The increasing digitalization of Cyber-Physical Power Systems (CPPS) has enhanced power system operation and control but has also expanded the attack surface for cyber threats. Detection of early-stage attacks such as reconnaissance and Denial-of-Service (DoS) is critical to prevent power system-wide disruptions. Centralized Machine Learning (ML)-based techniques have been proposed for detecting cyber attacks. However, they struggle to ensure data privacy. Federated Learning (FL) can address this issue through collaborative model training without raw data sharing. Yet, FL’s performance degrades under non-Independent and Identically Distributed (non-IID) data, a common scenario in real-world CPPS environments. In this paper, we propose a cluster-based FL method using Bidirectional Long Short-Term Memory (BiLSTM) for attack detection at the early stages of the cyber kill chain. It uses unsupervised clustering of client model updates for aggregation robustness and model generalization across heterogeneous clients. By grouping clients based on similarity in model updates, our method mitigates the adverse effects of data heterogeneity while preserving data privacy. The UNSW-NB15 dataset is used for distributed training under non-IID conditions and evaluation of the proposed method. Experimental results demonstrate that our cluster-based FL method achieves over 95% detection accuracy, proving its effectiveness in distributed cyber attacks detection in power systems.

The Digital Twins (DT) have emerged as the technology that provides capabilities to simulate and analyze cyber-physical systems’ behaviors using digital replicas. This is achieved through high-fidelity digital models, bi-directional communication and (near) real-time data exchange between physical real-world systems and DTs. Despite its capabilities of facilitating real-time monitoring, optimization, and predicting system performance, effectively leveraging DT for power system applications requires integrating data from heterogeneous sources and addressing various data related aspects. These include data modeling, exchange and interoperability. One promising concept to address these aspects is that of data federation which promotes interoperability, allowing DTs to operate autonomously, yet interact seamlessly. While various studies in literature have addressed DT applications, technologies, and challenges, a comprehensive review on the data federation aspects within power systems still needs to be investigated. This research seeks to bridge this gap by providing an in-depth review of DT practices in academia and industry, functional and non-functional requirements, and enabling technologies, with emphasis on data federation. Its role in enhancing system-wide interoperability in the power system, along with associated challenges are summarized and discussed.