The Hidden Crisis in Power Delivery: Your Devices Don’t Fail—Your Software Does

Grid engineers and operating professionals know how durable field equipment is designed to be. Reclosers, relays, controllers, and other critical devices are designed for long service life and deployed in harsh environments. Maintenance focuses on physical wear, thermal limits, and potential failure points.

But another risk threatens grid reliability. Devices can fail due to software weaknesses deliberately manipulated by attackers.

This is the hidden crisis facing grid operations. Connected physical systems introduce new cybersecurity risks that can disable equipment, disrupt visibility and control, and cause outages that appear to be “equipment failures.”

For example, attacks on the energy grid in Ukraine in 2015 and more recently on the Polish energy grid in 2025 demonstrate how attackers can cause significant disruption. Once adversaries can reach operational systems, software can become a control point. And when software becomes the control point, it can also become the failure point.

Risk Begins After Initial Access

The grid is an enticing target for attackers, and initial access can start with compromised credentials, exposed services, vulnerable remote access tools, or third-party connections. But the most operationally significant risk often comes after that first foothold.

Once inside a network, attackers move laterally to look for systems with higher privileges, greater operational impact, or weaker segmentation. In a grid environment, that means pivoting toward devices and systems that directly influence power delivery.

This is where software becomes the weak link. Field devices rely on legacy protocols and long-lived software components with limited patching opportunities. If attackers can exploit software weaknesses in those devices, they can alter behavior, disrupt communications, or prevent operators from monitoring and controlling equipment.

From an operational standpoint, a cyber-induced failure can be just as disruptive as a physical failure. The device may stop responding. Telemetry may drop out. Control commands may fail. Operators may be forced to treat it as an equipment outage—dispatching crews, isolating segments, and operating conservatively—while the root cause is actually software manipulation.

Why Utilities Feel This Pain More Than Most Industries

Many industries can manage software risk through frequent updates and hardware refresh cycles. The grid cannot.

Utility equipment is deployed for long service lives, often across remote and geographically dispersed environments. Maintenance windows are limited. Uptime requirements are strict. Systems must operate safely and deterministically. And the grid is rarely uniform, as new digital assets coexist with older infrastructure, creating mixed generations of technology and uneven security capabilities.

Grid operators face a difficult reality that software risk increases over time, but replacing devices may not be practical. Even when software patches are available, applying them can be operationally complex. Some devices may not support modern security controls. Others may require extensive validation before updates can be deployed.

The result is a reliability gap. Physical reliability is well understood and engineered for. Software reliability in an adversarial environment is harder to maintain, especially over decades.

Steps to Improve Device Resilience

Historically, cybersecurity in OT environments has not been given its due. Today, the industry recognizes that cyber resilience is essential to grid reliability.

Thinking about devices, the question utilities need to ask is not “Can we prevent every intrusion?” but “Can we keep critical devices operating safely even if an intrusion occurs?”

Step 1. Track software just like physical devices

Software needs to be tracked and maintained just as physical assets are. Knowing what firmware and software versions are deployed, where they are, and which devices are most critical to operations is the first step to resilience. You can’t manage risk you can’t see.

That visibility should also include maintaining and reviewing Software Bills of Materials (SBOMs) for critical devices. SBOMs provide insight into third-party and open-source components embedded in systems, many of which originate in the software supply chain. Requiring SBOMs from vendors helps utilities quickly assess exposure when new vulnerabilities are disclosed and prioritize mitigation efforts with confidence.

Step 2. Reduce pathways to critical devices

Segmentation is one of the most effective ways to contain incidents. Separate IT and OT environments and create internal OT zones to limit lateral movement. Also, make sure the basics are in place, like restricting remote access, enforcing strong authentication, and monitoring for unusual access patterns.

Step 3. Look to security beyond software patching

In many OT environments, “just patch it” is not a realistic plan. There’s growing interest in controls that protect devices in the field, even before patches are available, by eliminating critical software bugs.

Additionally, reduce exposure by disabling unnecessary services, tightening configurations, and hardening interfaces. When patching must be delayed, compensating controls are essential.

Step 4. Strengthen the software lifecycle for long-lived devices

Utilities and suppliers can work to design secure devices, including stronger update validation and better assurance that embedded software is resistant to common classes of exploitation. The goal is to reduce the likelihood that a software weakness becomes a remote takeover path.

Step 5. Plan for recovery

Even strong defenses can’t guarantee that a compromise won’t happen. Resilience means designing systems that fail safely, restoring devices quickly, and pressure-testing response procedures. Practicing recovery reduces downtime when it matters most.

Devices are built to last. The challenge is to make software last just as long, even in the face of determined adversaries. With the right focus on device software security, we can reduce operational risk and improve energy resilience.