This paper elaborates on an extensive security framework specifically designed for energy management systems (EMSs), which effectively tackles the dynamic environment of cybersecurity vulnerabilities and/or system problems (SPs), accomplished through the incorporation of novel methodologies. A comprehensive multi-point attack/error model is initially proposed to systematically identify vulnerabilities throughout the entire EMS data processing pipeline, including post state estimation (SE) stealth attacks, EMS database manipulation, and human-machine interface (HMI) display corruption according to the real-time database (RTDB) storage. This framework acknowledges the interconnected nature of modern attack vectors, which utilize various phases of supervisory control and data acquisition (SCADA) data flow. Then, generative AI (GenAI)-based anomaly detection systems (ADSs) for EMSs are proposed for the first time in the power system domain to handle the scenarios. Further, a set-of-mark generative intelligence (SoM-GI) framework, which leverages multimodal analysis by integrating visual markers with rules considering the GenAI capabilities, is suggested to overcome inherent spatial reasoning limitations. The SoM-GI methodology employs systematic visual indicators to enable accurate interpretation of segmented HMI displays and detect visual anomalies that numerical methods fail to identify. Validation on the IEEE 14-Bus system shows the framework's effectiveness across scenarios, while visual analysis identifies inconsistencies. This integrated approach combines numerical analysis with visual pattern recognition and linguistic rules to protect against cyber threats and system errors.

翻译：本文详细阐述了一种专为能量管理系统（EMS）设计的综合性安全框架，该框架通过引入新颖方法，有效应对网络安全漏洞和/或系统问题（SPs）的动态环境。首先提出了一种全面的多点攻击/错误模型，以系统识别整个EMS数据处理流程中的漏洞，包括状态估计（SE）后的隐蔽攻击、EMS数据库操纵以及基于实时数据库（RTDB）存储的人机界面（HMI）显示损坏。该框架认识到现代攻击媒介的互联特性，这些媒介利用了监控与数据采集（SCADA）数据流的各个阶段。随后，首次在电力系统领域提出了基于生成式人工智能（GenAI）的EMS异常检测系统（ADSs）以应对这些场景。进一步，提出了一种标记集生成智能（SoM-GI）框架，通过整合视觉标记与考虑GenAI能力的规则来利用多模态分析，以克服固有的空间推理限制。SoM-GI方法采用系统化的视觉指示器，以实现对分段HMI显示的准确解释，并检测数值方法无法识别的视觉异常。在IEEE 14-Bus系统上的验证表明该框架在各种场景下的有效性，同时视觉分析识别了不一致性。这种集成方法结合了数值分析、视觉模式识别和语言规则，以防范网络威胁和系统错误。