A Hierarchical Spatio-Temporal Graph Attention Network for False Data Injection Attack Detection in Smart Grids

Abstract

The increasing digitalization of smart grids has made them vulnerable to false data injection attacks (FDIAs), which can bypass traditional bad data detection (BDD) schemes and compromise grid security. While machine learning offers promising detection capabilities, existing methods often struggle with generalization, interpretability, and the effective integration of the grid’s inherent spatio-temporal properties. To address these challenges, this paper presents a hierarchical spatio-temporal graph attention network (HST-GAT) for FDIA detection in smart grids. The proposed FDIA detection method employs a dedicated two-stage architecture. First, a graph attention network (GAT) explicitly captures the complex spatial dependencies and physical constraints of the grid topology. Second, a temporal module with multi-head self-attention and a gated recurrent unit (GRU) analyzes evolving attack patterns across time steps. This hierarchical separation ensures a more interpretable and physically grounded representation of cyber intrusions compared to joint spatio-temporal models. Explainability analysis using the SHapley Additive exPlanations (SHAP) method reveals the decision-making process of the proposed FDIA detection method, validating its alignment with the grid topology and identifying the key buses that influence its predictions. The results confirm the robustness of the proposed method and its value in improving cybersecurity in modern smart grids.

1. Introduction

Modern power grids have undergone a rapid transformation with the integration of renewable energy resources, distributed generation, and advanced information and communication technologies. The concept of smart grids has emerged as a cornerstone of this transformation, enabling increased efficiency, reliability, and resilience in electricity generation, transmission, and distribution. As a key component of smart grid operation, state estimation has been widely applied. It utilizes measurements from supervisory control and data acquisition systems, as well as phasor measurement units, to determine grid conditions. Accurate state estimation is essential for control, stability assessment, and contingency analysis of the grid. Therefore, the integrity of measurement data is of paramount importance for the secure and reliable functioning of smart grids [1].

However, the increasing reliance on interconnected digital infrastructures has exposed power systems to sophisticated cyber threats [2]. Among these, false data injection attacks (FDIAs) represent a particularly insidious class of attacks. By carefully manipulating sensor data, adversaries can craft malicious inputs that evade traditional bad data detection (BDD) schemes [3]. Consequently, the estimated grid states can be replaced by false data without triggering alarms [4]. Such undetected manipulation can lead to erroneous control decisions, resulting in financial losses, equipment damage, or even cascading blackouts with devastating societal consequences [5,6].

Early detection of measurement anomalies in smart grids relies on statistical BDD techniques, including chi-square tests and the largest normalized residual test. While effective against random noise, these methods fail against structured intrusions. Liu et al. [4] first demonstrated that adversaries can exploit knowledge of the measurement Jacobian to design undetectable false data injection vectors. Since then, the inherent inability of residual-based approaches to counter coordinated attacks has been widely acknowledged, motivating a shift toward data-driven detection.

Machine learning provides the next wave of solutions. Classifiers such as support vector machines, decision trees, and shallow artificial neural networks are applied to distinguish compromised from normal data [7,8]. These models improve detection accuracy under known attack patterns, but they rely heavily on large, balanced, and labeled datasets. Such datasets are scarce in real grids where attack events are rare and varied [9]. Few-shot learning approaches have been proposed to mitigate this issue [10], yet they often overlook the spatio-temporal dependencies inherent in grid data. Moreover, supervised classifiers often generalize poorly to adaptive or unseen attack vectors, restricting their practical deployment. To overcome feature engineering limitations, deep learning architectures are adopted. Convolutional neural networks (CNNs) have been used to extract spatial correlations among measurements, while recurrent neural networks (RNNs) and long short-term memory (LSTM) networks capture temporal dynamics [11,12]. More recently, hybrid CNN–LSTM models, such as the convolutional LSTM proposed by Hasan et al. [13], have been used to integrate spatial and temporal features for pseudo-measurement modeling and attack detection. However, these architectures often entangle spatio-temporal dependencies into opaque representations. This complicates interpretability and risks overfitting on limited FDIA datasets, raising questions about their scalability to unseen attack scenarios.

