Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Leveraging Conversational Generative AI for Anomaly Detection in Digital Substations

Aydin Zaboli, Seong Lok Choi, Junho Hong

Abstract

This study addresses critical challenges of cybersecurity in digital substations by proposing an innovative task-oriented dialogue (ToD) system for anomaly detection (AD) in multicast messages, specifically, generic object oriented substation event (GOOSE) and sampled value (SV) datasets. Leveraging generative artificial intelligence (GenAI) technology, the proposed framework demonstrates superior error reduction, scalability, and adaptability compared with traditional human-in-the-loop (HITL) processes. Notably, this methodology offers significant advantages over machine learning (ML) techniques in terms of efficiency and implementation speed when confronting novel and/or unknown cyber threats, while also maintaining model complexity and precision. The research employs advanced performance metrics to conduct a comparative assessment between the proposed AD and HITL-based AD frameworks, utilizing a hardware-in-the-loop (HIL) testbed for generating and extracting features of IEC61850 communication messages. This approach presents a promising solution for enhancing the reliability of power system operations in the face of evolving cybersecurity challenges.

Leveraging Conversational Generative AI for Anomaly Detection in Digital Substations

Abstract

This study addresses critical challenges of cybersecurity in digital substations by proposing an innovative task-oriented dialogue (ToD) system for anomaly detection (AD) in multicast messages, specifically, generic object oriented substation event (GOOSE) and sampled value (SV) datasets. Leveraging generative artificial intelligence (GenAI) technology, the proposed framework demonstrates superior error reduction, scalability, and adaptability compared with traditional human-in-the-loop (HITL) processes. Notably, this methodology offers significant advantages over machine learning (ML) techniques in terms of efficiency and implementation speed when confronting novel and/or unknown cyber threats, while also maintaining model complexity and precision. The research employs advanced performance metrics to conduct a comparative assessment between the proposed AD and HITL-based AD frameworks, utilizing a hardware-in-the-loop (HIL) testbed for generating and extracting features of IEC61850 communication messages. This approach presents a promising solution for enhancing the reliability of power system operations in the face of evolving cybersecurity challenges.

Paper Structure

This paper contains 6 sections, 16 equations, 4 figures, 1 table.

Table of Contents

  1. Introduction
  2. Substation Cyber Imperatives
  3. GOOSE and SV Dataset Features & Rules
  4. A Novel Anomaly Detection System Paradigm: Integrating GenAI with Task-Oriented Dialogue
  5. Results and Discussion
  6. Conclusion and Future Directions

Figures (4)

  • Figure 1: A general framework of interactive GenAI-based AD process.
  • Figure 2: Advancing multicast messages security: A GenAI-based ToD System for the AD process.
  • Figure 3: A comparative assessment of GenAI-based HITL and the proposed framework: Insights from advanced metrics applied to GOOSE and SV datasets.
  • Figure 4: Accuracy metrics for various models based on training levels.