Leveraging Conversational Generative AI for Anomaly Detection in Digital Substations

TL;DR

This paper introduces a conversational AI-based anomaly detection system for digital substations that outperforms traditional methods in efficiency, scalability, and adaptability against cyber threats.

Contribution

It proposes a novel task-oriented dialogue system leveraging GenAI for anomaly detection in IEC61850 messages, improving speed and accuracy over existing techniques.

Findings

Superior error reduction compared to traditional methods

Enhanced scalability and adaptability in cyber threat detection

Faster implementation and response times in anomaly detection

Abstract

This study addresses critical challenges of cybersecurity in digital substations by proposing an innovative task-oriented dialogue (ToD) system for anomaly detection (AD) in multicast messages, specifically, generic object oriented substation event (GOOSE) and sampled value (SV) datasets. Leveraging generative artificial intelligence (GenAI) technology, the proposed framework demonstrates superior error reduction, scalability, and adaptability compared with traditional human-in-the-loop (HITL) processes. Notably, this methodology offers significant advantages over machine learning (ML) techniques in terms of efficiency and implementation speed when confronting novel and/or unknown cyber threats, while also maintaining model complexity and precision. The research employs advanced performance metrics to conduct a comparative assessment between the proposed AD and HITL-based AD frameworks, utilizing a hardware-in-the-loop (HIL) testbed for generating and extracting features of IEC61850 communication messages. This approach presents a promising solution for enhancing the reliability of power system operations in the face of evolving cybersecurity challenges.