/wind forecast error ±10–40%, BESS size, reserve margin	Reliability, curtailment, reserve shortfall
6. Peak-load national emergency	Heatwave or cold wave increases demand by 20–50%	Study stress during national-level demand surge	HVAC load, EV charging, demand response participation	Peak shaving, critical service continuity, cost of load shedding
7. Cascading distribution failure	Upstream feeder trip plus local line overloads	Examine microgrid’s role in preventing cascading outages	Protection settings, islanding time, relay coordination	Successful islanding rate, voltage stability, recovery time
8. Military or government facility resilience	Attack or emergency isolates a defense/administrative base	Link microgrids to national resilience	Mission-critical load, secure communications, RMF-compliant control	Mission-load survivability, cyber compliance, autonomy
9. Hospital/community shelter operation	Regional outage during disaster; hospital and shelters must operate	Test public-safety resilience	Medical load, refrigeration, water pumps, communications	Life-safety load served, outage duration avoided
10. Networked microgrids after disaster	Several microgrids share energy while main grid is unavailable	Compare isolated vs. networked resilience	Tie-line capacity, energy-sharing rules, local surplus	Total unserved energy, equity of supply, system-wide resilience
11. Island/remote community cable failure	Mainland cable or overhead connection is lost	Model national resilience for isolated regions	Local DER capacity, BESS, demand flexibility	Days of autonomy, import dependence reduction
12. Compound event	Cyberattack occurs during storm-related outage	Most realistic high-impact stress case	Weather damage + communication failure + DER uncertainty	Worst-case resilience, risk score, recovery cost

Four main case studies:

Baseline normal operation;
Long-duration blackout with islanding;
Extreme weather + renewable uncertainty;
Compound cyber–physical disaster scenario.

Then, compare three strategies: no microgrid, single microgrid, and networked microgrids with risk-aware energy management. Recent studies increasingly emphasize risk-aware scheduling, sensor-based monitoring, cyber–physical security, and networked microgrids for disaster resilience.

Good performance indicators:

Energy security: critical load served, autonomy duration, fuel dependence, renewable utilization;
Resilience: outage survival time, recovery time, resilience triangle area, unserved energy;
Risk: probability of failure, expected energy not served, cyber-risk score, asset vulnerability;
Economic: operating cost, value of lost load, cost of resilience investment;
National resilience: continuity of hospitals, communications, water pumping, defense, emergency shelters.

4.9. Comparison with Recent Resilience Assessment and Microgrid Risk Management Studies

To further clarify the novelty of the proposed framework, the table below compares it with recent resilience assessment and microgrid risk management approaches, according with table below.

Study	Main focus	Key limitation	Advantage of the proposed method
Mishra et al.	Holistic microgrid resilience framework based on threats, vulnerabilities, and mitigation strategies	Mainly conceptual and design-oriented	Adds scenario-based quantitative risk scoring and post-treatment recalculation
Ahmadisourenabadi et al.	Bayesian-network-based microgrid resilience considering EVs	Focused on optimization under selected risk assumptions	Covers multiple security threats: technical incidents, natural disasters, terrorism, and sabotage
Yuan et al.	Sensor-network-based resilience enhancement under natural disasters	Focuses mainly on information uncertainty and disaster response	Integrates probability, severity, vulnerability, impact, and treatment measures
Sapkota et al.	Monte Carlo-based multiphase resilience assessment with DERs	Strong simulation focus, less emphasis on national security risks	Links microgrid resilience to national power-system security
Tuan et al.	Review of grid resilience metrics and real-time control strategies	Provides review-level guidance rather than an applied case framework	Provides an operational assessment method applied to Romania’s Power System

Unlike many recent studies that focus mainly on optimization, simulation, or specific hazards, the proposed method combines qualitative strategic tools, namely SWOT and PESTEL analysis, with a practical multi-level risk matrix. The framework evaluates probability, severity, vulnerability, and impact for several high-impact scenarios and then recalculates residual risk after mitigation measures. This makes the approach more directly applicable for operators, policy makers, and critical infrastructure managers.

In this manuscript, this is demonstrated through scenarios such as technical incidents, natural disasters, terrorist attacks, and sabotage affecting 400 kV substations and the wider Romanian power system. Recent literature also confirms the relevance of microgrids for resilience, but often emphasizes either general resilience concepts, optimization, or specific disaster/cyber-risk settings rather than an integrated national-security-oriented framework.

5. Energy Security Strategy for Enhancing the Resilience of the Romanian Power System

Energy security has become a strategic priority for European states due to increasing geopolitical tensions, accelerated decarbonization, climate-related disruptions, and rapid electrification of final energy demand. For Romania, ensuring a resilient, affordable, and low-carbon electricity system is particularly important given its mixed-generation portfolio, regional interconnection role within the European grid, and exposure to both climate and geopolitical risks.

This paper outlines an energy security strategy focused on enhancing the resilience of the Romanian power system through diversification, infrastructure modernization, grid digitalization, and regional integration.

Romania’s electricity system is characterized by a diversified generation mix including nuclear, hydro, coal, gas, and rapidly growing renewable energy sources (wind and solar). A cornerstone of baseload stability is the Cernavodă Nuclear Power Plant, which provides a significant share of low-carbon electricity and contributes to system stability.

System operation and transmission are coordinated by Transelectrica, which manages the high-voltage grid and cross-border interconnections.

Key structural features include:

High dependence on hydro generation variability (hydrological risk exposure);
Aging thermal capacity still partially relied upon for balancing;
Increasing penetration of intermittent renewables;
Strategic importance of cross-border electricity trade within the EU internal energy market.

Energy Security Strategy for Enhancing the Resilience of the Romanian Power System—Technical, Safety and Security Solutions [26,27,28,29,30,31,32,33,34].

5.1. Technical Solutions (Grid Modernization & Operational Resilience)

A.

Smart Grid and Digitalization:

Deployment of advanced SCADA/EMS systems for real-time monitoring and control;
Expansion of digital substations
Integration of AI based predictive maintenance for transformers, lines, and switchgear;
Implementation of wide-area monitoring systems (WAMS) using PMUs (phasor measurement units);

Purpose: improve fault detection, faster response, and system observability.

B.

Grid Flexibility and Stability Enhancement:

Large-scale deployment of battery energy storage systems (BESS) for frequency regulation and peak shaving;
Expansion of pumped hydro storage (critical for Romania’s hydro-dominant system);
Use of grid-forming inverters for renewable plants to provide synthetic inertia;
Deployment of FACTS devices (STATCOM, SVC, HVDC links) for voltage stability and congestion management.

C.

