2. Home
  3. ARCHIVE
  4. 2026
  5. VOL 48, NO 3 (2026)
  6. pp. 44-52

Datasets for Training and Analyzing Cyber-Defense Systems for Digital Substations Based on Artificial Intelligence Methods

S.Ya. Hilgurt, A.V. Kovylin

Èlektron. model. 2026, 48(3):44-52

ABSTRACT

A review and comparative analysis of open-source datasets for cyber-defense tasks in digital electrical substations based on artificial intelligence methods are presented in the paper. Open-access articles and thematic repositories containing real network traffic files, labeled scenarios, or other data suitable for use in machine learning tasks were analyzed. A comparative analysis of the sources was performed based on publication type, protocols covered, data presentation format, information openness, and overall suitability for further AI applications. It is shown that datasets focused on the Generic Object Oriented Substation Events (GOOSE) protocol are most frequently available in open access, while multi-protocol and Sampled Values (SV)-oriented resources are less common. It is concluded that for modern AI research in the field of cybersecurity for digital electrical substations, the most useful sources are open-access resources that combine the availability of real-world files, a comprehensive description of the data structure, and a direct focus on such substations.

Full text: PDF

KEYWORDS

digital electrical substation, cyber security, intrusion detection system, artificial intelligence, dataset, dataset publication.

REFERENCES

  1. Hilhgrt, S.Ya. (2018). Analysis of the use of hardware acceleration of information protection in automated systems of the energy industry. Modeling and information technologies. Collection of scientific works of the G.E. Pukhov IPME of the NAS of Ukraine, (83), 154—164.  http://nbuv.gov.ua/j-pdf/Mtit_2018_83_21.pdf
  2. Ashraf, S., Shawon, M.H., Khalid, H.M., & Muyeen, S.M. (2021). Denial-of-Service attack on IEC 61850-based substation automation system: A crucial cyber threat towards smart substation pathways. Sensors, 21(19), 6415.  https://doi.org/10.3390/s21196415
  3. Reda, H.T., Ray, B., Peidaee, P., Anwar, A., Mahmood, A., Kalam, A., & Islam, N. (2021). Vulnerability and impact analysis of the IEC 61850 GOOSE protocol in the smart grid. Sensors, 21(4), 1554.  https://doi.org/10.3390/s21041554
  4. Hilhgrt, S.Ya. (2024). Review of the possibilities of using artificial intelligence technologies for cyber protection of digital substations. Proceedings of the scientific-practical conference. NAS of Ukraine, Kyiv (с. 31—36). PIMEE of the NAS of Ukraine.  https://ipme.kiev.ua/wp-content/uploads/2024/06/Матеріали-КБЕ-2024.pdf
  5. Quincozes, S.E., Albuquerque, C., Passos, D., & Mossé, D. (2021). A survey on intrusion detection and prevention systems in digital substations. Computer Networks, 184, 107679.  https://doi.org/10.1016/j.comnet.2020.107679
  6. Lahza, H., Radke, K., & Foo, E. (2018). Applying domain-specific knowledge to construct features for detecting distributed denial-of-service attacks on the GOOSE and MMS protocols. International Journal of Critical Infrastructure Protection, 20, 48—67.  https://doi.org/10.1016/j.ijcip.2017.12.002
  7. Mlot, E.D.G., Saldana, J., Rodríguez, R.J., Kotsiuba, I., & Gañan, C.H. (2024). A dataset to train intrusion detection systems based on machine learning models for electrical substations. Data in Brief, 111153.  https://doi.org/10.1016/j.dib.2024.111153
  8. Damian, G.M.E., Jose, S., J.R.R., Igor, K., & Carlos, H.G. (2024, 26 квітня). Dataset to train intrusion detection systems based on machine learning models for electrical substations. Zenodo.  https://zenodo.org/records/15487636
  9. PowerDuck: A GOOSE data set of cyberattacks in substations. (б. д.). arXiv.org.  ttps://arxiv.org/abs/2207.04716
  10. Zemanek, S., Hacker, I., Wolsing, K., Wagner, E., Henze, M., & Serror, M. (2022, 8 липня). PowerDuck: A GOOSE data set of cyberattacks in substations. Zenodo.  https://zenodo.org/ records/6974112
  11. Tobar-Rosero, O.A., Roa-Romero, O.A., Rueda-Carvajal, G.D., Leal-Piedrahita, A., Botero-Vega, J.F., Gutierrez-Betancur, S.A., Branch-Bedoya, J.W., & Zapata-Madrigal, G.D. (2024). GOOSE secure: A comprehensive dataset for in-depth analysis of GOOSE spoofing attacks in digital substations. Energies, 17(23), 6098.  https://doi.org/10.3390/en17236098
  12. GitHub — CSCRC-SCREED/QUT-ZSS-2023-GOOSE: The datasets contain a wide variety of network and physical behaviours of an iec-61850-compliant zone substation. the datasets are compatible with actual substation network traffic, including benign GOOSE packets, MALICIOUS GOOSE packets, and benign SV packets. the datasets consist of two versions, including raw datasets and labelled datasets. GitHub.  https://github.com/CSCRC-SCREED/QUT-ZSS-2023-GOOSE
  13. GitHub — CSCRC-SCREED/QUT-ZSS-2023-SV: The datasets contain a wide variety of network and physical behaviours of an iec-61850-compliant zone substation. the datasets are compatible with actual substation network traffic, including benign GOOSE packets, benign SV packets, and MALICIOUS SV packets. the datasets consist of two versions, including raw datasets and labelled datasets. (б. д.). GitHub.  https://github.com/CSCRC-SCREED/QUT-ZSS-2023-SV
  14. GitHub — smartgridadsc/IEC61850SecurityDataset. GitHub.  https://github.com/smartgridadsc/IEC61850SecurityDataset

Received 22.04.26