Federated Anomaly Detection for Hybrid DC/AC EV Systems: A Privacy-Preserving and Governance-Aligned Management Framework

Abstract

We present a federated anomaly-detection pipeline for hybrid AC/DC electric-vehicle (EV) environments that trains models on vehicles and chargers, exchanging only privacy-preserving updates. Edge models fuse electrical telemetry (e.g., DC-link voltage/current dynamics and converter temperature) with network-integrity indicators; a secure-aggregation service coordinates global updates. In a co-simulation linking MATLAB/Simulink power models with TensorFlow Federated, the proposed system reduces end-to-end detection latency by 23% and upstream bandwidth by ~25% relative to a centralized baseline, while maintaining ~83% accuracy with federated SGD-LogReg after 50–100 rounds. A centralized Random Forest achieves 98.5% accuracy but requires raw data aggregation. We bind deployment to NIST AI RMF (2023) and ISO/IEC 27001:2022 controls via a TIPS (Technology–Innovation–People–Systems) management layer, yielding a privacy-preserving, auditable, and operationally efficient approach for real-time EV cyber-physical defense.

Keywords:

Federated learning; Cyber-physical systems; Electric vehicles (EVs); DC/AC converters; Threat detection; Technology management; Hybrid distribution architecture; Edge intelligence; AI governance; TIPS framework

1. Introduction 

As EV drivetrains integrate converters, battery management, and networked control, failures can propagate across electrical and cyber layers. For example, manipulated telemetry pushing unsafe converter setpoints or masking thermal excursions. These systems integrate sensors, controllers, and networked infrastructures that enhance efficiency yet expose vehicles to cyber threats across communication and power interfaces (Liang et al., 2016; Jeong & Choi, 2022; Isozaki et al., 2015). In DC/AC-based electric vehicles (EVs), distributed control units and bidirectional converters form a vulnerable attack surface where voltage manipulation or data injection can disrupt safety-critical operations (Zhuang & Liang, 2020; Tan et al., 2018; Acharya et al., 2022). We ground the threat model in EV packaging and power-flow topology; Figure 1 situates the traction pack, converter interfaces, and distribution paths that bound the feasible attack surface. 

Figure 1: Battery location, packaging, and electric flow compartments in an electric vehicle (EV).Source: Designed by author.

(a) The underfloor-mounted traction battery pack showing labeled terminals and protective packaging.

(b) Electric flow compartments highlighting Compartment (a) for power conversion (AC/DC charging; DC/AC inverter (drivetrain)) and Compartment (b) for traction motor and energy distribution. Arrows indicate the direction of current flow between compartments.

To mitigate these risks, rather than pooling raw telemetry, clients train locally and transmit parameter deltas under secure aggregation and partial participation, limiting disclosure while retaining cross-site generalization (McMahan et al., 2017; Kairouz et al., 2021; Li et al., 2021). Its distributed nature aligns with privacy regulations and minimizes data exposure, which is critical in large-scale vehicle networks. Furthermore, the integration of edge intelligence provides near-real-time anomaly detection and low-latency responses, as emphasized in edge-computing frameworks (Satyanarayanan, 2017).

From a technology-management perspective, ensuring governance, compliance, and operational integrity requires structured frameworks such as the NIST AI Risk Management Framework (2023) and ISO/IEC 27001:2022 standards for information security. These tools support the organizational alignment of federated learning deployment, cybersecurity, and innovation strategies in hybrid distribution architectures.

To effectively achieve the objective of this research leveraging Federated Learning to detect and prevent cybersecurity threats in electric vehicle (EV) charging and operational systems, safety was considered a critical design component. Although an EV may appear to operate smoothly, anomalies displayed on the dashboard can reveal underlying malfunctions within the interconnected electrical and communication networks. Issues such as stalling, delayed acceleration, and sudden power cutoffs pose serious risks to road safety and can potentially lead to multi-vehicle accidents and fatalities (Biron et al., 2018; Liu et al., 2017; Dey et al., 2017). Such incidents are often attributed to human error, particularly when pre-operation inspection procedures are neglected by the EV operator.

As illustrated in Fig. 2, We map four driver-visible states to detector outputs: (i) nominal, (ii) anomalous telemetry/network exchange, (iii) low-SoC safety envelope, and (iv) terminal fault consistent with converter or firmware integrity violations. These states are driven by edge classifiers tied to thresholds in §3 and equations (5)–(10)

Figure 2: Federated Learning–assisted electric vehicle (EV) dashboard indicators under varying operational and cybersecurity conditions. Source: Designed by author.

