Co esponding au ho : Es he Chinwe Eze
Copy igh © 2025 Au ho (s) e ain he copy igh o his a icle. This a icle is published unde he e ms o he C ea i e Commons A ibu ion Liscense 4.0.
AI-based h ea de ec ion in c i ical in as uc u e: A case s udy on sma g ids
Es he Chinwe Eze 1, *, G ace A. Du o olu 2, Fen Danjuma John 3 and Shaki a O. Raji 4
1 In o ma ion Science, Uni e si y o No h Texas, Uni ed S a es.
2 Compu e Science, T oy Uni e si y, Uni ed S a es.
3 School o Compu ing, Robe Go don Uni e si y, Uni ed Kingdom
4 College o Technology, Da enpo Uni e si y, Uni ed S a es.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
Publica ion his o y: Recei ed on 04 June 2025; e ised on 12 July 2025; accep ed on 14 July 2025
A icle DOI: h ps://doi.o g/10.30574/wja .2025.27.1.2655
Abs ac
The mode niza ion o elec ical powe sys ems h ough sma g id echnologies has in oduced unp eceden ed
oppo uni ies o enhanced e iciency, eliabili y, and sus ainabili y. Howe e , his digi al ans o ma ion has also
expanded he a ack su ace o cybe h ea s, making c i ical in as uc u e inc easingly ulne able o sophis ica ed
cybe a acks. This pape examines he applica ion o a i icial in elligence (AI) and machine lea ning (ML) echnologies
o h ea de ec ion in sma g id sys ems wi hin he Uni ed S a es con ex . Th ough a comp ehensi e analysis o cu en
deploymen scena ios, h ea landscapes, and AI-d i en secu i y amewo ks, his s udy demons a es how in elligen
sys ems can enhance he esilience o c i ical in as uc u e. The esea ch p esen s empi ical da a om majo U.S.
u ili ies, e alua es he e ec i eness o a ious AI algo i hms in de ec ing anomalous beha io , and p o ides
ecommenda ions o implemen ing obus AI-based secu i y solu ions in sma g id en i onmen s.
Keywo ds: Sma G ids; A i icial In elligence; Th ea De ec ion; Cybe secu i y; C i ical In as uc u e; Machine
Lea ning; Anomaly De ec ion
1. In oduc ion
The Uni ed S a es elec ical g id se es as he backbone o mode n socie y, suppo ing e e y hing om esiden ial
ligh ing o indus ial manu ac u ing and c i ical se ices. As o 2024, he U.S. powe g id consis s o o e 7,300 powe
plan s, 160,000 miles o high- ol age ansmission lines, and millions o low- ol age dis ibu ion lines se ing 150
million cus ome s na ionwide. The ansi ion om adi ional elec ical g ids o sma g ids ep esen s one o he mos
signi ican in as uc u e mode niza ion e o s in Ame ican his o y, wi h he Depa men o Ene gy in es ing o e $4.5
billion in sma g id p ojec s since 2009.
Sma g ids in eg a e ad anced digi al echnologies, including supe iso y con ol and da a acquisi ion (SCADA)
sys ems, ad anced me e ing in as uc u e (AMI), and In e ne o Things (IoT) de ices, o c ea e a mo e e icien ,
eliable, and sus ainable elec ical ne wo k. These sys ems enable bidi ec ional communica ion be ween u ili ies and
consume s, eal- ime moni o ing o g id condi ions, and au oma ed esponse o dis u bances. Howe e , his inc eased
connec i i y and digi iza ion ha e c ea ed new ulne abili ies ha adi ional secu i y measu es a e inadequa e o
add ess, as highligh ed by Alca az and Zeadally (2014) in hei examina ion o c i ical in as uc u e p o ec ion
equi emen s.
The cybe secu i y landscape o c i ical in as uc u e has e ol ed d ama ically, wi h s a e-sponso ed ac o s, c iminal
o ganiza ions, and hack i is g oups inc easingly a ge ing u ili y sys ems. Gunduz and Das (2020) emphasize ha he
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1366
cybe -secu i y h ea s acing sma g ids ha e become inc easingly sophis ica ed, necessi a ing ad anced
coun e measu es. No able inciden s include he 2015 and 2016 a acks on Uk aine's powe g id, he 2020 Sola Winds
supply chain a ack a ec ing mul iple U.S. go e nmen agencies and u ili ies, and he 2021 Colonial Pipeline
ansomwa e a ack ha dis up ed uel supplies ac oss he Eas e n Uni ed S a es. These a acks demons a e he c i ical
ulne abili y o mode n elec ical in as uc u e o cybe h ea s.
A i icial in elligence and machine lea ning echnologies o e p omising solu ions o enhancing h ea de ec ion
capabili ies in sma g id en i onmen s. These echnologies can analyze as amoun s o da a gene a ed by sma g id
componen s, iden i y pa e ns indica i e o malicious ac i i y, and espond o h ea s in eal- ime. This pape examines
he cu en s a e o AI-based h ea de ec ion in U.S. sma g ids, e alua es he e ec i eness o a ious app oaches, and
p o ides insigh s in o u u e de elopmen s in his c i ical ield.
