Critical energy infrastructures (CEIs) are fundamental pillars for economic and social development. However, their accelerated digitalization and the convergence between operational technologies (OTs) and information technologies (ITs) have increased their exposure to advanced cyber threats. This study examines the evolution of OT cybersecurity models with artificial intelligence in the energy sector between 2015 and 2024, through a systematic literature review following a four-phase method (planning, development, results, and analysis). To this end, we answer the following questions about the aspects of CEI cybersecurity models: What models exist? What energy services, technical means, and facilities do they encompass? And what algorithms do they include? From an initial set of 1195 articles, 52 studies were selected, which allowed us to identify 49 cybersecurity models classified into seven functional categories: detection, prediction and explanation; risk management; regulatory compliance; collaboration; response and recovery; architecture-based protection; and simulation. These models are related to 10 energy services, 6 technical means, 10 types of critical facilities, and 15 AI algorithms applied transversally. Furthermore, the integrated and systemic relationship of these study aspects has been identified in an IT-OT cybersecurity model for CEIs. The results show a transition from conventional approaches to solutions based on machine learning, deep learning, federated learning, and blockchain. Algorithms such as CNN, RNN, DRL, XAI, and FL are highlighted, which enhance proactive detection and operational resilience. A broader coverage is also observed, ranging from power plants to smart grids. Finally, five key challenges are identified: legacy OT environments, lack of interoperability, advanced threats, emerging IIoT and quantum computing risks, and low adoption of emerging technologies.
Casavilca et al. (Sun,) studied this question.