Transmission and Distribution Reinforcement:

Upgrade of 400 kV backbone transmission network;
Strengthening cross-border interconnections (Hungary, Bulgaria, Serbia, Moldova, Ukraine);
Modernization of aging distribution networks (reducing technical losses and outages);
Implementation of self-healing grid architectures in distribution systems Romania already benefits from ENSTO-E integration, which is critical for regional balancing and resilience.

D.

Renewable Integration and System Balancing:

Advanced forecasting systems for wind and solar generation;
Dynamic curtailment systems for congestion management;
Mandatory grid-support functions (voltage, frequency ride-through) for renewables;
Development of regional balancing markets.

5.2. Cybersecurity Solutions (Critical Infrastructure Protection)

A.

Defense-in-Depth Cybersecurity Architecture:

Segmentation of IT and OT networks (strict separation of control systems);
Multi-layer firewalls and intrusion detection systems (IDS/IPS);
Continuous vulnerability scanning for SCADA and substation systems;
Cyberattacks on power systems are a recognized systemic risk requiring layered defenses.

B.

OT/SCADA Security Hardening:

Secure-by-design architecture for all grid digital systems;
Encryption of all SCADA communications (TLS, VPN tunneling);
Strict authentication (multi-factor + hardware tokens);
Whitelisting of authorized commands in control systems.

C.

Smart Grid and DER Cyber Protection:

Mandatory cybersecurity certification for distributed energy resources (DERs);
DNSC-defined standards for PV and small generators;
Secure firmware update mechanisms for inverter-based resources: Romania is already moving toward stricter cybersecurity rules for PV and cogeneration systems.

D.

National Energy Cyber Coordination:

Real-time threat intelligence sharing between: transmission operators (TSO), distribution operators (DSO), National Cyber Security Directorate (DNSC);
National Energy Cybersecurity SOC (Security Operations Center);
EU-level coordination via ENTSO-E cyber frameworks.

5.3. Physical Security and Critical Infrastructure Protection

A.

Protection of Critical Assets:

Physical hardening of: nuclear facilities (e.g., Cernavodă), major substations, gas-electric coupling infrastructure;
Anti-intrusion systems (perimeter detection, drones, thermal imaging).

B.

Resilience Against Extreme Events:

Flood protection systems for substations and hydro plants;
Wildfire-resistant grid corridors;
Storm-hardened transmission towers;
Underground cabling in high-risk urban areas;
Climate-driven extreme weather is a major resilience threat for European grids.

C.

Emergency Restoration Capability:

Mobile substations and black-start units;
Rapid deployment repair teams;
Strategic spare equipment reserves (transformers, breakers).

5.4. System Operation and Control Resilience

A.

Advanced Grid Operation Tools:

Real-time dynamic security assessment (DSA) tools;
AI based contingency analysis (N-1, N-2 security);
Adaptive protection schemes that adjust to grid conditions.

B.

Blackout Prevention and Recovery:

Automated load shedding schemes (UFLS/UVLS);
Fast frequency response (FFR) from batteries and renewables;
Black-start coordination between hydro and gas plants;
Regional restoration protocols with ENTSO-E neighbors.

5.5. Market and Structural Resilience Solutions

A.

Energy Market Integration:

Strengthening coupling with EU electricity markets (OPCOM integration);
Cross-border balancing mechanisms;
Real-time pricing signals for demand response.

B.

Demand-Side Flexibility:

Industrial demand response programs;
Smart metering rollout (AMI systems);
Dynamic tariffs to reduce peak stress.

C.

Diversification of Energy Sources:

Expansion of nuclear capacity (Cernavodă Units 3 & 4);
Gas diversification (domestic + LNG imports);
Accelerated renewables deployment (wind, solar, biomass) Romania’s strategy emphasizes diversification and interconnection as core security pillars.

5.6. Regional and EU Integration Solutions

A.

Cross-Border Interconnections:

New 400 kV interconnectors (Romania–Moldova, Romania–Serbia upgrades);
Increased import/export capacity for balancing emergencies;
Synchronization reinforcement within ENTSO-E Continental Europe grid.

B.

Regional Crisis Coordination:

Joint emergency response protocols with neighboring TSOs;
Shared reserve capacity agreements;
Regional adequacy assessments (capacity planning cooperation).

5.7. Governance, Policy, and Institutional Solutions

A.

Regulatory Strengthening:

Mandatory resilience standards for grid operators;
Cybersecurity compliance audits (EU NIS2 directive alignment);
Risk-based asset classification for critical infrastructure.

B.

National Energy Resilience Framework:

Centralized Energy Security Coordination Unit;
Regular stress-testing of grid scenarios (blackouts, cyberattacks, fuel shortages);
Annual resilience reporting aligned with EU requirements.

5.8. Modeling and Analysis of Cyber–Physical Coupling Mechanisms in Microgrids

5.8.1. Problem Context

Modern microgrids are tightly coupled cyber–physical systems (CPS) where:

the physical layer contains DERs, batteries, converters, loads, transformers, and protection devices;
the cyber layer contains EMS, SCADA, sensors, PMUs, controllers, communication links, IoT gateways, and cloud services;
Because both layers are interdependent, disturbances propagate bidirectionally:
cyber failures affect voltage/frequency stability;
physical disturbances overload communication/control systems.
This coupling increases systemic risk and cascading failure probability [35,36,37,38,39,40].

5.8.2. Proposed Realistic Microgrid Architecture

Hybrid AC/DC campus microgrid example:

Physical Layer

Components:

500 kW photovoltaic farm;
250 kW wind turbine;
1 MWh battery energy storage system (BESS);
diesel backup generator;
critical hospital loads;
EV charging station;
PCC connection to utility grid.

Cyber Layer

Components:

SCADA server;
Energy Management System (EMS);
PMUs and smart meters;
IEC 61850 communication network;
wireless controller links;
distributed secondary frequency controllers.

5.8.3. Cyber–Physical Coupling Model

Represent the microgrid as two interdependent graphs:

Physical Network

G_p = (V_p, E_p)

where:

Vp—buses, DERs, loads;
Ep—transmission/distribution lines.

Cyber Network

G_C = (V_C, E_C)

where:

V_C—controllers, RTUs, PMUs, EMS nodes;
E_C—communication channels.

Interdependency Matrix

The coupling between both layers is modeled using:

C = [c_ij]

where:

c_{ij} = \{\begin{matrix} 1 if cyber node i controls physical node j \\ 0 otherwis \end{matrix}

This creates a bidirectional dependency model:

controllers depend on electrical power,
physical devices depend on communication/control signals.

