Search Results (169)

Electric Vehicle Charging Systems (EVCSs) are increasingly connected with the Internet of Things (IoT) and smart grid infrastructure, yet they face growing cyber risks due to expanded attack interfaces. These systems are vulnerable to various attacks that potentially impact both charging operations and user privacy. Intrusion Detection Systems (IDSs) are essential for identifying suspicious activities and mitigating risks to protect EVCS networks, but conventional ML-based IDSs are often unable to achieve optimal performance due to imbalanced datasets, complex traffic distributions, and human design limitations. In practice, EVCS traffic is typically multi-class, imbalanced, and safety-critical, where both missed attacks and false alarms can lead to denial of charging, service interruption, unnecessary incident escalation, financial loss, and reduced user trust. Automated ML (AutoML) and Generative Artificial Intelligence (GAI) have emerged as promising solutions in cybersecurity. Existing GAI and augmentation methods are mostly class-frequency-driven, but this does not necessarily improve the error-prone regions where IDSs actually fail. In this paper, we propose a GAI and an AutoML-based IDS that incorporates a Conditional Generative Adversarial Network (cGAN) with the optimized XGBoost model to improve the effectiveness of intrusion detection in EVCS networks and IoT systems. The proposed framework involves two techniques: (1) a novel cGAN-based error-guided generative augmentation (EGGA) method that extracts misclassified samples and generates a more robust training set for IDS development, and (2) an optimized IDS model that automatically constructs an optimized XGBoost model based on Bayesian Optimization with Tree-structured Parzen Estimator (BO-TPE). The main algorithmic novelty lies in EGGA, which uses model errors to guide generative augmentation toward difficult decision regions, while the overall pipeline represents a practical system-level integration of EGGA, XGBoost, and BO-TPE. To the best of our knowledge, this is the first work that combines GAI and AutoML to specifically improve detection on hard samples, enabling more autonomous and reliable identification of diverse cyber attacks in EV charging networks and IoT systems. Experiments are conducted on two benchmark EVCS and cybersecurity datasets, CICEVSE2024 and CICIDS2017, demonstrating consistent and statistically meaningful improvements over state-of-the-art IDS models. This research highlights the importance of combining automation, generative balancing, and optimized learning to strengthen cybersecurity solutions for EV charging networks and IoT systems. Full article

The convergence of Large Language Models (LLMs) and Internet of Things (IoT) systems has created a new class of intelligent applications across healthcare, industrial automation, smart cities, and connected homes. However, this integration introduces a complex and largely underexplored security landscape. LLMs deployed in IoT contexts face threats spanning both the AI and embedded systems domains, including prompt injection through sensor-driven inputs, model extraction from edge devices, data poisoning of IoT data streams, and privacy leakage through LLM-generated responses grounded in personal data. Simultaneously, LLMs are proving to be powerful tools for IoT security, with LLM-based intrusion detection systems achieving 95–99% accuracy on standard IoT datasets and LLM-driven threat intelligence outperforming traditional machine learning by significant margins. We systematically review 88 papers from IEEE, ACM, MDPI, and arXiv (2020–2025), providing: (1) a structured taxonomy of security threats targeting LLM-IoT systems, (2) a review of LLMs as security enablers for IoT, (3) an evaluation of privacy-preserving architectures including federated learning, differential privacy, homomorphic encryption, and trusted execution environments, (4) domain-specific security analysis across healthcare, industrial, smart home, smart grid, and vehicular IoT, and (5) a literature-based comparative analysis of LLM-based security systems. A central finding is the accuracy–efficiency–privacy trilemma: the model compression techniques needed to deploy LLMs on resource-constrained IoT devices can degrade security and even introduce new vulnerabilities. Our analysis provides researchers and practitioners with a structured understanding of both the risks and opportunities at the frontier of LLM-IoT security. Full article

