Risks of Practicing Large Language Models in Smart Grid: Threat Modeling and Validation
Jiangnan Li, Yingyuan Yang, Jinyuan Sun
TL;DR
This work addresses the security risks of deploying large language models in smart grids by formalizing two threat models: bad data injection and domain knowledge extraction. It presents a threat-analysis framework grounded in the prompt-based operation of LLMs and validates the models across multiple popular LLMs (e.g., GPT-3.5, GPT-4, Gemini 2.0, LLaMA-3, DeepSeek-V3) using real grid data. Validation shows attackers can inject misleading inputs to degrade classification performance and can extract domain knowledge under crafted prompts, highlighting practical vulnerabilities in smart-grid contexts. The authors open-source data, code, and results to spur further research and defense development, signaling a need for robust prompt governance and secure deployment practices in critical infrastructure. The work provides a concrete, actionable baseline for evaluating and mitigating LLM-related risks in smart grids.
Abstract
Large language models (LLMs) represent significant breakthroughs in artificial intelligence and hold potential for applications within smart grids. However, as demonstrated in previous literature, AI technologies are susceptible to various types of attacks. It is crucial to investigate and evaluate the risks associated with LLMs before deploying them in critical infrastructure like smart grids. In this paper, we systematically evaluated the risks of LLMs and identified two major types of attacks relevant to potential smart grid LLM applications, presenting the corresponding threat models. We validated these attacks using popular LLMs and real smart grid data. Our validation demonstrates that attackers are capable of injecting bad data and retrieving domain knowledge from LLMs employed in different smart grid applications.