Vulnerability of data-driven transient stability prediction to cyber-physical attacks: A forensic XAI approach

Wide-Area Measurement Systems (WAMS) enable real-time Transient Stability Prediction (TSP), but cyberattacks can bias data-driven decision pipelines and produce safety-critical false negatives. This paper presents a forensic Verification and Validation (V&V) framework for assessing TSP model reliability under False Data Injection Attack (FDIA) scenarios. We evaluate 18 machine learning architectures (13 primary representatives and 5 auxiliary variants), including tree ensembles, recurrent networks, and convolutional methods, on the IEEE 39-bus and WECC 179-bus systems. The results reveal a “Top-Tier Trap”: models with strong clean-data performance can degrade substantially on large-scale interconnects, so small-system validation may overstate robustness. Under the tested uniform positive-scaling threat model, feature-magnitude-dependent models fail when high-magnitude artificial artifacts dominate feature attributions, suppress physical instability indicators, and drive false-stable predictions. In contrast, the evaluated ppv-based ROCKET architecture shows strong empirical resilience. Comparative SHAP analysis further shows that FDIA can inject “counterfeit signals of stability” that redirect vulnerable models toward false-stable decisions. These findings show that clean-data performance is an incomplete robustness proxy and that XAI-driven forensic analysis can support pre-deployment validation of autonomous TSP.