Recognizing that smart grids are inherently graphs, recent studies have employed graph neural networks (GNNs) to embed topological constraints into detection models [14,15]. Graph convolutional networks (GCNs) and graph attention networks (GATs) allow the learning process to reflect physical connectivity between buses and lines, improving both detection accuracy and interpretability. Complementary approaches in semi-supervised and unsupervised learning, such as autoencoders and variational methods, address the scarcity of labeled attack data [16,17]. However, most graph-based detection methods focus on static spatial structures, while temporal correlations are either simplified or modeled with basic recurrent layers. Moreover, existing joint spatio-temporal methods often fuse both dimensions simultaneously. This risks conflation of distinct propagation processes, i.e., the spatial spread of anomalies across the grid and their temporal evolution through state transitions.

To address these gaps, we propose an FDIA detection method based on a hierarchical spatio-temporal GAT (HST-GAT). The main contributions of this work are fourfold:

(1)

A hierarchical architecture: We decouple the learning process into distinct spatial and temporal stages, moving beyond joint spatio-temporal models. This design provides superior interpretability and aligns more closely with the physical propagation characteristics of cyber intrusions in smart grids.

(2)

Advanced spatial encoding: We employ a GAT [18] to explicitly capture the complex structural dependencies and inherent physical constraints among buses and transmission lines, ensuring a faithful representation of the grid topology.

(3)

Coordinated temporal analysis: We integrate temporal self-attention mechanisms [19] to identify subtle and evolving attack patterns across successive time steps, enabling the detection of sophisticated, coordinated attacks that manifest only over time.

(4)

Interpretable and robust detection: The proposed model is designed not only for high accuracy but also for robustness under class imbalance, with an architecture amenable to explainability analysis, enhancing trustworthiness for real-world deployment.

The remainder of this paper is organized as follows. Section 2 details the problem formulation and the architecture of the proposed HST-GAT. Section 3 describes the experimental setup, including the dataset, baseline methods, and evaluation metrics. Section 4 presents and discusses the results, including performance comparisons and explainability analyses. Finally, Section 5 concludes the paper.

2. Proposed Methodology

2.1. Graph Representation of the Grid

In the context of FDIA detection in smart grids, the system is modeled as a dynamic graph

$$\mathcal{G}=(\mathcal{V},\mathcal{E},\mathcal{X})$$

(1)

where $\mathcal{V}=\{v_1,v_2,\dots ,v_N\}$ represents the set of nodes, which are generators or loads in the grid; $\mathcal{E}\subseteq \mathcal{V}\times \mathcal{V}$ denotes the connections (transmission lines) between nodes; and $\mathcal{X}=\{{\mathbf{X}}^{\left(1\right)},{\mathbf{X}}^{\left(2\right)},\dots ,{\mathbf{X}}^{\left(T\right)}\}$ is the measurement data in time series, with ${\mathbf{X}}^{\left(t\right)}\in {\mathbb{R}}^{N\times F}$ being the feature matrix of the nodes at time step t, where F denotes the number of features per node.

Each node feature vector comprises four key physical quantities, i.e.,

$$\begin{array}{cc}\hfill {\mathbf{x}}_i=& [\mathrm{voltage}\mathrm{magnitude}\left(V_i\right), \mathrm{voltage}\mathrm{phase}\mathrm{angle}\left({\theta }_i\right),\hfill \\ & \mathrm{active}\mathrm{power}\left(P_i\right), \mathrm{reactive}\mathrm{power}\left(Q_i\right)]\hfill \end{array}$$

(2)

The FDIA detection task is formulated as a spatio-temporal graph classification problem, i.e., given the historical measurements $\mathcal{X}$ over a time window and the grid topology $\mathcal{G}$, the goal is to predict whether an attack is present at the current time step:

$$y=f(\mathcal{G},\mathcal{X};\Theta )$$

(3)

where $y\in \{0, 1\}$ is the binary label (0 for normal, 1 for attacked), f denotes the HST-GAT function, and $\Theta$ represents the model parameters.