2. Li e a u e Re iew
The in e sec ion o a i icial in elligence and cybe secu i y in c i ical in as uc u e has gained signi ican a en ion in
ecen yea s. The applica ion o machine lea ning app oaches o powe sys em secu i y has demons a ed subs an ial
po en ial o ans o ming h ea de ec ion capabili ies. Alimi e al. (2020) conduc ed a comp ehensi e e iew o
machine lea ning app oaches o powe sys em secu i y and s abili y, highligh ing how AI echnologies can signi ican ly
enhance he secu i y pos u e o elec ical g ids. Thei analysis e ealed ha machine lea ning algo i hms could achie e
ema kable de ec ion accu acies o a ious ypes o cybe a acks agains powe sys ems.
Recen esea ch has ocused on he deploymen o AI-based in usion de ec ion sys ems in u ili y o ganiza ions. Mallidi
and Ramise y (2025) examined ad ancemen s in aining and deploymen s a egies o AI-based in usion de ec ion
sys ems in IoT en i onmen s, inding ha o ganiza ions implemen ing ad anced machine lea ning echniques
expe ienced signi ican ly ewe success ul cybe a acks compa ed o hose elying solely on adi ional secu i y
measu es. This esea ch unde sco es he p ac ical bene i s o in eg a ing AI echnologies in o u ili y secu i y
amewo ks.
The de elopmen o specialized de ec ion amewo ks o sma g id en i onmen s has shown pa icula ly p omising
esul s. Zhang e al. (2021) de eloped a semi-supe ised deep lea ning app oach o de ec ing alse da a injec ion
a acks in sma g ids, achie ing ema kably low alse posi i e a es. Thei wo k demons a ed ha ad anced deep
lea ning echniques could e ec i ely iden i y sophis ica ed a ack pa e ns while minimizing dis up ion o no mal g id
ope a ions. Simila ly, Huang e al. (2022) employed a en ion-awa e deep ein o cemen lea ning echniques o de ec
alse da a injec ion a acks, showcasing he po en ial o ad anced AI me hodologies in g id secu i y applica ions.
The Na ional Ins i u e o S anda ds and Technology has been ins umen al in de eloping cybe secu i y amewo ks o
c i ical in as uc u e. The NIST Cybe secu i y F amewo k 2.0, eleased in 2024, emphasizes he impo ance o
con inuous moni o ing and adap i e secu i y measu es, which align closely wi h AI-d i en app oaches o h ea
de ec ion (Na ional Ins i u e o S anda ds and Technology, 2024). This amewo k p o ides essen ial guidance o
implemen ing comp ehensi e secu i y measu es ha le e age a i icial in elligence capabili ies.
P i acy-p ese ing app oaches o collabo a i e h ea de ec ion ha e eme ged as a c i ical a ea o esea ch. T uong e
al. (2021) explo ed p i acy p ese a ion in ede a ed lea ning om he GDPR pe spec i e, p o iding insigh s in o
main aining da a p i acy while enabling collabo a i e secu i y measu es. Building on his ounda ion, Alazab e al.
(2023) demons a ed how ede a ed lea ning echniques could be applied o enhance p i acy-p ese ing in usion
de ec ion sys ems. Thei indings sugges ha ede a ed app oaches can imp o e de ec ion accu acy by 15-20%
compa ed o isola ed sys ems while p ese ing sensi i e ope a ional da a, making hem pa icula ly aluable o u ili y
o ganiza ions ha mus balance secu i y needs wi h egula o y compliance equi emen s.
The comp ehensi e analysis o AI-based app oaches in in usion de ec ion has e ealed bo h oppo uni ies and
challenges. Munee e al. (2024) p o ided a c i ical e iew o a i icial in elligence-based app oaches in in usion
de ec ion, o e ing comp ehensi e analysis o cu en me hodologies and u u e di ec ions. Thei wo k highligh ed he
impo ance o add essing ad e sa ial a acks agains machine lea ning sys ems, a conce n ha has become inc easingly
ele an as AI-based secu i y sys ems become mo e widesp ead.
The secu i y o machine lea ning sys ems hemsel es has become a c ucial conside a ion in he deploymen o AI-based
h ea de ec ion. Biggio and Roli (2018) examined wild pa e ns and ad e sa ial machine lea ning, highligh ing
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1367
ulne abili ies ha could be exploi ed by sophis ica ed a acke s. Wang e al. (2019) u he explo ed he secu i y o
machine lea ning in ad e sa ial se ings, p o iding a comp ehensi e su ey o po en ial h ea s and mi iga ion
s a egies. These s udies emphasize he need o obus AI sys ems ha can wi hs and ad e sa ial a acks while
main aining hei e ec i eness in de ec ing legi ima e h ea s.
