Cyber-secure Framework for Power Grids Based on Federated Learning

— Cyber security is important of power grids to ensure secure and reliable power supply. This paper presented a cyber-secure framework for power grids based on federated learning. In this framework, each entity, which may be a distribution/transmission/generation service provider or even a customer, can contribute to the overall system immunity and robustness to cyber-attacks, while not required to share local data, which may have privacy, legal and property concerns. The main idea is to use the federated learning framework to share the knowledge learned from local data instead of sharing power grid data itself. With complete knowledge learned from all data from the power grid, each entity is better positioned to defend the cyber-attacks and improve power grid resiliency. Future work on applying this federated learning based framework in power systems is also discussed.


I. INTRODUCTION
Power grid reliability and security is important for societies.The increase of renewable generation, such as wind and solar, and other resources including energy storage and controllable load, are changing how power grids are being operated.The development of advanced measurement and control systems has significantly improved power system reliability, resiliency, and efficiency.As more information is integrated into the cyber network of power systems, cyber security in power grids is becoming more important.
Existing cyber security technologies are mainly based on encryption or dedicate and physically-isolated communication networks [1].However, these techniques are either expensive on investment or vulnerable in practice due to recent development of de-encryption computation technologies such as quantum computing.
Recent studies have found that leveraging large amounts of data and data-driven technologies can help improve the safety and performance of many cyber-physical systems [2].The power industry is increasingly looking at how to use data-driven or machine learning technologies to defend cyber-attacks.However, due to the data privacy and proprietary consideration, one obvious hurdle of data-driven cyber-attack defense is the lack of data availability of the whole system [3].Some progress has been made to improve the data sharing using some desensitization technologies, such as differential privacy [4], fog computing [5], and data aggregation [6] etc.These improvement has improved the data privacy issue to some extent.
Focusing on power grid cyber security, this paper studied the cyber-attack defense technology based on federated learning.A cyber-secure framework for power grids based on federated learning is proposed.Different parts of the framework and its working principle are described.Future work on using this framework in actual systems is also discussed.

A. Background
Power System Cyber Security: To provide reliable and economic power supply, power grids heavily rely on various IT systems, such as communication systems, distributed, and centralized computational and control systems.This dependency becomes a concern as they may easily become targets for malicious attacks on power grids.For example, Ukrainian experienced a power grid cyber-attack in 2015, which resulted in 73 MWh of electricity not supplied [7].Federated Learning: Federated learning is a type of extension of the distributed machine learning technology.Compared with common distributed machine learning, federated learning has the advantage of taking advantage of wide-area multi-entity information while preserving data property and privacy.In addition, it has the following characteristics: the local data can be heterogeneous; the local computation node is more flexible in execution; and the communication burden is further reduced by using more local computation resources [8].

Motivation:
The capability of each entity to defend cyber security is limited because of the limited observability of the whole system.A robust defense of cyber security increasingly A Cyber-secure Framework for Power Grids Based on Federated Learning Shutang You University of Tennessee, Knoxville, TN, USA Email: syou3@utk.edurelies on data and knowledge sharing between different entities.In order to preserve the private and proprietary data locally while helping each entity better defend cyber-attacks, federated learning is leveraged to provide a secure cyber network for power grids.In this framework, each entity in power grids can help other entities better defend cyber-attacks in power grids without sharing proprietary data.Instead, they share securityrelevant knowledge learned from data.

B. Framework and Working Principles
Overall Framework: The framework of the secure network architecture is shown in Figure 1.Each entity communicate with the central server (or other entities in an alternative configuration without a centralized server) through a network that shares machine learning models and parameters.In this framework, each entity can choose to upload the latest machine learning model parameters that are trained based on local data.It can also request latest machine learning models that is updated based on all available segmental updates from each entity.The learnt model includes knowledge from other entities and therefore can be used to improve the cyber-attack detection capability.The role of each elements in this framework is further explained as follows.
Node: A node is an entity that manages its own data and has some computation resources.Typical nodes in this framework are ISOs, RCs, power plant control centers, and distribution system operation centers, Nodes can also be customer smart phones or smart home control centers that collect smart meter data from household devices.The computation and communication capabilities of nodes can vary in a wide range.
Each node (entity) has its freedom to update its own machine learning parameters based on local data, and then upload the parameters of the trained machine learning model.It can also Local Model Update: Each node has its own data repository.For example, data collected in distribution system nodes include distribution SCADA, PMU, smart meter and DFR data, etc. Transmission nodes have PMU, SCADA, smart sensors, DFRs, weather, fire, and alarm data, etc.Power plant nodes have SCADA data of power generation units, associated control systems and PMU data installed at the system integration point.As they are from different types of nodes, these data are usually heterogeneous and have different distributions.

Coordination between Multiple Nodes:
The machine learning parameter updates calculated by local nodes are sent to a central processor (or adjacent nodes in its decentralized version) to update iteratively the overall machine learning model for cyber attack defense.
Learnt Model for Cyber Attack Detection: After receiving the updated machine learning model that contains consensus knowledge of all available nodes in the federated learning framework, each node can perform cyber attack detection

Foundation
and the Department of Energy under NSF Award Number EEC-1041877 and the CURENT Industry Partnership Program.
manage its local resource independently based on its hardware and software configuration and usage needs.Since the trained machine learning model parameters do not contain sensitive data, they are much safer to share with other entities.Data features are removed during feature extraction and selection, and key information are masked by machine learning models.Communication Network: The communication network that connects nodes can transmit the local model updates and the learnt model from time to time based on needs of each nodes.The communication requirement is much smaller compared with sharing real-time data itself throughout the network, which is becoming more challenging with the increasing number of sensors in power systems.Therefore, the communication can be based on lower-speed, narrower-band communication networks.

Figure 1 .
Figure 1.The secure cyber framework for power grids based on federated learning This work made use of Engineering Research Center shared facilities supported by the Engineering Research Center Program of the National Science