This detection task addresses the classical FDIA threat model [4], where an attacker is assumed to possess knowledge of the grid topology (e.g., bus-branch connectivity) and have the capability to compromise and manipulate measurements from a subset of sensors or buses.

2.2. Hierarchical Spatio-Temporal Graph Attention Network

To explicitly decouple spatial and temporal dependencies, we designed the HST-GAT as a three-tier hierarchical architecture as shown in Figure 1. The input to the network is batched spatio-temporal graph data $\mathbf{X}\in {\mathbb{R}}^{B\times T\times N\times F}$, where B is the batch size, T is the number of time steps, N is the number of nodes, and F is the feature dimension.

The framework pipeline is as follows:

(1)

Spatial feature extraction layer: Utilizes GATv2Conv to encode spatial attention for the graph structure at each time step.

(2)

Temporal feature fusion layer: Employs linear projection and temporal attention mechanism to capture temporal dependencies.

(3)

Sequence modeling layer: Uses a gated recurrent unit (GRU) to further learn temporal dynamics.

(4)

Classification output layer: Performs attack detection classification based on the final hidden state.

This hierarchical design enables progressive feature learning from local spatial patterns to global spatio-temporal representations. Each step is detailed in the following sections.

2.3. Spatial Attention Layer with GATv2Conv

The standard GAT computes attention with a monotonic function, which may fail to capture nuanced interactions between nodes. To deal with this issue, GATv2Conv is utilized in this study, which learns a dynamic attention mechanism capable of expressing non-monotonic relationships. The attention mechanism is computed as follows:

(1)

Attention coefficient calculation:

$$e_{ij}={\mathbf{a}}^T\mathrm{LeakyReLU}\left(\mathbf{W}[{\mathbf{x}}_i\parallel {\mathbf{x}}_j]\right)$$

(4)

where $\mathbf{W}\in {\mathbb{R}}^{F^{\prime }\times F}$ is a learnable weight matrix, $\mathbf{a}\in {\mathbb{R}}^{2F^{\prime }}$ is the attention vector, and ∥ denotes concatenation.

(2)

Normalized attention weights:

$${\alpha }_{ij}={\displaystyle \frac{\exp \left(e_{ij}\right)}{{\sum }_{k\in {\mathcal{N}}_i}\exp \left(e_{ik}\right)}}$$

(5)

where ${\mathcal{N}}_i$ denotes the neighborhood of node i.

(3)

Node feature aggregation:

$${\mathbf{h}}_i^{\prime }=\sigma \left(\sum _{j\in {\mathcal{N}}_i}{\alpha }_{ij}\mathbf{W}{\mathbf{x}}_j\right)$$

(6)

The model employs multi-head attention, and the output of each head is concatenated as follows:

$${\mathbf{h}}_i= {\parallel }_{k=1}^K\sigma \left(\sum _{j\in {\mathcal{N}}_i}{\alpha }_{ij}^k{\mathbf{W}}^k{\mathbf{x}}_j\right)$$

(7)

The output of this layer has dimensions ${\mathbf{H}}_{\mathrm{spatial}}\in {\mathbb{R}}^{B\times T\times N\times (K·F^{\prime })}$, where K is the number of attention heads and $F^{\prime }$ is the output dimension per head.

2.4. Temporal Attention Mechanism

The temporal attention layer aims to capture the importance of different time steps, addressing the gradient vanishing problem in traditional RNN for long sequences.

(1)

Feature reshaping and projection:

First, the spatial features are reshaped into $\mathbf{H}\in {\mathbb{R}}^{B\times T\times (N·K·F^{\prime })}$ and then projected to a lower dimension via a linear layer:

$$\mathbf{Z}=\mathbf{H}{\mathbf{W}}_p+{\mathbf{b}}_p$$

(8)

where ${\mathbf{W}}_p\in {\mathbb{R}}^{(N·K·F^{\prime })\times D}$ is the projection matrix, ${\mathbf{b}}_p\in {\mathbb{R}}^D$ is the bias vector and D is the projected dimension.