Electricity systems increasingly operate under deep uncertainty driven by geopolitical risk, volatile fuel markets, trade fragmentation, security threats, and technological change. Under such conditions, cost-optimal planning based on assumed trajectories may lead to fragile outcomes, particularly for small and geopolitically exposed systems such as Israel’s. This paper assesses the resilience of alternative electricity transition strategies for Israel using a qualitative robustness framework inspired by Decision Making under Deep Uncertainty and scenario-based energy security analysis. Six policy-relevant strategies are evaluated across structurally distinct stress scenarios. Resilience is assessed along three dimensions: security of supply, dependency exposure, and economic vulnerability, using anchored qualitative scoring and dominance rules. The results indicate that gas-centric strategies exhibit limited robustness, while strategies combining solar deployment with adaptive gas management, smart grids, microgrids, and domestic clean-technology capabilities achieve higher resilience across a wide range of futures. The paper contributes a structured qualitative approach to resilience assessment and offers policy-relevant insights for electricity transitions under deep uncertainty. Full article

Electric vehicle charging stations (EVCSs) are a critical infrastructure in urban areas. However, because they depend on power grids and digital networks, they are prone to disruptions from grid failures, extreme weather, and cyber threats. Ensuring resilience is therefore essential to minimise service disruptions and ensure reliable transportation in urban areas. While interest in EVCS resilience is growing, current studies are dispersed across technical, environmental, and spatial domains, limiting a consolidated understanding of how resilience is conceptualised and assessed in urban areas. Despite this growing body of research, no prior systematic review has comprehensively synthesised resilience-specific evidence for EVCSs in urban areas. Thus, the objective of the study was to systematically synthesise empirical research on resilient EVCSs in urban areas to identify key factors influencing resilience and how resilience is assessed. A systematic literature review was conducted on 52 empirical articles from Web of Science and Scopus published between 2015 and 2025, following the PRISMA protocol. The review revealed an increasing trend in publications over time, with research geographically concentrated in Asia, the United States of America, and Europe. Results also showed that the resilience of EVCSs in urban areas is influenced by context-related factors (such as location, environment, and governance) and system-related factors (such as operational, technical, and financial), with location and technical issues being the most studied. The resilience of EVCSs is mainly assessed through accessibility, capacity, availability, and vulnerability, using tools such as indices, curves, scenarios, and optimisation models. However, gaps remain in governance, environment, modular design, predictive maintenance, social aspects, and developing economies. Future research should focus on integrating governance and equity into EVCS planning and developing modular, renewable-powered charging systems supported by smart technologies to enhance resilience in urban areas, particularly in developing economies. This review proposes a Factors-Dimensions Implementation framework that operationalises established resilience concepts by linking context- and system-related factors to measurable resilience dimensions of EVCSs in urban areas. Full article

The electricity supply system faces major challenges. The physical and social vulnerability of the monoculture of hierarchical, centralized systems urgently requires radical transformation of their organizational structures as well as their infrastructures. These transformations to low carbon are often characterized as ‘decentralization’. However, decentralization is a process that only signifies a move away from centralized models. This does not necessarily result in a decentralized architecture, but rather a model in which the dominance of ‘commercial private’ combined with ‘monopolistic public’ is replaced by cooperation and community. The research question is: what will be the design of future electricity grids after the transformation? The integration of distributed renewable resources and the growing need for resilience requires great diversity and flexibility from socio-technical smart grids. These involve digitization, enabling the transformation of power grids into networks of clustered, self-healing microgrids with distributed energy systems: generation, storage, transmission, demand response, and internal energy management. Several fundamentals of Common Pool Resources theory (Ostrom) on the analysis of sustainable management of natural resources are reviewed on their relevance: the Socio-Ecological System framework, distinct property regimes, the Polycentricity concept, and the Institutional Analysis and Development (IAD) framework. The transformation leads to ‘distributed’ rather than ’decentralized’ models. Governance no longer takes place from a single control point, but from many, spread across multiple levels, similar to ecosystems. End users play a key role and become partly coproducing prosumers. Governance is polycentric rather than decentral. The IAD provides as its most important condition that, at the legislative level, there must be minimum recognition of the right of ‘renewable energy communities’ to organize themselves as microgrids. This is immediately the biggest social acceptance challenge, as the current monoculture incorporates several lock-ins: incumbent powerful actors, centralized hierarchical control legislation, and obstructive market conditions, including taxing systems. Full article