The modeling and analysis o cybe -physical a acks on sma g id sys ems ha e p o ided aluable insigh s in o a ack
ec o s and de ense s a egies. Chen e al. (2011) de eloped Pe i Ne models o analyzing cybe -physical a acks on
sma g ids, o e ing a amewo k o unde s anding he complex in e ac ions be ween cybe and physical componen s
in mode n elec ical sys ems. This wo k has been ins umen al in in o ming he design o AI-based de ec ion sys ems
ha can iden i y a acks a ge ing bo h cybe and physical in as uc u e componen s.
Recen de elopmen s in sma g id cybe secu i y ha e been comp ehensi ely examined by Achaal e al. (2024), who
conduc ed a ho ough s udy o sma g id cybe -secu i y, examining a chi ec u es, communica ion ne wo ks, cybe -
a acks, and coun e measu e echniques. Thei esea ch iden i ied key challenges and oppo uni ies o implemen ing
AI-based secu i y measu es in sma g id en i onmen s, p o iding a oadmap o u u e esea ch and de elopmen
e o s.
The applica ion o ad anced machine lea ning echniques o powe sys ems has shown pa icula p omise in he a ea
o alse da a injec ion de ec ion. Eseosa and Ikposhi (2021) e iewed machine lea ning applica ions o powe sys ems
s udies, demons a ing he b oad applicabili y o AI echnologies ac oss a ious aspec s o powe sys em ope a ion and
secu i y. Thei wo k highligh ed he po en ial o machine lea ning o enhance no only h ea de ec ion bu also o e all
sys em eliabili y and e iciency.
The in eg a ion o deep lea ning echniques wi h adi ional cybe secu i y app oaches has opened new possibili ies o
h ea de ec ion in sma g ids. Chen e al. (2016) explo ed deep ea u e ex ac ion and classi ica ion echniques using
con olu ional neu al ne wo ks, p o iding ounda ional insigh s ha ha e been adap ed o cybe secu i y applica ions.
Zhang e al. (2019) u he de eloped deep lea ning-based ecommende sys ems, demons a ing me hodologies ha
can be applied o h ea in elligence and secu i y ecommenda ion sys ems in sma g id en i onmen s.
This li e a u e e iew demons a es ha AI-based h ea de ec ion in sma g ids ep esen s a apidly e ol ing ield
wi h signi ican po en ial o enhancing he secu i y o c i ical in as uc u e. The con e gence o ad anced machine
lea ning echniques, p i acy-p ese ing echnologies, and comp ehensi e secu i y amewo ks p o ides a ounda ion
o de eloping obus and e ec i e h ea de ec ion sys ems ha can add ess he e ol ing cybe secu i y challenges
acing mode n elec ical g ids.
3. Me hodology
This s udy employs a mixed-me hods app oach combining quan i a i e analysis o cybe secu i y inciden da a,
quali a i e in e iews wi h indus y p o essionals, and echnical e alua ion o AI-based h ea de ec ion sys ems. Da a
collec ion in ol ed pa ne ships wi h i e majo U.S. u ili ies ep esen ing di e en geog aphic egions and se ing
popula ions anging om 500,000 o 5 million cus ome s.
The esea ch me hodology included se e al key componen s:
• Da a Collec ion and Analysis: Cybe secu i y inciden epo s om he Depa men o Homeland Secu i y's
Indus ial Con ol Sys ems Cybe Eme gency Response Team (ICS-CERT) we e analyzed o he pe iod 2020-
2024. Addi ionally, ope a ional da a om pa icipa ing u ili ies p o ided insigh s in o he olume and a ie y
o ne wo k a ic, sys em ale s, and de ec ed anomalies.
• Algo i hm E alua ion: Mul iple AI and ML algo i hms we e e alua ed o hei e ec i eness in de ec ing
a ious ypes o cybe h ea s. These included supe ised lea ning app oaches such as andom o es s and
suppo ec o machines, unsupe ised me hods like isola ion o es s and clus e ing algo i hms, and deep
lea ning echniques including con olu ional neu al ne wo ks and ecu en neu al ne wo ks.
• Pe o mance Me ics: The e alua ion amewo k conside ed mul iple pe o mance me ics including
de ec ion accu acy, alse posi i e a es, p ocessing la ency, and esou ce u iliza ion. These me ics we e
assessed unde a ious ope a ional condi ions o ensu e obus ness and p ac ical applicabili y.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1368
• Indus y Valida ion: Findings we e alida ed h ough in e iews wi h cybe secu i y p o essionals om
pa icipa ing u ili ies, as well as expe s om he No h Ame ican Elec ic Reliabili y Co po a ion (NERC) and
he Elec ici y Subsec o Coo dina ing Council (ESCC).