(2)

Multi-head temporal attention calculation:

$$\mathrm{MultiheadAttention}(\mathbf{Q},\mathbf{K},\mathbf{V})=\mathrm{softmax}\left({\displaystyle \frac{\mathbf{Q}{\mathbf{K}}^T}{\sqrt{d_k}}}\right)\mathbf{V}$$

(9)

where Query ($\mathbf{Q}$), Key ($\mathbf{K}$), and Value ($\mathbf{V}$) are all derived from the projected features $\mathbf{Z}$. The model uses two heads for temporal attention to enhance the capture of diverse temporal patterns.

The output of the temporal attention layer is a weighted temporal feature representation ${\mathbf{H}}_{temporal}\in {\mathbb{R}}^{B\times T\times D}$, along with an attention weight matrix that can be used for interpretability analysis.

2.5. GRU-Based Temporal Sequence Processing

While temporal attention identifies salient time steps, it may overlook longer-range dependencies. Therefore, we augment the temporal module with a GRU to capture sequential evolution patterns that span beyond the attention window. This hybrid design ensures that both short-term anomalies and prolonged attack campaigns are detectable. The GRU mechanisms are given as follows:

(1)

Update gate and reset gate:

$$\begin{array}{cc}\hfill {\mathbf{z}}_t& =\sigma ({\mathbf{W}}_z{\mathbf{h}}_{t-1}+{\mathbf{U}}_z{\mathbf{x}}_t+{\mathbf{b}}_z)\hfill \\ \hfill {\mathbf{r}}_t& =\sigma ({\mathbf{W}}_r{\mathbf{h}}_{t-1}+{\mathbf{U}}_r{\mathbf{x}}_t+{\mathbf{b}}_r)\hfill \end{array}$$

(10)

(2)

Candidate hidden state:

$${\tilde{\mathbf{h}}}_t=\tanh ({\mathbf{W}}_h({\mathbf{r}}_t\odot {\mathbf{h}}_{t-1})+{\mathbf{U}}_h{\mathbf{x}}_t+{\mathbf{b}}_h)$$

(11)

(3)

Final hidden state update:

$${\mathbf{h}}_t=(1-{\mathbf{z}}_t)\odot {\mathbf{h}}_{t-1}+{\mathbf{z}}_t\odot {\tilde{\mathbf{h}}}_t$$

(12)

The GRU layer outputs the hidden state of the last time step ${\mathbf{h}}_T\in {\mathbb{R}}^{B\times D}$ as a compact representation of the entire spatio-temporal sequence.

2.6. Output Layer and Loss Function

The output layer and loss function are calculated as follows:

(1)

Classification output layer:

$$\widehat{y}=\sigma ({\mathbf{W}}_o{\mathbf{h}}_T+{\mathbf{b}}_o)$$

(13)

where $\sigma$ is the sigmoid activation function, and $\widehat{y}\in [0, 1]$ denotes the probability of an attack.

(2)

Loss function:

The binary cross-entropy loss is used:

$$\mathcal{L}=-{\displaystyle \frac{1}{B}}\sum _{i=1}^B[y_i\log \left({\widehat{y}}_i\right)+(1-y_i)\log (1-{\widehat{y}}_i)]$$

(14)

(3)

Regularization strategies:

Dropout with a rate of 0.2 is applied to prevent overfitting, weight decay (L2 regularization) with a coefficient ${10}^{-5}$ is used, and batch normalization is applied after the spatial attention layer to accelerate training convergence.

The proposed HST-GAT method is given in Algorithm 1.