This graph-based interdependency approach is widely used in cyber–physical power-system resilience studies.

5.8.4. Dynamic State-Space Model

A realistic CPS microgrid can be represented as, according with table below:

x_{p} = A_{p} x_{p} + B_{p} u_{p} + F_{c p} {(x}_{c})

x_{p c} = A_{p} x_{p} + B_{p} u_{p} + F_{p c} {(x}_{p})

where:

Variable	Meaning
x_p	Physical states (voltage, frequency, SOC)
x_c	Cyber states (latency, packet loss, controller states)
F_cp	Cyber influence on physical system
F_pc	Physical influence on cyber system

5.8.5. Real Coupling Mechanisms

A.: Frequency Control Coupling

Secondary frequency control depends on communication:

△ f_{i} = k_{i} \sum_{j \in N i} {(f}_{i} - f_{j})

Communication delay modifies the control law:

△f_i = (t − τ)

where:

τ = network latency.

Large latency causes:

oscillations,
synchronization loss,
unstable islanded operation.

This mechanism is observed in distributed microgrid control research.

B.: False Data Injection (FDI)

Attacker modifies sensor values:

z = H_x + a

where

a is malicious injected data.

Consequences:

incorrect EMS optimization;
overcharging BESS;
load shedding errors;
frequency instability.

FDI is one of the most studied CPS attacks in microgrids.

C.: Denial-of-Service (DoS)

Communication interruption modeled as:

u (t) = 0, t∈[t₁, t₂]

Effects:

controller isolation,
delayed dispatch,
DER desynchronization.

5.8.6. Cascading Failure Analysis

The paper becomes much stronger if you include cascading propagation.

Define node functionality:

ϕ_{i} = \{\begin{matrix} 1 operational \\ 0 failed \end{matrix}

Failure propagation:

ϕj(t + 1) = f(ϕi(t),C_ij)

Example scenario:

cyberattack disables EMS node,
inverter dispatch becomes incorrect,
line overload occurs,
protection relay trips feeder,
hospital load enters emergency mode.

This is a realistic national resilience scenario.

5.8.7. Quantitative Risk Assessment

Use a composite cyber–physical risk index, according with table below:

R = P_f × I_f × C_d

where:

Parameter	Meaning
P_f	Failure probability
I_f	Operational impact
C_d	Cyber dependency factor

Example Table below

Threat	Physical Impact	Cyber Dependency
FDI attack	Voltage instability	High
DoS attack	Loss of EMS control	Medium
PMU spoofing	Incorrect state estimation	High
Line outage	Islanding transition	Low

Suggested Simulation Scenario

Event Sequence:

normal grid-connected mode;
cyberattack on EMS at t = 5 s;
packet delay rises to 400 ms;
frequency deviation exceeds 0.7 Hz;
microgrid islands;
distributed controller restores stability.

Key metrics, according with table below

Metric	Description
Frequency deviation	Dynamic resilience
Voltage recovery time	Restoration capability
Packet loss	Cuber degradation
ENS	Energy Not Supplied
SAIDI/SAIFI	Reliability
Cyber Risk Index	Security exposure

5.8.8. National Resilience Perspective

To align with your paper title, connect microgrid CPS resilience with:

hospitals,
military bases,
telecom infrastructure,
water treatment plants,
emergency shelters.

Microgrids improve national resilience because they:

maintain critical loads during grid collapse,
isolate from cascading blackouts,
provide autonomous restoration capability.

However, digitalization introduces cyber exposure requiring integrated risk governance.

This study develops an integrated cyber–physical coupling model for microgrids based on interdependent network theory and dynamic state-space analysis. The proposed framework captures bidirectional dependencies between communication infrastructure and electrical subsystems, enabling realistic modeling of cascading failures, false data injection attacks, communication delays, and distributed control instability. The framework supports quantitative resilience assessment for critical infrastructure applications and national energy-security planning. (Figure 4, Figure 5, Figure 6 and Figure 7) [41,42,43,44,45,46,47,48,49,50,51,52,53].

5.9. Conclusion

A resilient Romanian power system requires a multi-layered strategy combining: advanced grid technologies (smart grid, storage, automation); strong cybersecurity and OT protection; physical infrastructure hardening against climate and sabotage risks; flexible markets and diversified energy sources; and deep regional integration within ENTSO-E.

Together, these measures form a cyber–physical energy resilience architecture capable of ensuring Romania’s long-term energy security under increasing geopolitical, climate, and technological risks.

6. Conclusions

This study demonstrates that microgrids represent a critical component in strengthening the security, flexibility, and resilience of modern power systems, particularly in the context of increasing decentralization and exposure to diverse risk factors. The analysis confirms that the Romanian power system, like many contemporary energy infrastructures, faces a wide spectrum of threats—including natural hazards, terrorist attacks, technical failures, and acts of sabotage—which necessitate a structured and proactive risk management approach. The proposed multi-level risk assessment framework, integrating probabilistic analysis with impact severity evaluation, proves to be an effective tool for identifying, quantifying, and prioritizing risk scenarios. Its application through case studies highlights that microgrids significantly enhance system resilience by enabling islanded operation, reducing dependency on centralized generation, and facilitating faster recovery following disturbances. This reinforces the conclusion that decentralized energy architectures are not only technically viable but strategically essential for national energy security. Furthermore, the incorporation of SWOT and PESTEL analyses provides a holistic understanding of the Romanian power system’s internal capabilities and external pressures. These strategic tools reveal that while Romania benefits from considerable renewable energy potential and ongoing modernization efforts, challenges persist in terms of regulatory consistency, infrastructure aging, cybersecurity vulnerabilities, and investment constraints. Addressing these factors is essential for maximizing the benefits of microgrid deployment. The findings also emphasize that risk management in microgrids must extend beyond purely technical considerations. Economic feasibility, regulatory frameworks, and operational coordination play equally important roles in ensuring successful implementation. Therefore, an interdisciplinary and adaptive approach is required, combining engineering solutions with policy support and market mechanisms. In conclusion, this research underscores the importance of proactive and integrated risk management strategies in advancing resilient and secure energy systems. The validated framework not only enhances microgrid performance under diverse disturbance scenarios but also offers a scalable and adaptable model applicable to other national power systems. As energy systems continue to evolve toward greater decentralization and renewable integration, such methodologies will be indispensable in ensuring long-term sustainability, stability, and security.