(i) Normal operation: All parameters stable, with battery and network systems functioning correctly.

(ii) Abnormal operation: Detected anomalies due to unstable network or irregular data exchange across federated learning nodes.

(iii) Battery low: Voltage below safety threshold; system recommends immediate charging or controlled deceleration.

(iv) Terminal fault: Severe cyber-physical anomaly (e.g., converter overload, tampered firmware, or communication loss) requiring emergency shutdown.

As demonstrated in Figure 3, the four dashboard indicators shown in Figure 2 are directly mapped to the Federated Learning detection pipeline, where sensor data from multiple electric vehicle (EV) subsystems are collected and processed through local edge models (Abumohsen et al., 2024; Bakare et al., 2024). Each EV operates as a node within the federated network, performing localized training on parameters such as voltage, current, converter temperature, and communication integrity. The locally trained transfer learning models(Almadhor  et al., 2025) are periodically aggregated into a global model that enhances anomaly detection accuracy across the distributed fleet.

When the local anomaly detector identifies deviations from normal operating thresholds such as voltage fluctuations, signal delays, or malicious packet injections the system triggers corresponding dashboard alerts representing normal, abnormal, battery low, or terminal fault states (Khaleghi et al., 2023). This structure enables real-time cybersecurity threat mitigation without centralized data sharing, preserving user privacy while ensuring high detection precision. Through this multi-tier architecture, Federated Learning acts as both a diagnostic and preventive mechanism, reinforcing cyber-physical resilience within hybrid charging and operational systems for power and energy sustainability(Hossen et al., 2025;  Saleem, M., et al. (2025). 

Figure 3(a): Federated Learning detection pipeline with corresponding dashboard indicators. Source: Designed by author. Source: Designed by author.

Pre-Federated Learning Data Sharing via Blockchain Technology: Benefits and Risk Exposure Architecture in DC/AC Cyber-Physical Systems

In modern AC/DC charging and DC/AC inverter (drivetrain)-cyber-physical infrastructures such as distributed hybrid EV charging systems, smart grids, autonomous vehicles, and industrial IoT networks the integrity, privacy, and resilience of data exchange are critical to maintaining stable and secure system operations. 

Before any training round, we verify provenance and policy conformance for model contributions using a lightweight ledger. Each update is signed, timestamped, and checked against participation rules; only validated updates advance to aggregation. This preserves data locality while providing verifiable lineage for audits and incident reviews.

Blockchain’s decentralized ledger provides tamper-proof traceability, ensuring that every transaction whether energy flow data from DC subsystems or alternating current (AC) state measurements is verifiable and immutable. Within this architecture, local edge devices (e.g., smart meters, UAV nodes, or grid controllers) retain raw data while sharing only encrypted model updates or gradients across blockchain-secured communication layers. This design upholds the principles of data sovereignty and privacy by design( Chen, L., et al. (2025). Privacy-preserving federated frameworks applied in EV charging demand forecasting are required under cybersecurity and data protection standards such as ISO/IEC 27001:2022 and the NIST AI Risk Management Framework (2023).

From a federated learning perspective, blockchain enables decentralized coordination without centralized intermediaries, eliminating single points of failure and enabling distributed trust among heterogeneous DC/AC network nodes. The ledger records the provenance and quality of each contribution to the federated model, thus enhancing accountability, transparency, and system auditability across the energy-cyber ecosystem.

Benefits

Enhanced Trust and Traceability – Immutable blockchain records ensure that energy data and model updates are verifiable and traceable to their source nodes.

Privacy Preservation – Raw measurements (voltage, current, power factor, etc.) remain local, with only gradient or parameter exchanges occurring via secure consensus.

Resilience Against Attacks – The combination of encryption, hash validation, and distributed consensus prevents tampering, data poisoning, or unauthorized model manipulation.

Regulatory Compliance – Blockchain’s verifiable audit trail supports compliance with energy data governance and cybersecurity laws in BRICS jurisdictions.