Algorithm 1: HST-GAT Forward Propagation

3. Experiment Setup

This section elaborates on various aspects of the experimental design, including dataset construction, baseline methods, evaluation metrics, and implementation details. The experiments were based on real-world grid data, utilizing the IEEE 14-bus and IEEE 118-bus test cases as the simulation platforms. All experiments were conducted under identical hardware and software environments to ensure the reliability and reproducibility of the results.

3.1. Dataset Construction

The dataset was constructed using a generation method based on real load data, which was sourced from the historical load data provided by the New York Independent System Operator, with a time resolution of 5 min. The regional load data was mapped to the corresponding nodes of the test system using a proportional allocation method, ensuring a reasonable load distribution.

The attack injection strategy was designed considering the stealthiness characteristics of real-world attacks. Target nodes were selected randomly, and FDIAs were constrained by physical limits. Specifically, the modification range for voltage magnitude was controlled within ±10–20%, and the phase angle modification range was within ±5–15°. Attack patterns included single-node attacks and multi-node coordinated attacks. The attack duration was categorized into short-term attacks (5–10 time steps) and sustained attacks (20–30 time steps). The final generated dataset contained 10,000 samples, comprising 7000 normal samples and 3000 attack samples, resulting in an attack sample ratio of 30%.

In the data preprocessing stage, Gaussian noise with a standard deviation of 0.05 was incorporated into the measurement data to simulate real sensor imperfections. The original measurement data were first normalized using the formula:

$$\widehat{x}={\displaystyle \frac{x-\mu }{s}}$$

(15)

where $\mu$ and s are the mean and standard deviation of the feature, respectively. Subsequently, time window sequences were constructed with a window length of 10 time steps and a sliding step of 1, forming a tensor format suitable for spatio-temporal graph models.

3.2. Baseline Methods

To comprehensively evaluate the performance of the proposed method, we performed extensive comparisons with both traditional and advanced FDIA detection methods, including GGNN-GAT [20], TSGCN [21], DAMGAT [22], SAGE [23], GCN [24], CNN-GRU [25], Transformer [26], and CNN [27].

Table 1. Comparison of spatio-temporal graph neural network architectures.

Method	Architecture Type	Spatial	Temporal	Key Feature
TSGCN	Joint spatio-temporal	GCN	LSTM	Integrated feature learning
DAMGAT	Attention-based	GAT	Integrated attention	Dynamic attention
GGNN-GAT	Graph-based	GGNN+GAT	Basic recurrent layers	Topology-aware
CNN-LSTM	Sequential hybrid	CNN	LSTM	Spatial convolution
HST-GAT	Hierarchical decoupled	GATv2Conv	Self-attention+GRU	Explicit separation of space/time

provides a targeted architectural comparison between HST-GAT and representative spatio-temporal GNNs, highlighting our key methodological contributions.

All baseline methods used the same input data and training–test split. Hyperparameters were determined through grid search to find the optimal configuration, ensuring a fair comparison. Specifically, for GNN-based methods, the same graph structure information—the topological connectivity of the IEEE 14-bus and IEEE 118-bus systems—was used.

3.3. Evaluation Metrics

A multi-dimensional evaluation index system was adopted to comprehensively assess the detection performance. The primary detection metrics included accuracy, precision, recall, and F1-score, which reflect the classifier’s performance from different angles. The precision and recall are defined as follows:

$$\mathrm{Precision}={\displaystyle \frac{TP}{TP+FP}},\mathrm{Recall}={\displaystyle \frac{TP}{TP+FN}}$$

(16)

where $TP$, $FP$, and $FN$ denote true positives, false positives, and false negatives, respectively. The F1-score was calculated as the harmonic mean of precision and recall:

$$F1=2\times {\displaystyle \frac{\mathrm{Precision}\times \mathrm{Recall}}{\mathrm{Precision}+\mathrm{Recall}}}$$

(17)

In addition to these basic metrics, the receiver operating characteristic (ROC) and precision–recall (PR) curves were used to evaluate the model’s overall performance under different thresholds.

