Federated learning for cyber attack detection to enhance security in protection schemes of cyber-physical energy systems

Abstract

Cyber-attacks increasingly target the protection systems that safeguard cyber-physical energy systems (CPES), making it more difficult to deliver security and reliability requirements. The protection schemes in power grids, which depend on real-time forecasts from digital relays and Apple devices, require detection of physical faults and, simultaneously, malicious cyber attacks. This paper developed a decentralized federated learning-based framework to assist with the detection of cyber attacks in the protection schemes of cyber-physical energy systems (CPES), with the goals of privacy preservation and scalability. Attention was paid to the whole range of threats, including false data injection (FDI), man-in-the-middle, replay, and denial of service (DoS) across distributed substations without centralization of raw datasets. A lightweight neural network model was trained locally before being aggregated using federated averaging to develop a collaborative approach to learning across multiple substations. Based on the 3-machine, 9 bus case, simulations were run with synthetic attack datasets. The proposed method achieved an average detection accuracy of 96.7% while also preserving the confidentiality and non-disclosure of data. The study also highlighted some of the challenges related to implementation, conceptual drift, and the computational limits of hosting the solution, thereby providing a better understanding of planning and deploying the solution in smart grid applications.