Attacking Learning-based Models in Smart Grids: Explainability as a Double-Edged Sword
Sánchez Collado, Gustavo
1,2
1 Institut für Automation und angewandte Informatik (IAI), Karlsruher Institut für Technologie (KIT)
2 Institut für Informationssicherheit und Verlässlichkeit (KASTEL), Karlsruher Institut für Technologie (KIT)
1,21 Institut für Automation und angewandte Informatik (IAI), Karlsruher Institut für Technologie (KIT)
2 Institut für Informationssicherheit und Verlässlichkeit (KASTEL), Karlsruher Institut für Technologie (KIT)
Abstract:
Smart grids increasingly rely on learning-based components for monitoring, control, and security-critical decision making. To address concerns regarding transparency, accountability, and regulatory compliance, eXplainable Artificial Intelligence (XAI) techniques are often integrated into these systems. However, the security implications of explainability in adversarial environments remain insufficiently understood. This dissertation investigates explainability from an attacker-centric perspective and analyzes how XAI alters the threat landscape of learning-based smart grid systems.
Adopting a proactive adversarial methodology, the thesis combines threat analysis, a review of existing attacks, and extensive empirical evaluations conducted in realistic smart grid testbeds. Across multiple use cases (including intrusion detection, power quality recognition and industrial vision pipelines) the work demonstrates that XAI can be systematically exploited to amplify adversarial attacks against integrity, availability, and confidentiality of targeted models. Explanation methods are shown to reduce attacker uncertainty, guide feature-space and problem-space perturbations, enable efficient data poisoning, and facilitate model extraction and covert data exfiltration.
... mehr
Adopting a proactive adversarial methodology, the thesis combines threat analysis, a review of existing attacks, and extensive empirical evaluations conducted in realistic smart grid testbeds. Across multiple use cases (including intrusion detection, power quality recognition and industrial vision pipelines) the work demonstrates that XAI can be systematically exploited to amplify adversarial attacks against integrity, availability, and confidentiality of targeted models. Explanation methods are shown to reduce attacker uncertainty, guide feature-space and problem-space perturbations, enable efficient data poisoning, and facilitate model extraction and covert data exfiltration.
... mehr
| Zugehörige Institution(en) am KIT | Institut für Automation und angewandte Informatik (IAI) Institut für Informationssicherheit und Verlässlichkeit (KASTEL) |
| Publikationstyp | Hochschulschrift |
| Publikationsdatum | 12.05.2026 |
| Sprache | Englisch |
| Identifikator | KITopen-ID: 1000193117 |
| HGF-Programm | 46.23.02 (POF IV, LK 01) Engineering Security for Energy Systems |
| Verlag | Karlsruher Institut für Technologie (KIT) |
| Umfang | ix, 181 S. |
| Art der Arbeit | Dissertation |
| Fakultät | Fakultät für Informatik (INFORMATIK) |
| Institut | Institut für Informationssicherheit und Verlässlichkeit (KASTEL) |
| Prüfungsdatum | 27.04.2026 |
| Schlagwörter | Artificial Intelligence, Security, Smart Grid, Explainability |
| Referent/Betreuer | Hagenmeyer, Veit Hammer, Barbara |