The paper has examined risk management of microgrids in power systems as a critical pathway for enhancing energy security and national resilience. The analysis demonstrates that microgrids can significantly reduce system vulnerability by enabling localized generation, flexible demand response, islanded operation, and faster restoration following disruptive events. The key quantitative findings indicate that well-designed microgrid architectures can improve supply reliability, reduce outage duration, and enhance operational continuity during grid disturbances. In particular, the integration of distributed energy resources, energy storage systems, and advanced control strategies contributes to measurable improvements in resilience indices, including reduced expected energy not served, lower loss-of-load probability, shorter restoration time, and improved availability of critical loads. These results confirm that microgrids are not only technical assets for decentralized energy management but also strategic infrastructure for mitigating cascading failures, cyber–physical disruptions, extreme weather impacts, and fuel supply uncertainties.

The findings further show that risk-informed planning is essential for maximizing the contribution of microgrids to national energy resilience. Quantitative assessment of operational, technical, economic, cyber, and environmental risks provides decision-makers with a structured basis for prioritizing investments, strengthening vulnerable nodes, and improving emergency preparedness. The study highlights that resilience gains are greatest when microgrid deployment is combined with diversified generation portfolios, sufficient storage capacity, adaptive protection systems, secure communication networks, and coordinated restoration strategies. Therefore, microgrids should be treated as an integral component of modern power system security planning rather than as isolated local energy solutions.

Future research should advance in three main directions. First, data-driven resilience assessment should be further developed using real-time monitoring data, probabilistic risk models, digital twins, and advanced forecasting techniques. Such approaches can support dynamic evaluation of microgrid vulnerability under evolving threats, including extreme weather events, demand uncertainty, renewable generation variability, and cyberattacks. Second, AI-assisted emergency control offers strong potential for improving situational awareness, fault detection, adaptive islanding, load prioritization, and rapid service restoration. Machine learning, reinforcement learning, and intelligent optimization methods can enable microgrids to respond autonomously and efficiently during high-impact, low-probability events. Third, future studies should investigate the coordinated operation of multi-microgrid systems, where neighboring microgrids exchange power, reserve capacity, and operational information to support regional resilience. Coordinated multi-microgrid control can enhance resource sharing, reduce restoration costs, improve voltage and frequency stability, and strengthen the resilience of critical infrastructure networks.

Overall, the study confirms that microgrids represent a practical and scalable solution for managing power system risks and strengthening energy security. By combining quantitative risk assessment, resilient design, intelligent control, and coordinated operation, microgrids can play a central role in building robust, adaptive, and secure energy systems capable of supporting national resilience in the face of increasing uncertainty and disruption.

Author Contributions

Conceptualization, N.D.F., F.G.P., M.G.M., A.M.S. and A.A.R.; Methodology, N.D.F., M.I.O., M.D.M., F.M.-G., I.L.D., A.N. and G.P.; Software, M.I.O., C.R.O. and A.M.S.; Validation, A.M.S. and A.N.; Formal analysis, C.R.O., A.M.S. and A.N.; Resources, F.M.-G. and I.L.D.; Data curation, M.D.M., F.M.-G. and G.P.; Writing—original draft, C.R.O.; Writing—review & editing, F.G.P.; Visualization, M.G.M., F.M.-G., G.P. and A.A.R.; Supervision, I.L.D.; Project administration, F.G.P. and A.A.R.; Funding acquisition, M.G.M. and A.A.R. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

Data is contained within the article.

Conflicts of Interest

The authors declare no conflict of interest.