4. Sma G id A chi ec u e and Vulne abili ies
4.1. U.S. Sma G id In as uc u e
The mode n sma g id a chi ec u e in he Uni ed S a es consis s o mul iple in e connec ed laye s, each p esen ing
unique secu i y challenges and oppo uni ies o AI-enhanced p o ec ion. The hie a chical s uc u e includes
gene a ion acili ies, ansmission ne wo ks, dis ibu ion sys ems, and end-use de ices, all coo dina ed h ough
sophis ica ed communica ion and con ol sys ems.
A he gene a ion le el, powe plan s inc easingly ely on digi al con ol sys ems o op imal ope a ion. These sys ems
include dis ibu ed ene gy esou ces (DER) such as sola ins alla ions, wind a ms, and ba e y s o age sys ems. The
in eg a ion o enewable ene gy sou ces has added complexi y o g id ope a ions, equi ing sophis ica ed o ecas ing
and con ol algo i hms ha hemsel es can become a ge s o cybe a acks.
The ansmission sys em, ope a ed by independen sys em ope a o s (ISOs) and egional ansmission o ganiza ions
(RTOs), coo dina es he mo emen o elec ici y ac oss s a e and egional bounda ies. This le el o he g id elies hea ily
on SCADA sys ems and ene gy managemen sys ems (EMS) ha p o ide eal- ime moni o ing and con ol capabili ies.
The No h Ame ican Synch ophaso Ini ia i e has deployed o e 3,000 phaso measu emen uni s (PMUs) ac oss he
U.S. g id, p o iding unp eceden ed isibili y in o sys em condi ions bu also c ea ing addi ional en y poin s o
po en ial a acke s.
Dis ibu ion sys ems, managed by local u ili ies, ha e unde gone signi ican ans o ma ion wi h he deploymen o
ad anced me e ing in as uc u e (AMI), dis ibu ion au oma ion sys ems, and demand esponse p og ams. These
sys ems gene a e eno mous amoun s o da a ha can be le e aged o AI-based h ea de ec ion bu also c ea e a as
a ack su ace ha adi ional secu i y measu es s uggle o p o ec .
4.2. Th ea Landscape Analysis
The cybe secu i y h ea landscape o U.S. sma g ids has e ol ed conside ably o e he pas decade. Analysis o ICS-
CERT inciden epo s e eals se e al key ends in a ack pa e ns and me hodologies a ge ing c i ical in as uc u e.
Table 1 Cybe secu i y Inciden s in U.S. Powe Sec o (2020-2024)
Yea
To al Inciden s
Malwa e
Unau ho ized Access
DoS/DDoS
Spea Phishing
O he
2020
157
23
45
12
38
39
2021
203
31
62
18
47
45
2022
189
28
58
15
43
45
2023
224
35
71
22
52
44
2024
178*
27
55
16
41
39
*Da a h ough Oc obe 2024
The da a e eals a conce ning end o inc easing sophis ica ion in a ack me hodologies. While adi ional malwa e
a acks emain signi ican , he e has been a no able inc ease in ad anced pe sis en h ea s (APTs) and supply chain
a acks. The Sola Winds inciden o 2020 demons a ed how a acke s could comp omise mul iple u ili ies h ough a
single so wa e supplie , highligh ing he in e connec ed na u e o mode n g id in as uc u e.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1369
Figu e 1 E olu ion o A ack Vec o s Agains U.S. Sma G id In as uc u e (2020-2024)
S a e-sponso ed h ea ac o s ha e shown pa icula in e es in c i ical in as uc u e, wi h g oups such as APT33
(El in), D agon ly 2.0, and XENOTIME conduc ing econnaissance and a emp ing o es ablish pe sis ence wi hin u ili y
ne wo ks. These g oups o en employ sophis ica ed echniques including ze o-day exploi s, li ing-o - he-land a acks,
and ad anced e asion me hods ha can bypass adi ional signa u e-based de ec ion sys ems.
The inc easing deploymen o IoT de ices in sma g id en i onmen s has c ea ed addi ional ulne abili ies. A s udy
conduc ed by he Depa men o Ene gy in 2023 iden i ied o e 2.3 million connec ed de ices ac oss pa icipa ing
u ili ies, many o which lacked adequa e secu i y con ols o egula so wa e upda es. These de ices o en se e as
ini ial en y poin s o a acke s seeking o mo e la e ally h ough u ili y ne wo ks.
5. AI-Based Th ea De ec ion F amewo k
5.1. A chi ec u al O e iew
The implemen a ion o AI-based h ea de ec ion in sma g id en i onmen s equi es a comp ehensi e amewo k ha
add esses he unique cha ac e is ics and equi emen s o c i ical in as uc u e sys ems. The p oposed amewo k
consis s o mul iple laye s designed o p o ide de ense in dep h while main aining he ope a ional eliabili y essen ial
o powe sys em ope a ions.
The da a inges ion laye collec s in o ma ion om a ious sou ces h oughou he sma g id in as uc u e. This
includes ne wo k a ic da a om communica ion sys ems, ope a ional da a om SCADA and EMS sys ems, senso
eadings om ield de ices, and log iles om secu i y sys ems. The he e ogeneous na u e o his da a equi es
sophis ica ed p ep ocessing and no maliza ion echniques o ensu e compa ibili y wi h downs eam AI algo i hms.
