Abstract
Cybersecurity breaches targeting electrical substations constitute a significant threat to the integrity of the power grid, necessitating comprehensive defense and mitigation strategies. Any anomaly in information and communication technology (ICT) should be detected for secure communications between devices in digital substations. This paper proposes large language models (LLMs), e.g., ChatGPT, for the cybersecurity of IEC 61850-based communications. Multi-cast messages such as generic object oriented system events (GOOSE) and sampled values (SV) are used for case studies. The proposed LLM-based cybersecurity framework includes, for the first time, data pre-processing of communication systems and human-in-the-loop (HITL) training (considering the cybersecurity guidelines recommended by humans). The results show a comparative analysis of detected anomaly data carried out based on the performance evaluation metrics for different LLMs. A hardware-in-the-loop (HIL) testbed is used to generate and extract a dataset of IEC 61850 communications.
Original language | American English |
---|---|
Number of pages | 5 |
DOIs | |
State | Published - 2024 |
Event | 2024 IEEE Power & Energy Society General Meeting - Seattle, Washington Duration: 21 Jul 2024 → 25 Jul 2024 |
Conference
Conference | 2024 IEEE Power & Energy Society General Meeting |
---|---|
City | Seattle, Washington |
Period | 21/07/24 → 25/07/24 |
NREL Publication Number
- NREL/CP-5D00-92062
Keywords
- ChatGPT
- cybersecurity
- generic object oriented system event (GOOSE)
- human-in-the-loop (HITL)
- large language model (LLM)
- sampled value (SV)
- substations