Modern power systems are subjected to natural disruptions and cyberattacks, both of which have the potential to have catastrophic consequences on the grid’s stability and security. Besides, due to the sophistication of cyber-physical threats, including techniques like false data injection and command tampering, comprehensive detection strategies to counter the vulnerabilities have become an absolute necessity. Traditional detection methods are inherently constrained in their capabilities since they treat physical failures and cyber intrusions as independent problems and use unclear models that hardly suffice for the enormous trustworthiness required in making high-stakes decisions. This study presents a heterogeneous data-driven framework that seeks to unify disturbance and intrusion detection using time-synchronized measurements. This framework utilizes advanced pre-processing techniques, multi-strategy feature selection approaches, and ensemble machine learning model implementations, all of which were optimized using Optuna. The framework employed permutation SHAP to enhance explainability and transparency by delivering interpretable insights regarding feature contributions. The experiments performed across 37 different event scenarios in binary, three-class, and multi-class settings prove the superior performance of the proposed framework. The best models showed precision, recall, F1-score, accuracy, and specificity exceeding 96%. Besides, the average performance across the aggregated datasets surpassed 93%. These results prove the effectiveness and the practicality of the framework toward the awareness and resilience of the smart grid, serving as an interpretable and scalable approach to countering ever-evolving cyber-physical threats.
Farsi et al. (Thu,) studied this question.