Fea u e ex ac ion and enginee ing ep esen c i ical componen s o he amewo k, as he e ec i eness o machine
lea ning algo i hms depends hea ily on he quali y and ele ance o inpu ea u es. Domain expe ise in powe sys ems
ope a ion is essen ial o iden i ying meaning ul pa e ns and ela ionships ha can indica e malicious ac i i y while
minimizing alse posi i es ha could dis up no mal ope a ions.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1370
The AI engine laye inco po a es mul iple algo i hms wo king in conce o de ec di e en ypes o h ea s. This
ensemble app oach le e ages he s eng hs o a ious echniques while mi iga ing hei indi idual weaknesses. Real-
ime p ocessing capabili ies ensu e ha h ea s can be iden i ied and esponded o wi hin accep able ime ames o
c i ical in as uc u e p o ec ion.
5.2. Machine Lea ning Algo i hms o Th ea De ec ion
The selec ion and op imiza ion o machine lea ning algo i hms o sma g id h ea de ec ion equi es ca e ul
conside a ion o he ope a ional en i onmen and speci ic h ea cha ac e is ics. Di e en ypes o a acks exhibi
dis inc pa e ns ha may be be e de ec ed by pa icula algo i hmic app oaches.
• Supe ised Lea ning App oaches: These me hods equi e labeled aining da a con aining examples o bo h
no mal ope a ions and a ious a ack ypes. Random o es algo i hms ha e shown pa icula e ec i eness in
de ec ing in usion a emp s, achie ing de ec ion a es o 94.2% wi h alse posi i e a es below 3% in
con olled es ing en i onmen s. Suppo ec o machines demons a e s ong pe o mance in classi ying
ne wo k a ic anomalies, pa icula ly when combined wi h app op ia e ke nel unc ions ha can cap u e non-
linea ela ionships in high-dimensional da a.
• Unsupe ised Lea ning Me hods: Gi en he challenge o ob aining comp ehensi e labeled da ase s o all
possible a ack scena ios, unsupe ised app oaches play a c ucial ole in iden i ying no el o p e iously
unknown h ea s. Isola ion o es algo i hms excel a de ec ing ou lie s in ope a ional da a ha may indica e
comp omise o malicious ac i i y. Clus e ing echniques can iden i y g oups o simila beha io s and lag
de ia ions om es ablished pa e ns.
• Deep Lea ning Techniques: Con olu ional neu al ne wo ks (CNNs) ha e demons a ed e ec i eness in
analyzing ne wo k a ic pa e ns and iden i ying sub le indica o s o comp omise ha adi ional me hods
migh miss. Recu en neu al ne wo ks (RNNs), pa icula ly long sho - e m memo y (LSTM) ne wo ks, excel
a de ec ing empo al anomalies in ime-se ies da a gene a ed by sma g id ope a ions.
Table 2 AI Algo i hm Pe o mance Compa ison o Sma G id Th ea De ec ion
Algo i hm
De ec ion Ra e
(%)
False Posi i e Ra e
(%)
P ocessing Time
(ms)
Memo y Usage
(MB)
Random Fo es
94.2
2.8
15.3
245
SVM (RBF
Ke nel)
91.7
3.1
22.7
189
Isola ion Fo es
87.3
4.2
8.9
156
CNN (1D)
96.1
2.1
45.6
512
LSTM
93.8
2.5
67.2
623
Ensemble
Me hod
97.4
1.8
82.1
1,024
5.3. Real-Time P ocessing and Edge Compu ing
The implemen a ion o AI-based h ea de ec ion in sma g id en i onmen s mus add ess he s ingen la ency
equi emen s o c i ical in as uc u e sys ems. Powe sys em ope a ions equi e esponse imes measu ed in
milliseconds o ce ain p o ec i e ac ions, necessi a ing edge compu ing app oaches ha can p ocess da a locally
wi hou elying on cen alized cloud in as uc u e.
Edge compu ing nodes deployed a subs a ions and o he c i ical loca ions can pe o m ini ial h ea analysis using
ligh weigh AI models op imized o esou ce-cons ained en i onmen s. These sys ems can iden i y immedia e h ea s
equi ing u gen esponse while o wa ding de ailed da a o cen alized sys ems o mo e comp ehensi e analysis.
The dis ibu ed a chi ec u e also p o ides esilience bene i s, ensu ing ha h ea de ec ion capabili ies emain
ope a ional e en i communica ion links o cen al acili ies a e comp omised. Fede a ed lea ning echniques enable
hese dis ibu ed sys ems o sha e h ea in elligence while main aining he p i acy and secu i y o sensi i e
ope a ional da a.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1371
6. Case S udy Analysis
6.1. U ili y Implemen a ion Examples
To alida e he e ec i eness o AI-based h ea de ec ion in eal-wo ld en i onmen s, his s udy examines
implemen a ions a i e majo U.S. u ili ies ep esen ing di e en geog aphic egions and ope a ional cha ac e is ics.
