Power utilities are adopting Automated Demand Response (ADR) to replace the costly fuel-fired generators and to preempt congestion during peak electricity demand. Similarly, third-party Demand Response (DR) aggregators are leveraging controllable small-scale electrical loads to provide on-demand grid support services to the utilities. Some aggregators and utilities have started employing Artificial Intelligence (AI) to learn the energy usage patterns of electricity consumers and use this knowledge to design optimal DR incentives. Such AI frameworks use open communication channels between the utility/aggregator and the DR customers, which are vulnerable to \textit{causative} data integrity cyberattacks. This paper explores vulnerabilities of AI-based DR learning and designs a data-driven attack strategy informed by DR data collected from the New York University (NYU) campus buildings. The case study demonstrates the feasibility and effects of maliciously tampering with (i) real-time DR incentives, (ii) DR event data sent to DR customers, and (iii) responses of DR customers to the DR incentives.

翻译：电力公用事业公司正在采用自动需求响应（ADR）来替代成本高昂的燃油发电机组，并预防高峰用电期间的网络拥堵。同样，第三方需求响应（DR）聚合商正利用可控的小规模电力负载，为公用事业公司提供按需电网支持服务。部分聚合商和公用事业公司已开始运用人工智能（AI）学习电力消费者的能源使用模式，并利用这些知识设计最优DR激励方案。此类AI框架使用公用事业公司/聚合商与DR客户之间的开放通信信道，这些信道易受因果性数据完整性网络攻击。本文探讨了基于AI的DR学习中的脆弱性，并利用从纽约大学（NYU）校园建筑收集的DR数据，设计了一种数据驱动的攻击策略。案例研究证明了恶意篡改以下内容的可行性与影响：（i）实时DR激励，（ii）发送给DR客户的DR事件数据，以及（iii）DR客户对DR激励的响应。