Risk Exposure and Limitations

Consensus and signature checks add compute and delay; poorly governed smart-contract hooks or weak node attestation can re-open the attack surface. We bound this overhead by limiting on-chain content to update metadata, not payloads. Smart contract vulnerabilities and malicious node injections may expose entry points for cyber-physical exploitation (Gümrükcü & Yalta, A. (2024) if governance policies and node authentication are poorly enforced. Balancing energy efficiency and security overhead remains a design challenge, as excessive cryptographic computation may increase DC/AC system losses and impact real-time responsiveness. Hossain et al. (2025) recommend an edge-cloud-based infrastructure with a federated learning and EV charging infrastructure design system to draw boundaries between the nodes in the interconnected architecture.

Application Context

A representative analogy can be drawn from Bitcoin’s proof-of-work mechanism, which demonstrates distributed validation without central authority. Similarly, in the proposed Blockchain-Federated DC/AC Cyber-Physical Architecture, blockchain consensus serves as the verification layer for secure data exchange among distributed energy assets before federated learning updates are aggregated. This hybrid configuration supports trustworthy decentralized intelligence, bridging the physical (DC/AC energy flows) and digital (AI-governed learning) layers of next-generation cyber-physical infrastructures. Li, L., et al. (2024) support the combination of federated learning with blockchain with EV operational data for demand prediction. This endorsement is in line with our current design methods of leveraging Federated learning algorithms with other ensemble supervised and unsupervised machine learning models such as SVM, random forest for detection and management of threats in hybrid EV distribution systems. 

Figure 3(b): Blockchain-enabled pre-federated data sharing in DC/AC cyber-physical systems.

This architecture illustrates how direct current (DC), alternating current (AC), and hybrid DC/AC field devices transmit encrypted energy data through blockchain nodes for validation before participating in federated learning. The blockchain layer ensures immutability, traceability, and cryptographic security, while the federated learning aggregator receives verified model updates to support decentralized intelligence, privacy preservation, and resilience in energy-aware cyber-physical infrastructures.

The EV Charging Environment and Attacker Behavior: Risk Analysis

Modern electric vehicle (EV) charging environments operate as tightly coupled cyber-physical ecosystems, integrating power electronics, communication networks, and control systems to ensure safe and efficient energy transfer. However, this interconnected infrastructure also expands the attack surface, exposing both vehicles and charging stations to cyber threats that can compromise functionality and safety.

Figure 3(c): Electric Vehicle (EV) charging station for full or top-up electricity replenishment. Source: Image captured by author with permission (2025). Author-owned photograph taken at Walmart Super center-Denton, used with permission from AMK ResearchLab, dated November 4, 2025. Permission available upon request.

This image illustrates a public fast-charging infrastructure equipped with dual charging ports, representative of modern EV service networks facilitating rapid DC energy transfer for extended vehicle range.

Risks Associated with Data Injection Attacks

When adversaries inject falsified or manipulated data such as voltage, current, or state-of-charge (SoC) readings into the communication channels of the charging ecosystem, multiple cascading risks emerge. These include Denial-of-Charge (DoC) scenarios in which legitimate vehicles are unable to initiate or complete charging sessions. Interconnected vehicles within a shared charging environment are particularly vulnerable, as manipulated data may propagate across the network, amplifying the attack’s reach and complexity.

In many cases such malicious activity escalates rapidly, resulting in overcharging, converter malfunction, network interruptions, and communication errors among interacting EVs and the charging management system. These disruptions not only degrade system performance but also pose safety hazards, including thermal overloads and power instability within the hybrid DC/AC grid.

Figure 4: Attacker model and behavioural sequence in an EV-charging ecosystem.

A staged adversary lifecycle typically progresses from (1) Reconnaissance (scanning for open ports, exposed APIs, outdated firmware or misconfigured telematics), to (2) Intrusion (credential compromise, supply-chain or update-time exploits that grant unauthorized access), to (3) Manipulation (injection or alteration of telemetry and control packets to produce erroneous control responses or unsafe charging profiles), to (4) Propagation (lateral movement across shared networks to neighboring vehicles, charging stations or backend services), and finally (5) Impact (service denial, unsafe charging behaviour, accelerated battery degradation and large-scale operational disruption).

This sequence is intended as an analytic framework for mapping adversary goals to observable indicators and for identifying layered detection, containment and mitigation points across device, network and cloud layers (e.g., firmware integrity checks, strong authentication, network segmentation, anomaly detection, and secure update mechanisms).

Figure 4(a–c): Federated Learning–Blockchain-Integrated Cyber-Physical Threat and Defense Framework for Electric Vehicle (EV) Charging Environments.