3.4. Implementation Details

The experiments were conducted on a server equipped with an NVIDIA RTX 4060 Laptop GPU and an Intel i7-12800HX CPU. The software environment included Python 3.10, PyTorch 2.8.0, and PyTorch Geometric 2.6.1. Power flow calculations were performed using the pandapower 3.1.2 toolbox.

To ensure the optimal performance of the proposed HST-GAT model, a grid search strategy was employed to determine the key hyperparameters. The search space included learning rates within $\{{10}^{-2}, {10}^{-3}, {10}^{-4}\}$, hidden dimensions within $\{32, 64, 128\}$, and temporal window sizes within $\{5, 10, 15\}$. The final hyperparameter configuration, selected based on the highest F1-score on the validation set, is summarized in

Table 2. Optimal hyperparameters for the HST-GAT model.

Hyperparameter	Value	Description
Time Window Size (T)	10	Length of historical measurement sequences
Batch Size	256	Number of training samples per iteration
Learning Rate	${10}^{-3}$	Initial step size for the Adam optimizer
Hidden Dimensions (D)	64	Dimension of the hidden state in GAT and GRU
GAT Heads ($K_{spatial}$)	4	Number of attention heads in spatial module
Temporal Heads ($K_{temporal}$)	4	Number of heads in multi-head self-attention
Dropout Rate	0.2	Probability for dropout layers to prevent overfitting
Training Epochs	100	Maximum number of passes over the dataset
Optimizer	Adam	Algorithm used for weight updates
Weight Decay	${10}^{-5}$	L2 regularization coefficient to prevent overfitting
Activation Function	ELU	Non-linear activation for the spatial module

.

An early stopping strategy was employed to prevent overfitting, with a patience value of 15. To address the class imbalance issue, a weighted binary cross-entropy loss function was used:

$$\mathcal{L}=-{\displaystyle \frac{1}{N}}\sum _{i=1}^N[w_0{y}_i\log \left({\widehat{y}}_i\right)+w_1(1-y_i)\log (1-{\widehat{y}}_i)]$$

(18)

where the weight for normal samples ${\omega }_0$ is 0.3, and the weight for attack samples ${\omega }_1$ is 0.7. The dataset was randomly split into training, validation, and test sets in a 7:1:2 ratio. Five-fold cross-validation was used during training to evaluate model generalization. To ensure the reproducibility of the experimental results, the random seed was fixed to 1234.

4. Results and Discussion

4.1. Performance Analysis and Comparative Evaluation

The overall performance metrics are summarized in

Table 3. Comparison of different detection methods in the IEEE 14-bus and IEEE 118-bus systems.

Bus Systems	Models	Accuracy	Precision	Recall	F1-Score
IEEE 14-bus system	HST-GAT	98.70%	100%	96.02%	97.97%
	GGNN-GAT	92.99%	92.84%	93.05%	92.94%
	TSGCN	93.04%	93.25%	92.67%	92.96%
	DAMGAT	92.64%	92.14%	93.12%	92.62%
	SAGE	92.87%	92.90%	92.70%	92.80%
	GCN	92.74%	92.71%	92.64%	92.68%
	CNN-GRU	90.02%	89.91%	89.97%	89.94%
	Transformer	91.64%	92.22%	90.79%	91.50%
	CNN	85.61%	84.97%	86.25%	85.60%
IEEE 118-bus system	HST-GAT	92.38%	100%	75.56%	86.08%
	GGNN- GAT	78.19%	78.08%	78.07%	78.03%
	TSGCN	72.08%	73.01%	69.70%	71.25%
	DAMGAT	79.54%	80.41%	77.68%	79.00%
	SAGE	77.46%	78.17%	75.71%	76.90%
	GCN	72.34%	74.19%	68.21%	70.96%
	CNN-GRU	57.11%	57.45%	56.99%	56.89%
	Transformer	66.56%	66.44%	66.10%	66.24%
	CNN	56.78%	46.90%	45.64%	45.97%

. One can notice that the proposed HST-GAT achieves competitive results across all evaluation criteria. The model also shows distinctive characteristics in precision and recall trade-offs.

