Abstract
The security of IEC 61850 Sampled Value (SV) messages is critical in substation automation systems, where unauthorized modifications can lead to severe operational disruptions and safety risks. To address this challenge, this paper proposes a Graph Feature Enhanced (GFE) machine learning-based approach as a secondary security layer, complementing the IEC 62351-6 cryptographic authentication for real-time anomaly detection. The proposed method transforms SV data into image representations, extracts statistical and frequency-domain features, and employs an advanced classification technique to detect cyberattacks. By integrating the GFE framework with Long Short-Term Memory (LSTM) networks, the GFE-LSTM model is developed, a novel model designed to enhance attack detection capabilities. Extensive simulations demonstrate that GFE-LSTM achieves high detection accuracy, operational efficiency, and robustness, all while maintaining manageable computational demand.
| Original language | English |
|---|---|
| Title of host publication | 2025 IEEE Industry Applications Society Annual Meeting, IAS 2025 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| ISBN (Electronic) | 9781665457767 |
| DOIs | |
| State | Published - 2025 |
Publication series
| Name | Conference Record - IAS Annual Meeting (IEEE Industry Applications Society) |
|---|---|
| ISSN (Print) | 0197-2618 |
Bibliographical note
Publisher Copyright:© 2025 IEEE.
Keywords
- Anomaly detection
- IEC 61850
- LSTM
- cyberattacks
- graph feature enhanced (GFE)
- sampled value (SV) messages
- secondary security layer
- substation automation
ASJC Scopus subject areas
- Control and Systems Engineering
- Industrial and Manufacturing Engineering
- Electrical and Electronic Engineering