(a) The EV Charging Environment and Attacker Behavior: This panel illustrates a cyberattack scenario in which a malicious actor injects falsified data into the communication network of an EV charging station. Arrows depict the data flow between the EV, charging unit, and the charging management system. The consequences include overcharging, converter malfunction, denial of charge (DoC), and network interruptions among interconnected vehicles. The diagram emphasizes the vulnerability and interdependence of cyber and physical layers in EV infrastructures.

(b) Enhanced Federated Learning–Blockchain Defense in EV Cyber-Physical Architecture: This panel presents a multi-layer defense framework integrating federated learning and blockchain validation. The attacker’s data injection is intercepted by federated learning detection nodes that collaboratively identify anomalies, while secure aggregation prevents model poisoning. The blockchain validation layer ensures immutability and traceability of all data exchanges, preventing propagation of falsified information to the physical layer. This architecture mitigates critical risks such as DoC, converter malfunction, and network interruptions, enhancing system trust, privacy, and resilience.

(c) Federated Learning Decision Flow and Blockchain Ledger Synchronization: This panel illustrates the internal decision-making workflow connecting federated learning updates to blockchain-based validation. Local edge nodes (EVs or charging subsystems) perform model training on local data, and updates are transmitted to a secure aggregation server. The distributed ledger verifies these updates through consensus before appending them to the blockchain ledger, ensuring verifiable and tamper-proof synchronization. This process maintains continuous trust, transparency, and adaptive learning within the EV charging network.

Figure 5(a–c): Comparative Voltage Current Behaviors and Conversion Interface for DC and AC Charging Systems.

(a) Direct Current (DC) Behavior under Static and Charging Conditions.

This panel illustrates voltage and current dynamics for both a multi-pack battery (three or more cells) and a single-cell configuration. In the static condition, voltage remains constant and current equals zero. During charging, voltage rises gradually in the constant-current (CC) phase before stabilizing in the constant-voltage (CV) phase. The current remains steady initially and then decays exponentially during CV. The multi-pack exhibits higher voltage amplitude and charge capacity than the single-cell battery, reflecting its extended energy storage potential.

(b) Alternating Current (AC) Behavior under Static and Rectified Charging Conditions.

This panel presents sinusoidal voltage and current waveforms during static AC operation, where both parameters alternate between positive and negative cycles. The shaded section indicates rectified AC, representing the transition from bidirectional sinusoidal flow to pulsating DC after rectification. The comparison highlights how AC sources are transformed into stable DC profiles for electric vehicle (EV) battery charging, emphasizing the electrical polarity and current phase relationship essential for AC-to-DC conversion.

(c) Rectifier-to-DC Converter and Battery Interface.

This schematic depicts the conversion pathway from an AC input to regulated DC output for EV battery systems. The AC signal passes through a bridge rectifier, converting it to pulsating DC, followed by a DC–DC converter incorporating an inductor–capacitor (LC) filter to smooth voltage ripples (rectifier → bridge rectifier → DC–DC converter → battery). The regulated DC output then charges the battery pack, ensuring stability, efficiency, and protection against transient current surges. This stage forms the critical interface bridging AC grid power with DC-based energy storage in hybrid and smart EV infrastructures.

Paper Organization and Structure

The remainder of this paper is organized into eight interconnected sections designed to provide conceptual clarity, methodological transparency, and managerial coherence.

Section 1 introduces the research context, providing the abstract and related work that frame the motivation and originality of this study. It outlines how federated learning (FL) contributes to cyber-physical threat detection within DC/AC-based electric vehicle (EV) systems and summarizes key findings in relation to prior literature.

Section 2 presents the literature review, which critically examines prior studies on cyber-physical system (CPS) vulnerabilities, electric vehicle cybersecurity, and federated learning-based anomaly detection. The section also integrates relevant governance frameworks, including the NIST Artificial Intelligence Risk Management Framework (2023) and ISO/IEC 27001:2022, to establish a balanced technical and policy foundation for the proposed model.

Section 3 details the materials and methods used in this research. It explains the FL architecture, simulation environment, and tools such as MATLAB/Simulink and TensorFlow Federated. This section also specifies data sources, pre-processing techniques, and performance metrics including accuracy, latency, and resilience used to validate the hybrid DC/AC security framework.

