Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Impact of Data Poisoning Attacks on Feasibility and Optimality of Neural Power System Optimizers

Nora Agah, Meiyi Li, Javad Mohammadi

TL;DR

This paper investigates the resilience of ML-based DC-OPF proxies to data poisoning attacks, comparing a penalty-based method, DC3 post-repair, and LOOP-LC direct mapping. By applying white-box perturbations to training data and evaluating optimality and feasibility, the study reveals that LOOP-LC maintains feasibility under attack while suffering some optimality degradation, whereas DC3 and the penalty method exhibit notable feasibility violations and longer computation times. The findings demonstrate that hard feasibility enforcement and adversarially robust training are critical for reliable neural power system optimizers in adversarial environments. Overall, the work provides a structured assessment framework and actionable guidance for enhancing the security and reliability of ML-driven grid optimization tools.

Abstract

The increased integration of clean yet stochastic energy resources and the growing number of extreme weather events are narrowing the decision-making window of power grid operators. This time constraint is fueling a plethora of research on Machine Learning-, or ML-, based optimization proxies. While finding a fast solution is appealing, the inherent vulnerabilities of the learning-based methods are hindering their adoption. One of these vulnerabilities is data poisoning attacks, which adds perturbations to ML training data, leading to incorrect decisions. The impact of poisoning attacks on learning-based power system optimizers have not been thoroughly studied, which creates a critical vulnerability. In this paper, we examine the impact of data poisoning attacks on ML-based optimization proxies that are used to solve the DC Optimal Power Flow problem. Specifically, we compare the resilience of three different methods-a penalty-based method, a post-repair approach, and a direct mapping approach-against the adverse effects of poisoning attacks. We will use the optimality and feasibility of these proxies as performance metrics. The insights of this work will establish a foundation for enhancing the resilience of neural power system optimizers.

Impact of Data Poisoning Attacks on Feasibility and Optimality of Neural Power System Optimizers

TL;DR

This paper investigates the resilience of ML-based DC-OPF proxies to data poisoning attacks, comparing a penalty-based method, DC3 post-repair, and LOOP-LC direct mapping. By applying white-box perturbations to training data and evaluating optimality and feasibility, the study reveals that LOOP-LC maintains feasibility under attack while suffering some optimality degradation, whereas DC3 and the penalty method exhibit notable feasibility violations and longer computation times. The findings demonstrate that hard feasibility enforcement and adversarially robust training are critical for reliable neural power system optimizers in adversarial environments. Overall, the work provides a structured assessment framework and actionable guidance for enhancing the security and reliability of ML-driven grid optimization tools.

Abstract

The increased integration of clean yet stochastic energy resources and the growing number of extreme weather events are narrowing the decision-making window of power grid operators. This time constraint is fueling a plethora of research on Machine Learning-, or ML-, based optimization proxies. While finding a fast solution is appealing, the inherent vulnerabilities of the learning-based methods are hindering their adoption. One of these vulnerabilities is data poisoning attacks, which adds perturbations to ML training data, leading to incorrect decisions. The impact of poisoning attacks on learning-based power system optimizers have not been thoroughly studied, which creates a critical vulnerability. In this paper, we examine the impact of data poisoning attacks on ML-based optimization proxies that are used to solve the DC Optimal Power Flow problem. Specifically, we compare the resilience of three different methods-a penalty-based method, a post-repair approach, and a direct mapping approach-against the adverse effects of poisoning attacks. We will use the optimality and feasibility of these proxies as performance metrics. The insights of this work will establish a foundation for enhancing the resilience of neural power system optimizers.

Paper Structure

This paper contains 20 sections, 4 equations, 4 figures, 1 table.

Table of Contents

  1. Introduction
  2. Motivation
  3. Literature Review
  4. Contribution
  5. Problem formulation
  6. Optimal Power Flow
  7. ML-based Optimization Proxies
  8. Poisoning Attack Implementation
  9. Formulating the Poisoning Attack Strategy
  10. Poisoning Optimization Proxies
  11. Penalty Method
  12. Deep Constraint Completion and Correction (DC3) Method
  13. Learning to Optimize the Optimization Process with Linear Constraints (LOOP--LC) Method
  14. Results
  15. Simulation Setup
  16. ...and 5 more sections

Figures (4)

  • Figure 1: Poisoning the workflow of Penalty methods.
  • Figure 2: Poisoning the workflow of the DC3 method.
  • Figure 3: Poisoning the workflow of the $\mathcal{LOOP-LC}$ method.
  • Figure 4: Plots of the error for each method (Penalty, $\mathcal{LOOP-LC}$, and DC3) for both (left) optimality and (right) feasibility, versus perturbation amount, with a bound of 0.75. The values above the green feasibility line are infeasible. The red "x" represents the unperturbed case. In the Penalty and DC3 methods, all results other than the unperturbed case are infeasible, while $\mathcal{LOOP-LC}$ maintains feasibility across all cases.