In the past, the smart grid network was only used for electricity distribution. Today, the smart grid does not only transport energy, but it also functions as a data network (exchanging messages) with electricity (to power devices) as its by-product. In other words, the smart grid now goes beyond the power plan. It has become the ultimate-grade critical infrastructure: a power outage can have a direct impact on the availability of other critical services (e.g. transport, finance, communication, water supply services).
The smart grid poses exciting opportunities, but it needs to be properly protected. Today, home appliances are also connected to it, which means there is more for attackers to access. With the risk of high-profile attacks comes the need for in-depth threat modelling and protection. International standards like SESIP, 62443 and Common Criteria, and regulations, like the EU Cybersecurity Act (CSA) offer cybersecurity frameworks in the Electrical Power and Energy System (EPES) and the rest of the smart grid ecosystem, creating a common language for deploying and understanding security.