Automated insulator inspection systems face critical challenges from small object sizes, complex backgrounds, and vulnerability to adversarial attacks, a security concern largely unaddressed in safety-critical power infrastructure. We introduce Faster-YOLOv12n, integrating a FasterNet backbone with SGC2f attention modules and Wise-ShapeIoU loss for enhanced small defect localization. Our architecture achieves 98.9% mAP@0.5 on the CPLID, improving baseline YOLOv12n by 1.3% in precision (97.8% vs. 96.5%), 4.7% in recall (95.1% vs. 90.4%), and 1.8% in mAP@0.5. Through differential data augmentation, we expand training samples from 678 to 3900 images, achieving balanced class distribution and robust generalization across fog, adverse weather, and complex transmission line backgrounds. Comparative evaluation demonstrates superior performance over RT-DETR, Faster R-CNN, YOLOv7, YOLOv8, and YOLOv9, with per-class analysis revealing 99.8% AP@0.5 for defect detection. We provide the first comprehensive adversarial robustness evaluation for insulator defect detection, systematically assessing FGSM, PGD, and C&W attacks across perturbation budgets. Through adversarial training with mixed-batch strategies, our robust model maintains 93.2% mAP@0.5 under the strongest FGSM attacks ($ϵ$ = 48/255), 94.5% under PGD attacks, and 95.1% under C&W attacks ($\tau$ = 3.0) while preserving 98.9% clean accuracy, demonstrating no trade-off between accuracy and robustness. Grad-CAM visualizations demonstrate that attacks disrupt confidence calibration while preserving spatial attention on defect regions, providing interpretable insights into model decision-making under adversarial conditions and validating learned feature representations for safety-critical smart grid monitoring applications. Full article

The modern smart grid integrates information and communication technology (ICT) with electronic devices, but this integration introduces cybersecurity risks. Load measurements, crucial for grid operation, are vulnerable to attacks, particularly Load Redistribution Attacks (LRAs). LRAs maliciously alter load readings to mislead control systems without being detected by conventional methods. This paper first introduces two advanced LRA variants: a stealthy-enhanced LRA designed to bypass sophisticated data-driven detectors, and an impact-enhanced LRA engineered to cause significant operational disruptions, such as increased generation costs. To address these evolving threats, we propose a novel Sensor-oriented Temporal Detector (STD). Unlike existing methods that often rely on aggregate data or labeled attack examples, our STD focuses on the unique temporal patterns of individual sensor measurements. It achieves this by combining principal subspace projection to identify normal data subspaces with sequential change extraction to detect subtle deviations over time. This approach allows the STD to identify various LRA types effectively, even without prior knowledge of attack signatures. Extensive simulations validate the destructive impact of our proposed LRA variants and demonstrate the superior detection performance of the STD against these sophisticated attacks. Full article

The increasing digitalization of smart grids has made them vulnerable to false data injection attacks (FDIAs), which can bypass traditional bad data detection (BDD) schemes and compromise grid security. While machine learning offers promising detection capabilities, existing methods often struggle with generalization, interpretability, and the effective integration of the grid’s inherent spatio-temporal properties. To address these challenges, this paper presents a hierarchical spatio-temporal graph attention network (HST-GAT) for FDIA detection in smart grids. The proposed FDIA detection method employs a dedicated two-stage architecture. First, a graph attention network (GAT) explicitly captures the complex spatial dependencies and physical constraints of the grid topology. Second, a temporal module with multi-head self-attention and a gated recurrent unit (GRU) analyzes evolving attack patterns across time steps. This hierarchical separation ensures a more interpretable and physically grounded representation of cyber intrusions compared to joint spatio-temporal models. Explainability analysis using the SHapley Additive exPlanations (SHAP) method reveals the decision-making process of the proposed FDIA detection method, validating its alignment with the grid topology and identifying the key buses that influence its predictions. The results confirm the robustness of the proposed method and its value in improving cybersecurity in modern smart grids. Full article