References

Petrilean, D.C.; Fîță, N.D.; Vasilescu, G.D.; Ilieva-Obretenova, M.; Tataru, D.; Cruceru, E.A.; Mateiu, C.I.; Nicola, A.; Darabont, D.-C.; Cazac, A.-M.; et al. Sustainability Management Through the Assessment of Instability and Insecurity Risk Scenarios in Romania’s Energy Critical Infrastructures. Sustainability 2025, 17, 2932. [Google Scholar] [CrossRef]
Muresan-Grecu, F.; Fita, N.D.; Babut, G.B.; Obretenova, M.I.; Pasculescu, D.; Lazar, T.; Uțu, I.; Rada, C.; Schiopu, A.M.; Nicola, A.; et al. Analysis and Assessment of Energy Security in the Context of Ensuring Economic Sustainability and Crisis Prevention. Sustainability 2026, 18, 3183. [Google Scholar] [CrossRef]
National Power Grid Transelectrica—Romania. Available online: www.transelectrica.ro (accessed on 19 May 2026).
ENTSO-E (European Network of Transmission System Operators for Electricity)—European Union. Available online: www.entsoe.eu (accessed on 19 May 2026).
Kundur, P. Power System Stability and Control; McGraw-Hill: New York, NY, USA, 1994. [Google Scholar]
Wood, A.J.; Wollenberg, B.F.; Sheblé, G.C. Power Generation, Operation, and Control, 2nd ed.; Wiley-Interscience: New York, NY, USA, 1996. [Google Scholar]
Esparza, A.; Blondin, M.; Trovão, J.P.F. A Review of Optimization Strategies for Energy Management in Microgrids. Energies 2025, 18, 3245. [Google Scholar] [CrossRef]
Aslam, M.U.; Miah, M.S.; Amin, B.M.R.; Shah, R.; Amjady, N. Application of Energy Storage Systems to Enhance Power System Resilience: A Critical Review. Energies 2025, 18, 3883. [Google Scholar] [CrossRef]
Bevrani, H. Robust Power System Frequency Control; Springer: New York, NY, USA, 2009. [Google Scholar] [CrossRef]
Machowski, J.; Bialek, J.W.; Bumby, J.R. Power System Dynamics: Stability and Control, 3rd ed.; Wiley: West Sussex, UK, 2020; Available online: https://www.wiley.com/en-gb/shop/general-introductory-electrical-electronics-engineering/power-system-dynamics-stability-and-control-3rd-edition-p-9781119526360 (accessed on 19 May 2026).
Awerbuch, S.; Berger, M. Applying Portfolio Theory to EU Electricity Planning and Policy-Making; IEA Report No. EET/2003/03; International Energy Agency: Paris, France, 2003. [Google Scholar]
Andersson, G.; Donalek, P.; Farmer, R.; Hatziargyriou, N.; Kamwa, I.; Kundur, P.; Martins, N.; Paserba, J.; Pourbeik, P.; Sanchez-Gasca, J.; et al. Causes of the 2003 Major Grid Blackouts in North America and Europe, and Recommended Means to Improve System Dynamic Performance. IEEE Trans. Power Syst. 2005, 20, 1922–1928. [Google Scholar] [CrossRef]
Final Report. System Disturbance on 4 November 2006. Available online: https://eepublicdownloads.entsoe.eu/clean-documents/pre2015/publications/ce/otherreports/Final-Report-20070130.pdf (accessed on 19 February 2023).
Lin, W.; Tang, Y.; Sun, H.; Guo, Q.; Zhao, H.; Zeng, B. Blackout in Brazil Power Grid on February 4, 2011 and Inspirations for Stable Operation of Power Grid. Autom. Electr. Power Syst. 2011, 35, 1–5. [Google Scholar]
Velay, M.; Vinyals, M.; Besanger, Y.; Retière, N. An Analysis of Large-Scale Transmission Power Blackouts from 2005 to 2016. Available online: https://hal.science/hal-02330748v1/document (accessed on 19 February 2023).
Raza, M.A.; Khatri, K.L.; Hussain, A.; Khan, M.H.A.; Shah, A.; Taj, H. Analysis and Proposed Remedies for Power System Blackouts around the Globe. Eng. Proc. 2022, 20, 5. [Google Scholar]
Haes Alhelou, H.; Hamedani-Golshan, M.E.; Njenda, T.C.; Siano, P. A Survey on Power System Blackout and Cascading Events: Research Motivations and Challenges. Energies 2019, 12, 682. [Google Scholar] [CrossRef]
Overland, I.; Juraev, J.; Vakulchuk, R. Are renewable energy sources more evenly distributed than fossil fuels? Renew. Energy 2022, 200, 379–386. [Google Scholar]
Bahgat, G. Europe’s Energy Security: Challenges and Opportunities. Int. Aff. 2006, 82, 961–975. [Google Scholar] [CrossRef]
Zakeri, B.; Paulavets, K.; Barreto-Gomez, L.; Echeverri, L.G.; Pachauri, S.; Boza-Kiss, B.; Zimm, C.; Rogelj, J.; Creutzig, F.; Ürge-Vorsatz, D.; et al. Pandemic, War, and Global Energy Transitions. Energies 2022, 15, 6114. [Google Scholar] [CrossRef]
Hu, G.; Yang, J.; Li, J. The Dynamic Evolution of Global Energy Security and Geopolitical Games: 1995~2019. Int. J. Environ. Res. Public Health 2022, 19, 14584. [Google Scholar] [CrossRef] [PubMed]
Gitelman, L.; Magaril, E.; Kozhevnikov, M. Energy Security: New Threats and Solutions. Energies 2023, 16, 2869. [Google Scholar] [CrossRef]
Toke, D.; Vezirgiannidou, S.-E. The relationship between climate change and energy security: Key issues and conclusions. Environ. Politics 2013, 22, 537–552. [Google Scholar] [CrossRef]
Cherp, A.; Jewell, J. The three perspectives on energy security: Intellectual history, disciplinary roots and the potential for integration. Curr. Opin. Environ. Sustain. 2011, 3, 202–212. [Google Scholar] [CrossRef]
Winzer, C. Conceptualizing Energy Security. Energy Policy 2012, 46, 36–48. [Google Scholar] [CrossRef]
Månsson, A.; Johansson, B.; Nilsson, L.J. Assessing energy security: An overview of commonly used methodologies. Energy 2014, 73, 1–14. [Google Scholar] [CrossRef]
Climate Risk and Adaptation in the Electric Power Sector. Asian Development Bank. 2012. Available online: https://www.adb.org/sites/default/files/publication/29889/climate-risks-adaptation-power-sector.pdf (accessed on 19 February 2023).
Gitelman, L.D.; Dobrodey, V.V.; Kozhevnikov, M.V. Tools for Sustainable Development of Regional Energy Systems. Econ. Reg. 2020, 16, 1208–1223. [Google Scholar] [CrossRef]
Gitelman, L.D.; Gitelman, L.M.; Kozhevnikov, M.V. Managers for sustainable electric power industry of tomorrow. Int. J. Sustain. Dev. Plan. 2018, 13, 307–315. [Google Scholar] [CrossRef]
Gitelman, L.D. Management education for a sustainable electric power industry in the 21st century. WIT Trans. Ecol. Environ. 2014, 190, 1197–1203. [Google Scholar]
Matsui, E.A.; Kryukova, E.V. Energy security is an important component of national security. SHS Web Conf. 2021, 110, 01049. [Google Scholar] [CrossRef]
Ayoo, C. Towards Energy Security for the Twenty-First Century. In Energy Policy; IntechOpen: London, UK, 2020; Available online: https://www.intechopen.com/chapters/71825 (accessed on 19 February 2023).
Podbregar, I.; Šimić, G.; Radovanović, M.; Filipović, S.; Maletič, D.; Šprajc, P. The International Energy Security Risk Index in Sustainable Energy and Economy Transition Decision Making—A Reliability Analysis. Energies 2020, 13, 3691. [Google Scholar] [CrossRef]
Fita, N.D.; Utu, I.; Marcu, M.D.; Pasculescu, D.; Mila, I.O.; Popescu, F.G.; Lazar, T.; Schiopu, A.M.; Muresan-Grecu, F.; Cruceru, E.A. Global Energy Crisis and the Risk of Blackout: Interdisciplinary Analysis and Perspectives on Energy Infrastructure and Security. Energies 2025, 18, 4244. [Google Scholar] [CrossRef]
Billanes, J.D.; Jørgensen, B.N.; Ma, Z. A Framework for Resilient Community Microgrids: Review and Future Directions. Energies 2025, 18, 405. [Google Scholar] [CrossRef]
He, J.-H.; Lin, J.-H. Review of Microgrids to Enhance Power System Resilience. Eng. Proc. 2025, 92, 82. [Google Scholar]
Tuan, L.A.; Bouloumpasis, I.; Steen, D. Resilience-Driven Planning and Real-Time Control Strategies. Curr. Sustain. Energy Rep. 2025, 12, 1–10. [Google Scholar]
Sapkota, A.; Karki, R. Multi-phase microgrid resiliency assessment framework against extreme weather events. Energy Convers. Econ. 2025, 6, 111–125. [Google Scholar] [CrossRef]
Nazari, M.H.; Varmazyari, H.; Biswas, A.K.; Cali, Ü.; Belnap, H.; Parvania, M. A review of community-centric power system resilience: Strategies, data-driven methods, and techno-legal perspectives. Electr. Power Syst. Res. 2025, 260, 113285. [Google Scholar] [CrossRef]
Huang, Y.; Rong, X.; Bie, Z.; Li, J.; Huang, B.; Zhao, T.; Li, G. Artificial Intelligence for Resilient Power System: Motivations, Challenges, and Opportunities. Smart Power Energy Secur. 2025, 1, 65–75. [Google Scholar] [CrossRef]
Hadi, M.; Elbouchikhi, E.; Zhou, Z.; Saim, A.; Shafie-Khah, M.; Siano, P.; Rahbarimagham, H.; Colom, P.M. Artificial Intelligence for Microgrids Design, Control, and Maintenance. Energy Convers. Manag. X 2025, 27, 101056. [Google Scholar] [CrossRef]
Razmi, D.; Razmi, P.; Babayomi, O.; Zhang, Z. Toward Intelligent and Resilient Microgrids: A Survey of Machine Learning Approaches. Appl. Energy 2026, 415, 127929. [Google Scholar] [CrossRef]
Li, Y.; Zhang, S.; Li, Y. AI-Enhanced Resilience in Power Systems: Adversarial Deep Learning for Robust Short-Term Voltage Stability Assessment under Cyber-Attacks. arXiv 2025, arXiv:2504.02859. [Google Scholar] [CrossRef]
Pasculescu, D.; Riurean, S.; Ilieva-Obretenova, M.; Lazar, T.; Tatar, A.M.; Fita, N.D. Intelligent Modeling of PV–BESS Microgrids for Enhanced Resilience. Energies 2025, 19, 148. [Google Scholar] [CrossRef]
Hristov, E.; Nakov, P. Metrics-Driven Cyber-Resilience Evaluation for Renewable Energy Infrastructures. Available online: https://unitech-selectedpapers.tugab.bg/archive/unitech-2025/thematic-sessions/electrical-engineering?view=article&id=263:metrics-driven-cyber-resilience-evaluation-for-renewable-energy-infrastructures&catid=29:papers-2025 (accessed on 19 May 2026).
Rouhani, S.H.; Su, C.-L.; Mobayen, S.; Razmjooy, N.; Elsisi, M. Cyber Resilience in Renewable Microgrids: A Review of Standards, Challenges, and Solutions. Energy 2024, 309, 133081. [Google Scholar] [CrossRef]
Afrin, S.; Al Muttaki, R.; Anil, A.I.A.; Hasan, S. AI-Powered Cybersecurity for Smart Grid Communication. Energy Convers. Manag. X 2025, 29, 101416. [Google Scholar] [CrossRef]
Zhao, T.; Tu, H.; Jin, R.; Xia, Y.; Wang, F. Improving resilience of cyber–physical power systems against cyber attacks through strategic energy storage deployment. Reliab. Eng. Syst. Saf. 2024, 252, 110438. [Google Scholar] [CrossRef]
World Bank. Resilience Metrics and Standards for Transmission Systems; World Bank: Washington, DC, USA, 2025. [Google Scholar]
Saleheen, M.Z.; Wagner, M.; Razzaghi, R.; Wang, H. Reliability as a Design Principle: A Systematic Review and Integrated Framework for Renewable-Based Microgrids. Energy Convers. Manag. X 2026, 30, 101878. [Google Scholar] [CrossRef]
Castañeda-Arias, N.; Díaz-Aldana, N.L.; Hernandez, A.L.; Jutinico, A.L. Energy Management in Microgrid Systems. Electricity 2025, 6, 73. [Google Scholar] [CrossRef]
Mishra, S.; Anderson, K.; Miller, B.; Boyer, K.; Warren, A. Microgrid Resilience: A Holistic Approach for Assessing Threats, Identifying Vulnerabilities, and Designing Corresponding Mitigation Strategies. Appl. Energy 2020, 264, 114726. [Google Scholar] [CrossRef]
Lasseter, R.H. Microgrids. In IEEE PES Winter Meeting. Foundational Work Introducing the Modern Microgrid Concept; IEEE: Washington, DC, USA, 2002. [Google Scholar]