The pa icipa ing o ganiza ions se e a combined cus ome base o o e 15 million and ope a e di e se gene a ion
po olios including adi ional ossil uel plan s, nuclea acili ies, and enewable ene gy esou ces.
6.1.1. Case S udy 1: No heas Regional U ili y
A majo no heas e n u ili y se ing 3.2 million cus ome s implemen ed an AI-based h ea de ec ion sys em in 2023
o add ess inc easing cybe secu i y conce ns ela ed o hei ad anced me e ing in as uc u e deploymen . The u ili y
had comple ed AMI ins alla ion o 98% o hei cus ome base, c ea ing a ne wo k o o e 3.2 million connec ed de ices
gene a ing app oxima ely 1.2 e aby es o da a daily.
The implemen ed solu ion u ilized a hyb id app oach combining supe ised and unsupe ised lea ning algo i hms
deployed ac oss mul iple laye s o hei ne wo k in as uc u e. Supe ised algo i hms ained on his o ical inciden
da a p o ided de ec ion capabili ies o known a ack pa e ns, while unsupe ised me hods iden i ied no el anomalies
ha migh indica e p e iously unknown h ea s.
Resul s om he i s yea o ope a ion demons a ed signi ican imp o emen s in h ea de ec ion capabili ies. The
sys em iden i ied 847 secu i y inciden s, o which 156 we e con i med as genuine h ea s equi ing esponse. This
ep esen ed a 73% inc ease in de ec ed h ea s compa ed o hei p e ious signa u e-based in usion de ec ion sys em,
while simul aneously educing alse posi i es by 45%.
6.1.2. Case S udy 2: Wes e n G id Ope a o
A egional ansmission o ganiza ion se ing po ions o se en wes e n s a es deployed AI-enhanced si ua ional
awa eness capabili ies o p o ec hei bulk powe sys em ope a ions. The o ganiza ion ope a es o e 25,000 miles o
ansmission lines and coo dina es he dispa ch o mo e han 80 gigawa s o gene a ion capaci y.
The AI sys em p ocesses da a om o e 1,200 phaso measu emen uni s, wea he moni o ing s a ions, and SCADA
sys ems o de ec anomalies ha migh indica e cybe a acks o physical h ea s. Machine lea ning algo i hms analyze
pa e ns in powe lows, ol age p o iles, and equency measu emen s o iden i y de ia ions om expec ed ope a ing
condi ions.
Du ing a six-mon h e alua ion pe iod, he sys em success ully iden i ied h ee sophis ica ed alse da a injec ion a acks
ha had p e iously gone unde ec ed by con en ional moni o ing sys ems. The a acks in ol ed coo dina ed
manipula ion o senso eadings ac oss mul iple subs a ions in an appa en a emp o igge unnecessa y line ipping
and c ea e cascading ou ages.
6.2. Pe o mance Me ics and Valida ion
The e alua ion o AI-based h ea de ec ion sys ems equi es comp ehensi e me ics ha add ess bo h cybe secu i y
e ec i eness and ope a ional impac on powe sys em eliabili y. T adi ional cybe secu i y me ics such as de ec ion
a es and alse posi i e a es mus be supplemen ed wi h powe sys em-speci ic measu es ha accoun o he c i ical
na u e o elec ical in as uc u e.
6.2.1. De ec ion E ec i eness Me ics:
P ima y pe o mance indica o s include ue posi i e a es (sensi i i y), ue nega i e a es (speci ici y), and o e all
accu acy ac oss di e en h ea ca ego ies. The pa icipa ing u ili ies achie ed a e age de ec ion a es anging om
91.3% o 97.8% o di e en ypes o cybe a acks, wi h ensemble me hods gene ally ou pe o ming indi idual
algo i hms.
False posi i e a es p o ed pa icula ly c i ical in he powe sys em en i onmen , as secu i y ale s ha in e up
no mal ope a ions can ha e signi ican economic and eliabili y impac s. The mos success ul implemen a ions
main ained alse posi i e a es below 2% h ough ca e ul algo i hm uning and inco po a ion o powe sys em domain
knowledge in o ea u e enginee ing p ocesses.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1372
6.2.2. Ope a ional Impac Assessmen :
Beyond cybe secu i y me ics, he e alua ion conside ed he impac o AI sys ems on no mal powe sys em ope a ions.
Key measu es included p ocessing la ency, sys em esou ce u iliza ion, and in eg a ion complexi y wi h exis ing
ope a ional echnology sys ems.
P ocessing la ency a e aged less han 100 milliseconds o mos de ec ion algo i hms, well wi hin accep able limi s o
powe sys em applica ions. Howe e , deep lea ning app oaches equi ed ca e ul op imiza ion o mee hese iming
cons ain s, pa icula ly when deployed on edge compu ing pla o ms wi h limi ed compu a ional esou ces.