As digital technology becomes increasingly integral to modern industries, the risks posed by cyber threats, including malware, ransomware, and insider attacks, continue to rise, jeopardizing critical infrastructure including renewable energy system. The world is more vulnerable to sophisticated cyberattacks due to its reliance on smart grids and IoT-enabled renewable energy systems. Without specialized digital forensic frameworks, incident response and critical infrastructure resilience are limited. This research examines the pivotal role of digital forensics in defending renewable energy system against the growing wave of cyber threats. The study highlights the significance of digital forensics in enhancing incident response, evidence collection, and forensic analysis capabilities. Through detailed case studies, it investigates the implementation strategies of digital forensics to identify, track, and mitigate cyber risks. To address this objective, this study proposes a comprehensive and adaptive cybersecurity framework that integrates digital forensics and fuzzy multi-criteria decision-making to enhance cyber resilience in renewable energy systems. Drawing on relevant case studies, the research demonstrates how the integration of digital forensics with fuzzy logic supports dynamic threat evaluation and risk mitigation. Comparative analysis show that the proposed framework outperforms traditional methods in terms of detection accuracy, response time, and adaptability to evolving threat landscapes. Key contributions include: (1) a structured digital forensics-based cybersecurity model tailored to renewable energy systems, (2) application of fuzzy Analytical Hierarchy Process (AHP) for multi-criteria threat evaluation, and (3) policy-oriented recommendations for stakeholders to reinforce national cyber resilience in line with energy transition. The findings underscore the need for a cohesive cybersecurity strategy grounded in advanced decision-support systems to protect the future of sustainable energy. Full article

As a core support for the integration of new energy and smart grids, Vehicle-to-Grid (V2G) networks face a core contradiction between user privacy protection and transaction security traceability—a dilemma that is further exacerbated by issues such as the quantum computing vulnerability of traditional cryptography, cumbersome key management in stateful ring signatures, and conflicts between revocation mechanisms and privacy protection. To address these problems, this paper proposes a post-quantum revocable linkable ring signature scheme based on SPHINCS+, with the following core innovations: First, the scheme seamlessly integrates the pure hash-based architecture of SPHINCS+ with a stateless design, incorporating WOTS+, FORS, and XMSS technologies, which inherently resists quantum attacks and eliminates the need to track signature states, thus completely resolving the state management dilemma of traditional stateful schemes; second, the scheme introduces an innovative “real signature + pseudo-signature polynomially indistinguishable” mechanism, and by calibrating the authentication path structure and hash distribution of pseudo-signatures (satisfying the Kolmogorov–Smirnov test with $D\le 0.05$), it ensures signer anonymity and mitigates the potential risk of distinguishable pseudo-signatures; third, the scheme designs a KEK (Key Encryption Key)-sharded collaborative revocation mechanism, encrypting and storing the $(I,pk,RID)$ mapping table in fragmented form, with KEK split into $KE{K}_1$ (held by the Trusted Authority, TA) and $KE{K}_2$ (held by the regulatory node), with collaborative decryption by both parties required to locate malicious users, thereby resolving the core conflict of privacy leakage in traditional revocation mechanisms; fourth, the scheme generates forward-secure linkable tags based on one-way private key updates and one-time random factors, ensuring that past transactions cannot be traced even if the current private key is compromised; and fifth, the scheme adopts hash commitments instead of complex cryptographic commitments, simplifying computations while efficiently binding transaction amounts to signers—an approach consistent with the pure hash-based design philosophy of SPHINCS+. Security analysis demonstrates that the scheme satisfies the following six core properties: post-quantum security, unforgeability, anonymity, linkability, unframeability, and forward secrecy, thereby providing technical support for secure and anonymous payments in V2G networks in the quantum era. Full article