Figure 1. Romanian Power System Map (source: www.transelectrica.ro).

Figure 2. Map of Microgrid Schematic Diagram.

Figure 3. Map of Microgrid in Power System.

Figure 4. Cyber–Physical Layered Architecture of Microgrid.

Figure 5. Cascading Failure Propagation in Microgrid (Cyber—Plysical Coupling).

Figure 6. Control—Loop Communication Topology in Microgrid.

Figure 7. Risk Heat Map of Cyber—Physical Coupling in Microgrid.

Table 1. Vulnerability and capability analysis.

Vulnerability and Capability	LEVEL
1. Failure to complete the 400 kV transmission ring in Romania.	Very low
	Low
	Average
	High
	Very high
2. Level of staff specialization and the regularity of training provided to personnel responsible for power supply restoration tasks.	Very low
	Low
	Average
	High
	Very high

Table 3. Proposed measures.

Vulnerability and/or Capability	Proposed Measures
1. Failure to complete the 400 kV transmission ring in Romania.	- substantial investments in critical infrastructure at both national and European levels; - the predictability and stability of the political system; - access to European funding dedicated to enhancing the security of European critical infrastructure.
2. Level of staff specialization and the regularity of training provided to personnel responsible for power supply restoration tasks.	- provision of training and professional development courses for operational, maintenance, and security personnel; - analysis and evaluation of events, incidents, and related occurrences; - inspection of operating-line installations and execution of preventive maintenance activities.

Table 4. Measures after risk treatment.

Vulnerability	Identified	After Applying the Measures
1. Failure to complete the 400 kV transmission ring in Romania. 2. Level of staff specialization and the regularity of training provided to personnel responsible for power supply restoration tasks.	1. Very low	1. Very low
	2. Low	2. Low
	3. Average	3. Average
	4. High	4. High
	5. Very high	5. Very high

Table 5. Vulnerability and capability analysis.

Vulnerability and Capability	LEVEL
1. Inadequate or improperly designed power substations and overhead transmission lines from a seismic resilience perspective; 2. The potential occurrence of a tsunami triggered by seismic events; 3. Insufficient staffing levels or inadequately trained personnel for crisis response, natural disaster management, and risk mitigation activities.	Very low
	Low
	Average
	High
	Very high

Table 7. Proposed measures.

Vulnerability and/or Capability

Proposed Measures

1. Inadequate or improperly designed power substations and overhead transmission lines from a seismic resilience perspective;
2. The potential occurrence of a tsunami triggered by seismic events;
3. Insufficient staffing levels or inadequately trained personnel for crisis response, natural disaster management, and risk mitigation activities.

-: Significant investments in national and European critical infrastructure from a seismic resilience perspective;
-: Improved predictability of natural disasters through strengthened collaboration with state institutions responsible for emergency management;
-: provision of initial training and periodic refresher programs for operational, maintenance, and security personnel;
-: evaluation and analysis of events related to natural disaster occurrences.

Table 8. Measures after risk treatment.