In addition to detection accuracy, we evaluated the inference time of HST-GAT to assess its real-time applicability. The model achieves an average detection latency of 11.971 ms per sample on the IEEE 14-bus system, and 12.637 ms per sample on IEEE 118-bus system, corresponding to a detection frequency of 83.5 Hz and 79.1 Hz, which meets the common real-time requirement in grid monitoring environments.

4.1.1. Overall Performance Comparison

On the IEEE 14-bus system, the proposed HST-GAT achieves an accuracy of 98.70%, a precision of 100%, a recall of 96.02%, and an F1-score of 97.97%. While the model demonstrates superior performance compared to baseline methods, the results reveal an important characteristic of the detection behavior. The perfect precision score of 100% indicates that the model completely avoids false positive detections, meaning all identified attacks are genuine. However, the recall of 96.02% suggests that approximately 4% of actual attacks remain undetected.

To assess scalability, we further evaluated HST-GAT on the larger and more complex IEEE 118-bus system. As shown in Table 3, the model maintains a precision of 100%, and the overall accuracy remains high at 92.38%, significantly outperforming all baselines. However, the recall drops to 75.56%, indicating increased difficulty in capturing all attack signatures within more intricate topologies and diverse propagation paths. This performance trade-off highlights both the model’s strength in reliability and an important challenge for detecting subtle attacks in large-scale grids.

4.1.2. Analysis of Precision–Recall Trade-Offs

To holistically evaluate the model performance across all classification thresholds and under class imbalance, we present the ROC and PR curves in Figure 2 and Figure 3, respectively.

The exceptional precision performance of the HST-GAT can be attributed to several architectural features. The spatial attention mechanism employing GATv2Conv enables highly selective focus on genuinely anomalous patterns while effectively filtering out normal operational variations. This selective attention reduces false positives but may also lead to missed detections when attack signatures are subtle or resemble normal operation patterns.

The observed recall rate of 96.02% indicates several potential limitations. Some attack patterns may not sufficiently deviate from normal operation to trigger detection, particularly if they affect nodes with lower attention weights or occur during periods of high system variability. Additionally, the model’s conservative detection threshold, while beneficial for precision, inevitably results in some missed detections.

4.1.3. Comparative Performance Analysis

The performance comparison reveals distinct operational characteristics across different model architectures. HST-GAT’s precision-focused performance contrasts with models like DAMGAT, which achieves higher recall (93.12%) but lower precision (92.14%). This difference reflects fundamental architectural choices and optimization objectives.

The performance gap between HST-GAT and other methods widens on the 118-bus system. Sequence models, e.g., CNN-GRU and Transformer, suffer dramatic performance degradation, reflecting their inability to encode large-scale topological constraints effectively. Graph-based baselines, e.g., GGNN-GAT and DAMGAT, also exhibit notable drops in recall and F1-score. In contrast, HST-GAT retains a clear advantage, validating that its hierarchical decoupling of spatial and temporal learning generalizes more effectively to complex grid topologies.

4.2. Explainability Analysis

For the detection of FDIAs in smart grids, deep learning models such as HST-GAT have demonstrated high accuracy, but their decision-making processes are often regarded as “black boxes”, which limits the trustworthiness and deployability of these models in critical infrastructure. To unveil the internal decision-making mechanism of HST-GAT, this section presents an explainability analysis based on the SHapley Additive exPlanations (SHAP) method. SHAP is an explainability technique grounded in game theory, capable of quantifying the contribution of each input feature to the model’s predictions, making it suitable for complex spatio-temporal graph networks.

The SHAP analysis aims to quantify the contribution of each node feature in the HST-GAT model to FDIA detection decisions. Visualization was generated using the Python SHAP library, producing two key figures: Figure 4, a bar chart of feature ranking without distinguishing feature values, showing the average absolute SHAP values for each node to evaluate feature importance, and Figure 5, a scatter plot of feature ranking distinguishing feature values, showing the distribution of SHAP values for each sample, where point colors indicate feature values, red corresponds to high feature values, and blue corresponds to low feature values.