The digital transformation of electric power systems into smart grids has significantly expanded the cybersecurity risk landscape of the energy sector. While advanced sensing, communication, automation, and data-driven control improve efficiency, flexibility, and renewable energy integration, they also introduce complex cyber–physical interdependencies and new vulnerabilities across interconnected technical and organisational domains. This study adopts a scoping review methodology in accordance with PRISMA-ScR to systematically analyse smart grid cybersecurity from an architecture-aware and resilience-oriented perspective. Peer-reviewed scientific literature and authoritative institutional sources are synthesised to examine modern smart grid architectures, key security challenges, major cyberthreats, and documented real-world cyber incidents affecting energy infrastructure up to 2025. The review systematically links architectural characteristics such as field devices, communication networks, software platforms, data pipelines, and externally operated services to specific threat mechanisms and observed attack patterns, illustrating how cyber risk propagates across interconnected grid components. The findings show that cybersecurity challenges in smart grids arise not only from technical vulnerabilities but also from architectural dependencies, software supply chains, operational constraints, and cross-sector coupling. Based on the analysis of historical incidents and emerging research, the study identifies key defensive strategies, including zero-trust architectures, advanced monitoring and anomaly detection, secure software lifecycle management, digital twins for cyber–physical testing, and cyber-resilient grid design. The review concludes that cybersecurity in smart grids should be treated as a systemic and persistent condition, requiring resilience-oriented approaches that prioritise detection, containment, recovery, and safe operation under adverse conditions. Full article

With the acceleration of digital transformation, open-source software has become a fundamental component of modern smart grids and other critical infrastructures. However, the complex dependency structures of open-source ecosystems and the continuous emergence of vulnerabilities pose substantial challenges to software supply chain security. In power information networks and cyber–physical control systems, vulnerabilities in open-source components integrated into Supervisory Control and Data Acquisition (SCADA), Energy Management System (EMS), and Distribution Management System (DMS) platforms and distributed energy controllers may propagate along the supply chain, threatening system security and operational stability. In such application scenarios, large language models (LLMs) often suffer from limited semantic accuracy when handling domain-specific security terminology, as well as deployment inefficiencies that hinder their practical adoption in critical infrastructure environments. To address these issues, this paper proposes KD-SecBERT, a domain-specific semantic bidirectional encoder optimized through multi-level knowledge distillation for open-source software supply chain security in smart grid applications. The proposed framework constructs a hierarchical multi-teacher ensemble that integrates general language understanding, cybersecurity-domain knowledge, and code semantic analysis, together with a lightweight student architecture based on depthwise separable convolutions and multi-head self-attention. In addition, a dynamic, multi-dimensional distillation strategy is introduced to jointly perform layer-wise representation alignment, ensemble knowledge fusion, and task-oriented optimization under a progressive curriculum learning scheme. Extensive experiments conducted on a multi-source dataset comprising National Vulnerability Database (NVD) and Common Vulnerabilities and Exposures (CVE) entries, security-related GitHub code, and Open Web Application Security Project (OWASP) test cases show that KD-SecBERT achieves an accuracy of 91.3%, a recall of 90.6%, and an F1-score of 89.2% on vulnerability classification tasks, indicating strong robustness in recognizing both common and low-frequency security semantics. These results demonstrate that KD-SecBERT provides an effective and practical solution for semantic analysis and software supply chain risk assessment in smart grids and other critical-infrastructure environments. Full article