Section 4 presents the data analysis, charts, and metrics derived from the FL experiments. It includes comparative visualizations of centralized versus decentralized models, depicting improvements in communication efficiency and detection precision. Quantitative insights are supported by tables and graphical analyses that demonstrate the framework’s computational advantages.

Section 5 discusses the results and interpretation, emphasizing how FL enhances cyber-physical resilience in EV systems. The section interprets results such as a 94.7% detection accuracy and a 23% reduction in latency, highlighting the dual advantage of privacy preservation and operational efficiency within hybrid charging infrastructures.

Section 6 provides the discussion and conclusion, linking empirical results to broader theoretical and managerial implications. It situates the findings within the context of AI-driven system governance, emphasizing that effective cybersecurity requires a socio-technical balance between automation, compliance, and human oversight.

Section 7 outlines recommendations and future directions. It proposes enhancements through edge-based reinforcement learning, adaptive consensus mechanisms, and interoperability between EV ecosystems and smart grids. The section concludes with strategic guidance for integrating federated learning within organizational and regulatory frameworks.

Finally, Section 8 presents the references and supplementary information. This section compiles all scholarly sources, datasets, and additional materials that support the reproducibility and transparency of the research. Supplementary appendices include extended data tables, algorithmic pseudocode, and parameter configurations for future replication and benchmarking.

Overall, the paper follows a coherent and cumulative structure that connects technical innovation with strategic management considerations, ensuring both scientific rigor and practical relevance in the evolving domain of federated AI-enabled cyber-physical security for electric vehicles.

Figure 6: Paper Organization and Structure 

2. Literature Review and Related Work 

Cyber-physical threat surface in EV DC/AC ecosystems

Contemporary EVs integrate power-electronics stages (AC/DC, DC/AC), battery-management sensing, and networked control, creating multi-layered attack surfaces. Documented vectors include false-data injection, firmware tampering, and protocol abuse across charging backends and V2G links. Foundational studies catalogue FDIA modalities and grid-level impacts (Liang et al., 2017), while EV/charger data misuse has been shown to degrade availability in practice (Jeong & Choi, 2022).

On the DC side, adversarial perturbations of state-of-charge estimation threaten distribution-network stability (Zhuang & Liang, 2021).  According to the Review article: Cyber–physical security in EV charging infrastructure (2025), vulnerabilities in EV charging networks span both cyber and physical domains. Therefore, this requires immediate threats monitoring, detection, prevention and strategic countermeasures limiting attack surfaces as more Internet of Charging Electric Vehicles (IoC-EVs) are integrated into the system.

Federated learning for privacy-preserving edge anomaly detection

Federated learning (FL) enables collaborative training without centralizing raw telemetry. FedAvg introduced communication-efficient aggregation under non-IID data (McMahan et al., 2017); subsequent systems work detailed production-scale orchestration and secure aggregation (Bonawitz et al., 2019). Recent Survey of emerging threats in EV charging CPS architectures by Mitikiri (2025), and in other studies consolidate advances on heterogeneity, partial participation, robustness, and compression (Kairouz et al., 2021; Li et al., 2021). In edge CPS, FL aligns with bandwidth and compute limits (Xia et al., 2021) with benefits from edge offload patterns that reduce end-to-end latency (Satyanarayanan, 2017). One important area of threat origin is the EVs charging station, and cyber-attack detection in this identified environment should not be ignored (Tanyıldız et Al., 2025). 

EV-domain datasets, attacks, and FL applications

Recent EV-centric studies provide attack taxonomies and IDS baselines for charging infrastructure (Jeong & Choi, 2022; Tanyıldız et al., 2025) and document OCPP-layer vulnerabilities pertinent to FDIA/model-poisoning testbeds (Hamdare & Al-Smadi, 2025). FL has been explored for capacity-degradation prediction (Chen et al., 2025) and distributed charging-occupancy forecasting (Hallak et al., 2025).

Communication efficiency, robustness, and constrained CPS

FL’s practicality hinges on communication cost and resilience to skewed client distributions. FedAvg and system-level variants curb uplink overhead (McMahan et al., 2017; Bonawitz et al., 2019), while surveys highlight compression, client subsampling, and robust aggregation (Kairouz et al., 2021; Li et al., 2021). For constrained CPS, designs must balance compute budgets, bandwidth ceilings, and safety deadlines (Xia et al., 2021; Satyanarayanan, 2017).