Vulnerability	Identificated	After Applying the Measures
1. Inadequate or improperly designed power substations and overhead transmission lines from a seismic resilience perspective; 2. The potential occurrence of a tsunami triggered by seismic events; 3. Insufficient staffing levels or inadequately trained personnel for crisis response, natural disaster management, and risk mitigation activities.	1. Very low	1. Very low
	2. Low	2. Low
	3. Average	3. Average
	4. High	4. High
	5. Very high	5. Very high

Table 9. Vulnerability and capability analysis.

Vulnerability and Capability	LEVEL
1. Non-compliance with fire safety regulations and physical security standards; 2. Insufficient training of personnel responsible for critical infrastructure protection management; 3. Inadequate staffing and/or insufficiently trained cybersecurity personnel, coupled with vulnerabilities in hardware and software systems, insecure communication channels, and underinvestment in cybersecurity measures.	Very low
	Low
	Average
	High
	Very high

Table 11. Proposed measures.

Vulnerability and/or Capability

Proposed Measures

1. Non-compliance with fire safety regulations and physical security standards;
2. Insufficient training of personnel responsible for critical infrastructure protection management;
3. Inadequate staffing and/or insufficiently trained cybersecurity personnel, coupled with vulnerabilities in hardware and software systems, insecure communication channels, and underinvestment in cybersecurity measures.

-: Monitoring and ensuring compliance with fire safety and physical security standards;
-: Providing initial and refresher training programs for personnel responsible for critical infrastructure protection management;
-: Delivering cybersecurity training for relevant staff;
-: Procuring high-performance and secure hardware and software systems;
-: Implementing substantial investments in cybersecurity infrastructure and components.

Table 12. Measures after risk treatment.

Vulnerability	Identified	After Applying the Measures
1. Non-compliance with fire safety regulations and physical security standards; 2. Insufficient training of personnel responsible for critical infrastructure protection management; 3. Inadequate staffing and/or insufficiently trained cybersecurity personnel, coupled with vulnerabilities in hardware and software systems, insecure communication channels, and underinvestment in cybersecurity measures.	1. Very low	1. Very low
	2. Low	2. Low
	3. Average	3. Average
	4. High	4. High
	5. Very high	5. Very high

Table 13. Vulnerability and capability analysis.

Vulnerability and Capability	LEVEL
Human risk factors: Manufacturing defects or substandard quality of photovoltaic (PV) panels; Degradation or failure of step-up transformers and overhead/underground cables due to aging or equipment wear; Overloading of the PV plant caused by excessive electricity demand within the power substation; Occurrence of short circuits in transmission lines or electrical distribution panels; Reduced performance, limited lifespan, and low quality of electrical equipment; Absence of energy storage systems; Inadequate or insufficient SCADA (Supervisory Control and Data Acquisition) systems; Lack of robust cybersecurity measures or programs; Insufficient maintenance activities or poor-quality repair interventions; Human operational errors in the management or control of the PV plant and associated electrical networks; Acts of vandalism, theft, or intentional sabotage; Insufficient investment in infrastructure and system development; Incorrect system configuration of PV panels, inverters, transformers, and power evacuation lines; Improper operational or switching actions performed by operational or dispatch personnel; Lack of adequately trained or specialized operational staff; Poor or insufficient communication with territorial energy dispatch centers or the national energy dispatcher; Absence of standardized operating procedures for crisis situations; Non-compliance with, or lack of knowledge of, national and European regulations in the event of major incidents (e.g., blackouts); Insufficient training in risk management practices; Inadequate physical security of PV installations.	Very low
	Low
	Average
	High
	Very high

Table 15. Proposed measures.

Vulnerability and/or Capability

Proposed Measures

Human risk factors:

Manufacturing defects or substandard quality of photovoltaic (PV) panels;
Degradation or failure of step-up transformers and overhead/underground cables due to aging or equipment wear;
Overloading of the PV plant caused by excessive electricity demand within the power substation;
Occurrence of short circuits in transmission lines or electrical distribution panels;
Reduced performance, limited lifespan, and low quality of electrical equipment;
Absence of energy storage systems;
Inadequate or insufficient SCADA (Supervisory Control and Data Acquisition) systems;
Lack of robust cybersecurity measures or programs;
Insufficient maintenance activities or poor-quality repair interventions;
Human operational errors in the management or control of the PV plant and associated electrical networks;
Acts of vandalism, theft, or intentional sabotage;
Insufficient investment in infrastructure and system development;
Incorrect system configuration of PV panels, inverters, transformers, and power evacuation lines;
Improper operational or switching actions performed by operational or dispatch personnel;
Lack of adequately trained or specialized operational staff;
Poor or insufficient communication with territorial energy dispatch centers or the national energy dispatcher;
Absence of standardized operating procedures for crisis situations;
Non-compliance with, or lack of knowledge of, national and European regulations in the event of major incidents (e.g., blackouts);
Insufficient training in risk management practices; Inadequate physical security of PV installations.

-: substantial investment in national and European critical infrastructure assets;
-: stability and predictability of the political and regulatory environment;
-: utilization of European funding mechanisms dedicated to the protection and resilience of critical European infrastructure;
-: provision of initial and advanced training programs for operational, maintenance, and security personnel;
-: systematic analysis of incidents, events, and operational disruptions;
-: inspection of operational installations and implementation of preventive maintenance procedures along the operational line;
-: enforcement and continuous monitoring of physical security standards and compliance requirements;
-: specialized training and professional development for personnel responsible for Critical Infrastructure Protection management;
-: cybersecurity training and capacity building for relevant staff.

Table 16. Measures after risk treatment.

Vulnerability	Identificated	After Applying the Measures
Human risk factors: Manufacturing defects or substandard quality of photovoltaic (PV) panels; Degradation or failure of step-up transformers and overhead/underground cables due to aging or equipment wear; Overloading of the PV plant caused by excessive electricity demand within the power substation; Occurrence of short circuits in transmission lines or electrical distribution panels; Reduced performance, limited lifespan, and low quality of electrical equipment; Absence of energy storage systems; Inadequate or insufficient SCADA (Supervisory Control and Data Acquisition) systems; Lack of robust cybersecurity measures or programs; Insufficient maintenance activities or poor-quality repair interventions; Human operational errors in the management or control of the PV plant and associated electrical networks; Acts of vandalism, theft, or intentional sabotage; Insufficient investment in infrastructure and system development; Incorrect system configuration of PV panels, inverters, transformers, and power evacuation lines; Improper operational or switching actions performed by operational or dispatch personnel; Lack of adequately trained or specialized operational staff; Poor or insufficient communication with territorial energy dispatch centers or the national energy dispatcher; Absence of standardized operating procedures for crisis situations; Non-compliance with, or lack of knowledge of, national and European regulations in the event of major incidents (e.g., blackouts); Insufficient training in risk management practices; Inadequate physical security of PV installations.	1. Very low	1. Very low
	2. Low	2. Low
	3. Average	3. Average
	4. High	4. High
	5. Very high	5. Very high

Table 17. Event-tree example.