Figu e 2 De ec ion Pe o mance Compa ison Ac oss U ili y Case S udies
6.3. Lessons Lea ned and Bes P ac ices
The case s udy analysis e ealed se e al c i ical ac o s ha in luence he success o AI-based h ea de ec ion
implemen a ions in sma g id en i onmen s. These insigh s p o ide aluable guidance o u ili ies conside ing simila
deploymen s.
Da a Quali y and A ailabili y: The e ec i eness o machine lea ning algo i hms depends c i ically on he quali y and
comp ehensi eness o aining da a. U ili ies wi h well-es ablished da a managemen p ac ices and comp ehensi e
logging sys ems achie ed be e esul s han hose wi h agmen ed o incomple e da ase s. In es men in da a
in as uc u e and go e nance p o ed essen ial o success ul AI implemen a ion.
Domain Expe ise In eg a ion: The mos success ul implemen a ions in ol ed close collabo a ion be ween
cybe secu i y p o essionals and powe sys em enginee s. This in e disciplina y app oach ensu ed ha AI algo i hms
could dis inguish be ween malicious ac i i ies and no mal ope a ional a ia ions ha migh appea anomalous o
pu ely cybe secu i y- ocused sys ems.
Ope a ional Technology In eg a ion: Ca e ul conside a ion o in eg a ion wi h exis ing ope a ional echnology sys ems
p o ed c ucial o deploymen success. Legacy SCADA and EMS sys ems o en equi ed specialized in e aces and da a
ansla ion laye s o wo k e ec i ely wi h mode n AI pla o ms.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1373
Change Managemen : Success ul implemen a ions equi ed comp ehensi e aining p og ams o ope a ions s a and
clea p ocedu es o esponding o AI-gene a ed ale s. O ganiza ions ha in es ed hea ily in change managemen and
s a aining achie ed be e adop ion a es and mo e e ec i e h ea esponse capabili ies.
7. Technical Implemen a ion Challenges
7.1. Da a In eg a ion and P ep ocessing
The implemen a ion o AI-based h ea de ec ion in sma g id en i onmen s aces signi ican echnical challenges
ela ed o da a in eg a ion and p ep ocessing. Sma g id sys ems gene a e da a om nume ous he e ogeneous sou ces,
each wi h di e en o ma s, sampling a es, and communica ion p o ocols. SCADA sys ems ypically use p o ocols such
as DNP3 and IEC 61850, while AMI sys ems may employ a ious wi eless communica ion s anda ds including RF mesh,
cellula , and powe line communica ion.
The olume and eloci y o da a gene a ed by mode n sma g id sys ems p esen addi ional challenges. A ypical u ili y
se ing one million cus ome s gene a es o e 500 gigaby es o da a daily om AMI sys ems alone, wi h addi ional da a
s eams om ansmission moni o ing, dis ibu ion au oma ion, and cus ome sys ems. This da a mus be p ocessed,
no malized, and analyzed in eal- ime o p o ide e ec i e h ea de ec ion capabili ies.
Da a quali y issues compound hese challenges, as senso ailu es, communica ion e o s, and sys em main enance
ac i i ies can in oduce noise and missing alues ha may be misin e p e ed as secu i y h ea s. Robus p ep ocessing
pipelines mus accoun o hese ope a ional eali ies while p ese ing he sub le pa e ns ha may indica e malicious
ac i i y.
Table 3 Da a Sou ces and Cha ac e is ics in Sma G id AI Sys ems
Da a Sou ce
Volume (GB/day)
Upda e F equency
P o ocol
Key Pa ame e s
SCADA Sys ems
15-25
2-4 seconds
DNP3, IEC 61850
Vol age, cu en , powe low
AMI Ne wo ks
500-800
15-60 minu es
RF Mesh, Cellula
Ene gy usage, me e s a us
PMU Sys ems
50-100
30-60 Hz
IEEE C37.118
Phaso measu emen s
Wea he S a ions
5-10
5-15 minu es
Modbus, HTTP
Tempe a u e, wind, sola
Ne wo k Logs
100-200
Con inuous
Syslog, SNMP
T a ic pa e ns, e o s
Secu i y E en s
20-50
Con inuous
CEF, STIX/TAXII
Ale s, inciden s
7.2. Scalabili y and Pe o mance Op imiza ion
The scalabili y equi emen s o AI-based h ea de ec ion in sma g id en i onmen s a e subs an ial, as sys ems mus
accommoda e millions o connec ed de ices and p ocess e aby es o da a while main aining eal- ime esponse
capabili ies. T adi ional cen alized app oaches ace limi a ions in e ms o bandwid h, la ency, and compu a ional
esou ces, necessi a ing dis ibu ed a chi ec u es ha can scale e ec i ely wi h g id mode niza ion e o s.