4.2.1. Results Analysis

According to Figure 4, the SHAP importance ranking of the nodes is as follows: 8, 13, 9, 6, 11, 5, 10, 2, 1, 12, 4, 7, 14, 3. Among these, nodes 8 and 13 have the highest SHAP importance, and nodes 9, 6, and 11 have secondary importance. This ranking aligns with the topological roles in the IEEE 14-bus system. Nodes 8 and 13 are typically load buses. Their high importance is consistent with expectations for FDIA detection, as attacks often target load measurements for FDIA. In contrast, nodes 14 and 3 are located at the network periphery or play minor roles; hence, their contribution is lower.

Figure 5 reveals the impact patterns of feature values on SHAP values. In the figure, point colors represent feature values: red points correspond to high feature values, and blue points correspond to low feature values.

For nodes 8 and 13, high feature values primarily correspond to negative SHAP values, while low feature values correspond to positive SHAP values. This indicates that when the measurements of these nodes are high, the model tends to predict a normal state, leading to negatively impacting attack detection. Conversely, low measurements promote the detection of an attack. In contrast, for nodes 9 and 6, the low feature values correspond to the negative SHAP values, and the high feature values correspond to positive SHAP values.

Overall, the pattern of high feature values corresponding to negative SHAP values dominates in key nodes, which may cause the model to miss detections when attacks lead to high measurements.

4.2.2. Case Studies

To further validate the results of the SHAP analysis, two typical attack samples were selected for case studies, demonstrating how SHAP values explain the decision-making process of HST-GAT.

The first case is a missed detection sample: a multi-node attack with abnormally elevated voltage measurements on nodes 8 and 13. The SHAP value calculation shows that the contributions of nodes 8 and 13 are negative, while the contributions of other nodes, such as 9 and 6, are smaller. This indicates that the model tends to predict a normal state due to the high feature values of nodes 8 and 13, leading to missed detection.

The second case is a correctly detected sample. In this sample, the power measurement of node 9 is abnormally high, while other nodes show minor changes. The SHAP values indicate that the contribution of node 9 is positive, while the contributions of nodes 8 and 13 are neutral. This indicates that the model relies on the high feature value of node 9 to correctly detect the attack, consistent with the impact pattern of the feature value. Visualization in Figure 5 supports this result: the red points for node 9 are concentrated in the positive SHAP value region. The case study demonstrates that SHAP analysis can effectively trace the model’s decisions, highlighting the HST-GAT’s dependency on specific node patterns.

5. Conclusions

In this paper, we have presented a comprehensive study on the detection of FDIAs in smart grids using the HST-GAT method. The proposed FDIA detection method is designed to overcome critical gaps in the existing literature, particularly the inadequate handling of topological constraints and the entangled modeling of spatial and temporal dynamics. Our work systematically formulated the FDIA detection problem within a spatio-temporal graph learning framework and introduced an architecture that processes spatial and temporal features in a dedicated and hierarchical manner.

The core contribution of this research lies in the synergistic integration of GATv2Conv for dynamic spatial attention and a sequential temporal module with self-attention and GRU layers. This design not only achieves superior detection performance but also provides a more interpretable model that mirrors the physical propagation characteristics of the FDIAs. Experimental results on IEEE test systems provide compelling evidence of the method’s efficacy. The proposed FDIA detection method achieves a precision of 100% on the IEEE 14-bus and IEEE 118-bus systems, demonstrating its exceptional ability to eliminate false positives. However, the observed recall of 75.56% highlights the increased challenge of detecting attacks in larger and more complex topologies, which is a key limitation requiring further investigation.

Future work will focus on improving accuracy in large-scale grids through adaptive detection mechanisms, extending the framework to more stealthy attack variants, and exploring semi-supervised learning to reduce reliance on labeled attack data.