The modern power grid is considered a Smart Grid (SG) when it relies extensively on technologies that integrate traditional power infrastructure with Information and Communication Technologies (ICTs). The dependence on Internet of Things (IoT)-based communication systems to operate physical power devices transforms the grid into a complex system of systems (SoS), introducing cybersecurity vulnerabilities across various SG layers. Several surveys have addressed SG cybersecurity, but none have correlated recent developments with the NIST seven-domain framework, a comprehensive model covering all major SG domains and crucial for domain-level trend analysis. To bridge this gap, we systematically review and classify studies by impacted NIST domain, threat type, and methodology (including tools/platforms used). We note that the scope of applicability of this study is 60 studies (2011–2024) selected exclusively from IEEE Xplore. Unlike prior reviews, this work maps contributions to the NIST domain architecture, examines temporal trends in research, and synthesizes cybersecurity defenses and their limitations. The analysis reveals that research is unevenly distributed: the Operations domain accounts for ~35% of all studies, followed by Generation ~25% and Distribution ~14%, while domains like Transmission (~9%) and Service Provider (5%) are comparatively under-studied. We find a heavy reliance on simulation-based tools (~46% of studies) such as MATLAB/Simulink, and False Data Injection (FDI) attacks are predominantly studied, comprising approximately 36% of analyzed attacks. The broader objective of this work is to guide researchers and SG stakeholders (e.g., utilities, policy-makers) toward understanding and coordinating strategies for improving system-level cyber-resilience, which is crucial for future SGs, while avoiding any overstatement of findings beyond the reviewed evidence. Full article

The escalating global demand for energy-efficient and sustainable built environments has catalyzed the advancement of Building Energy Management Systems (BEMSs), particularly through their integration with cutting-edge technologies. This review presents a comprehensive and critical synthesis of the convergence between BEMSs and enabling tools such as the Internet of Things (IoT), wireless sensor networks (WSNs), and artificial intelligence (AI)-based decision-making architectures. Drawing upon 89 peer-reviewed publications spanning from 2019 to 2025, the study systematically categorizes recent developments in HVAC optimization, occupancy-driven lighting control, predictive maintenance, and fault detection systems. It further investigates the role of communication protocols (e.g., ZigBee, LoRaWAN), machine learning-based energy forecasting, and multi-agent control mechanisms within residential, commercial, and institutional building contexts. Findings across multiple case studies indicate that hybrid AI–IoT systems have achieved energy efficiency improvements ranging from 20% to 40%, depending on building typology and control granularity. Nevertheless, the widespread adoption of such intelligent BEMSs is hindered by critical challenges, including data security vulnerabilities, lack of standardized interoperability frameworks, and the complexity of integrating heterogeneous legacy infrastructure. Additionally, there remain pronounced gaps in the literature related to real-time adaptive control strategies, trust-aware federated learning, and seamless interoperability with smart grid platforms. By offering a rigorous and forward-looking review of current technologies and implementation barriers, this paper aims to serve as a strategic roadmap for researchers, system designers, and policymakers seeking to deploy the next generation of intelligent, sustainable, and scalable building energy management solutions. Full article

The increasing complexity and vulnerability of urban power grids necessitate advanced monitoring systems to ensure operational reliability and resilience. The optimal placement of sensors is a critical yet challenging task that directly impacts the effectiveness and cost of such systems. This study addresses the need for a sensor deployment strategy that not only maximizes coverage but also guarantees monitoring redundancy for critical assets. We propose a novel optimization framework based on the Backup Coverage Sensor Location Problem (BCSLP). First, a multi-dimensional risk assessment, integrating infrastructure proximity and population density, was conducted using the Entropy Weight Method (EWM) to objectively determine the monitoring priority for each power tower in Guangzhou, China. Subsequently, the BCSLP model was formulated to optimize the trade-off between primary coverage (breadth) and backup coverage (resilience). The model was solved using both the Gurobi exact solver for a representative district and a bespoke improved Genetic Algorithm (GA) to ensure scalability. The case study in Guangzhou’s Haizhu District revealed that extreme strategies focusing solely on either breadth or resilience were suboptimal. We adopt a balanced, resilience-biased strategy $(\mathsf{\omega }=0.4)$ that supports robust monitoring of critical towers while maintaining broad network coverage. The proposed risk-informed BCSLP framework provides a scientifically robust and scalable tool for designing resilient sensor networks for power grids, offering valuable decision support for enhancing urban infrastructure security in smart cities. Full article