Step	Event	Probability
A	Severe winter peak stress occurs	0.08/year
B	Major 400 kV line or substation outage during stress	0.12
C	N-1 criterion not maintained after outage	0.25
D	Protection/cascading trips propagate	0.15
E	Under-frequency load shedding fails or is insufficient	0.20

Table 19. Event (before/after).

Event	Before	After
Cascading propagation	0.15	0.07
Load shedding failure	0.20	0.10

Table 20. Bus and component.

Bus	Component	P [MW]	Q [MVar]
1	Grid/slack	Balance	Balance
2	Commercial load	1.00	0.35
3	Residential load + PV	0.15 net	0.25
4	Industrial load + diesel	0.30 net	0.40
5	EV load + battery	0.20 net	0.15

Table 21. Line.

Line	R [Ω]	X [Ω]
1–2	0.30	0.40
2–3	0.20	0.30
2–4	0.25	0.35
4–5	0.15	0.25

Table 22. Generation assumptions.

Source	Rating	Operating Point
PV	0.60 MW	unity PF
Diesel generator	0.90 MW	voltage/frequency support
Battery	0.50 MW/1 MWh	0.40 MW discharge

Table 23. Bus (voltage and angle deg).

Bus	Voltage	Angle Deg
1	1.0000	0.000
2	0.9950	−0.095
3	0.9944	−0.094
4	0.9933	−0.107
5	0.9929	−0.115

Table 24. Bus.

Bus	Voltage
1	1.0000
2	0.9933
3	0.9922
4	0.9911
5	0.9905

Table 25. Parameter.

Parameter	Value
Nominal frequency	50 Hz
Aggregate inertia constant	1.5 s
Available islanded generation	2.0 MW
Load damping	0.8 MW/Hz
Droop response	0.8 MW/Hz
Disturbance	sudden 0.6 MW generation loss

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Fita, N.D.; Obretenova, M.I.; Marcu, M.D.; Olteanu, C.R.; Popescu, F.G.; Manafu, M.G.; Muresan-Grecu, F.; Schiopu, A.M.; Diodiu, I.L.; Nicola, A.; et al. Risk Management of Microgrids in Power System for Enhanced Energy Security and National Resilience. Electronics 2026, 15, 2397. https://doi.org/10.3390/electronics15112397

AMA Style

Fita ND, Obretenova MI, Marcu MD, Olteanu CR, Popescu FG, Manafu MG, Muresan-Grecu F, Schiopu AM, Diodiu IL, Nicola A, et al. Risk Management of Microgrids in Power System for Enhanced Energy Security and National Resilience. Electronics. 2026; 15(11):2397. https://doi.org/10.3390/electronics15112397

Chicago/Turabian Style

Fita, Nicolae Daniel, Mila Ilieva Obretenova, Marius Daniel Marcu, Constantin Razvan Olteanu, Florin Gabriel Popescu, Marius Gheorghe Manafu, Florin Muresan-Grecu, Adrian Mihai Schiopu, Ioan Lucian Diodiu, Aurelian Nicola, and et al. 2026. "Risk Management of Microgrids in Power System for Enhanced Energy Security and National Resilience" Electronics 15, no. 11: 2397. https://doi.org/10.3390/electronics15112397

APA Style

Fita, N. D., Obretenova, M. I., Marcu, M. D., Olteanu, C. R., Popescu, F. G., Manafu, M. G., Muresan-Grecu, F., Schiopu, A. M., Diodiu, I. L., Nicola, A., Popescu, G., & Radu, A. A. (2026). Risk Management of Microgrids in Power System for Enhanced Energy Security and National Resilience. Electronics, 15(11), 2397. https://doi.org/10.3390/electronics15112397

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Menu

Risk Management of Microgrids in Power System for Enhanced Energy Security and National Resilience

Abstract

1. Introduction

2. State of Art

2.1. PESTEL Analysis

2.2. SWOT Analysis

3. Microgrids—Elements of Ensuring Energy Security and Resilience

3.1. Definitions & Core Concepts

3.2. Key Structural Elements of Microgrids

3.3. Mechanisms Ensuring Energy Security & Resilience

3.4. Benefits for Energy Security and Resilience

3.5. Challenges and Research Directions

3.6. Conclusion

4. Energy Security Assessment—Risk Management

4.1. Risk Scenario: 400 kV Power Substation Sequence of Technical Incidents—NPS (Blackout)

4.2. Risk Scenario: Natural Disaster of National Power System—NPS → Blackout

4.3. Risk Scenario: 400 kV Power Substation Terrorist Attack → Blackout

4.4. Risk Scenario: 400 kV Power Substation Sabotaje → Blackout

4.5. Simplified Illustrative Probabilistic Risk Analysis (PRA) for a Blackout in the Romanian Power System

4.6. Representative Microgrid Model

4.7. Key Findings:

4.8. Large-Scale Risk-Based Simulation Scenarios for Microgrid Resilience Assessment

4.9. Comparison with Recent Resilience Assessment and Microgrid Risk Management Studies

5. Energy Security Strategy for Enhancing the Resilience of the Romanian Power System

5.1. Technical Solutions (Grid Modernization & Operational Resilience)

5.2. Cybersecurity Solutions (Critical Infrastructure Protection)

5.3. Physical Security and Critical Infrastructure Protection

5.4. System Operation and Control Resilience

5.5. Market and Structural Resilience Solutions

5.6. Regional and EU Integration Solutions

5.7. Governance, Policy, and Institutional Solutions

5.8. Modeling and Analysis of Cyber–Physical Coupling Mechanisms in Microgrids

5.8.1. Problem Context

5.8.2. Proposed Realistic Microgrid Architecture

5.8.3. Cyber–Physical Coupling Model

5.8.4. Dynamic State-Space Model

5.8.5. Real Coupling Mechanisms

5.8.6. Cascading Failure Analysis

5.8.7. Quantitative Risk Assessment

5.8.8. National Resilience Perspective

5.9. Conclusion

6. Conclusions

Author Contributions

Funding

Data Availability Statement

Conflicts of Interest

References

Share and Cite

Article Metrics

Article Access Statistics

Further Information

Guidelines

MDPI Initiatives

Follow MDPI