Edge compu ing a chi ec u es ha e eme ged as a p omising solu ion, enabling local p ocessing o c i ical da a s eams
while educing communica ion o e head and imp o ing esponse imes. Howe e , edge deploymen in oduces
addi ional challenges ela ed o esou ce cons ain s, de ice managemen , and secu i y o dis ibu ed compu ing nodes.
Model op imiza ion echniques play a c ucial ole in achie ing accep able pe o mance on esou ce-cons ained edge
de ices. Techniques such as model p uning, quan iza ion, and knowledge dis illa ion can educe compu a ional
equi emen s while main aining de ec ion accu acy. Fede a ed lea ning app oaches enable collabo a i e model
aining ac oss mul iple edge nodes while p ese ing da a p i acy and educing cen alized p ocessing equi emen s.
7.2.1. Pe o mance Op imiza ion S a egies:
o Model Comp ession: Techniques such as neu al ne wo k p uning and quan iza ion can educe model
size by 80-90% wi h minimal impac on de ec ion accu acy
o Fea u e Selec ion: Ca e ul selec ion o inpu ea u es can imp o e p ocessing speed while main aining
o imp o ing de ec ion pe o mance
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 27(01), 1365-1380
1380
[6] Chen, T. M., Sanchez-Aa nou se, J. C., & Bu o d, J. (2011). Pe i Ne Modeling o Cybe -Physical A acks on Sma
G id. IEEE T ansac ions on Sma G id, 2(4), 741-749. h ps://doi.o g/10.1109/TSG.2011.2160000
[7] Chen, Y., Jiang, H., Li, C., Jia, X., & Ghamisi, P. (2016). Deep Fea u e Ex ac ion and Classi ica ion o Hype spec al
Images Based on Con olu ional Neu al Ne wo ks. IEEE T ansac ions on Geoscience and Remo e Sensing, 54(10),
6232-6251. h ps://doi.o g/10.1109/TGRS.2016.2584107
[8] Eseosa, N. O., & Ikposhi, N. A. (2021). Re iew o machine lea ning applica ions o powe sys ems s udies. Open
Access Resea ch Jou nal o Enginee ing and Technology, 1(1), 021–031.
h ps://doi.o g/10.53022/oa je .2021.1.1.0101
[9] Gunduz, M. Z., & Das, R. (2020). Cybe -secu i y on sma g id: Th ea s and po en ial solu ions. Compu e
Ne wo ks, 169, 107094. h ps://doi.o g/10.1016/j.comne .2019.107094
[10] Huang, R., Li, Y., & Wang, X. (2022). A en ion-awa e deep ein o cemen lea ning o de ec ing alse da a injec ion
a acks in sma g ids. In e na ional Jou nal o Elec ical Powe & Ene gy Sys ems, 147, 108815.
h ps://doi.o g/10.1016/j.ijepes.2022.108815
[11] Mallidi, S.K.R., Ramise y, R.R. Ad ancemen s in aining and deploymen s a egies o AI-based in usion
de ec ion sys ems in IoT: a sys ema ic li e a u e e iew. Disco In e ne Things 5, 8 (2025).
h ps://doi.o g/10.1007/s43926-025-00099-4
[12] Munee , S., Fa ooq, U., A ha , A., Raza, M. A., Ghazal, T. M., & Sakib, S. (2024). A C i ical Re iew o A i icial
in elligence based App oaches in In usion De ec ion: A Comp ehensi e analysis. Jou nal o Enginee ing, 2024,
1–16. h ps://doi.o g/10.1155/2024/3909173
[13] Na ional Ins i u e o S anda ds and Technology. (2024). NIST Cybe secu i y F amewo k 2.0: A p o ile o c i ical
in as uc u e p o ec ion. U.S. Depa men o Comme ce. h ps://doi.o g/10.6028/NIST.CSWP.29
[14] T uong, N., Sun, K., Wang, S., Gui on, F., & Guo, Y. (2021). P i acy p ese a ion in ede a ed lea ning: An insigh ul
su ey om he GDPR pe spec i e. Compu e s & Secu i y, 110, 102402.
h ps://doi.o g/10.1016/j.cose.2021.102402
[15] Wang, X., Li, J., Kuang, X., Tan, Y., & Li, J. (2019). The secu i y o machine lea ning in an ad e sa ial se ing: A
su ey. Jou nal o Pa allel and Dis ibu ed Compu ing, 130, 12–23. h ps://doi.o g/10.1016/j.jpdc.2019.03.003
[16] Zhang, S., Yao, L., Sun, A., & Tay, Y. (2019). Deep Lea ning based ecommende sys em. ACM Compu ing Su eys,
52(1), 1–38. h ps://doi.o g/10.1145/3285029
[17] Zhang, Y., Wang, J., & Chen, B. (2021). De ec ing False Da a Injec ion A acks in Sma G ids: A Semi-Supe ised
Deep Lea ning App oach. IEEE T ansac ions on Sma G id, 12(1), 623-634.
h ps://doi.o g/10.1109/TSG.2020.3010510