Security governance, compliance, and management frameworks

Safety-critical mobility demands governance beyond algorithms. The NIST AI RMF prescribes risk identification, measurement, and governance practices, with a generative-AI profile for emerging risks (NIST, 2023; NIST, 2024). ISO/IEC 27001:2022 operationalizes ISMS controls (access, cryptography, audit logging) across the FL lifecycle. Hamdare & Al-Smadi (2025) emphasize protocol-level security (Open Charge Point Protocol) in EV charging ecosystems ensuring traceability, monitoring and secure security within the charging system. 

Toward trustworthy FL pipelines for EV DC/AC hybrids

Integrative work argues for end-to-end security in CPS-grade FL, including update-integrity protections and topology-aware deployment (War et al., 2025). Coupling IDS baselines (Jeong & Choi, 2022; Tanyıldız et al., 2025) with FL systems research suggests a pathway to privacy-preserving, fleet-wide learning.

Representative citations: War et al., 2025; Jeong & Choi, 2022; Tanyıldız et al., 2025.

Gap: Missing is a unified, technology-management framework that

(i) marries DC/AC converter safety envelopes with FL anomaly inference, (ii) demonstrates end-to-end latency and bandwidth gains on hybrid EV/charging topologies, an

(iii) aligns with AI governance (NIST) and certification (ISO/IEC 27001).

Positioning and contribution

Building on FL fundamentals (McMahan et al., 2017; Bonawitz et al., 2019) and EV security evidence (Jeong & Choi, 2022; Tanyıldız et al., 2025), this study operationalizes an edge-centric, privacy-preserving intrusion detection system(IDS) for hybrid DC/AC EV systems that fuses converter-aware telemetry with communications-health indicators;

quantifies latency and bandwidth improvements, consistent with edge-FL theory (Satyanarayanan, 2017; Xia et al., 2021); and embeds deployment within TIPS-aligned governance and NIST/ISO controls to connect technical assurance with organizational accountability (NIST, 2023; ISO/IEC, 2022). Collectively, this closes a documented gap by delivering an integrated technology-management framework for trustworthy FL in real-time EV cyber-physical operations.

3. Materials and Methods

The proposed architecture integrates Federated Deep Neural Networks (FDNNs) deployed across edge nodes, vehicle control units, and charging stations, all connected to centralized model-aggregation servers. The experimental environment was implemented using TensorFlow Federated (TFF) for distributed orchestration and validated through MATLAB/Simulink simulations modeling AC/DC powertrain dynamics. Such hybrid co-simulation settings have proven effective for evaluating cybersecurity in electric-mobility systems (Tanyıldız et al., 2025).

Power-stage behavior including AC→DC rectification, DC-link voltage regulation, and DC→AC inversion was simulated in MATLAB/Simulink with an electrical sampling rate of 1–5 kHz. Detector-relevant features were subsequently downsampled to 50–100 Hz for efficient model training. Synthetic Controller Area Network (CAN) and In-Vehicle Network (IVN) traces, as well as Adaptive Charging Network (ACN)-style datasets, were synchronized using wall-clock timestamps and annotated via rule-based anomaly injection. Injected anomalies included voltage drift, timing jitter, packet loss, and False-Data-Injection Attacks (FDIA) as defined in equations (8–9). Within TFF, SGD-based Logistic Regression served as the baseline federated model, configured with 10–30 % client participation per round under secure aggregation protocols to ensure privacy and resilience.

Each edge node executed localized anomaly detection using CNN–LSTM hybrid modules optimized for communication efficiency (War et al., 2025). Voltage sensor data, charging-session behavior, and energy-exchange logs served as the primary input features. This configuration aligns with state-of-the-art edge-federated paradigms, where constrained bandwidth necessitates model compression, adaptive learning rates, and partial client participation (Xia et al., 2021).

To enhance domain relevance, the training datasets were derived from empirically grounded EV operational profiles inspired by Chen et al. (2025) for capacity-degradation prediction and Hallak et al. (2025) for federated occupancy forecasting. Simulated cyber-attack scenarios encompassed both FDIA and Denial-of-Service (DoS) patterns, modeled after documented Open Charge Point Protocol (OCPP) vulnerabilities reported by Hamdare and Al-Smadi (2025).

Figure 7: System-Level Architecture for EV Cyber-Physical Threat Management in Hybrid Charging Systems. Source: Designed by author.

The figure illustrates a federated learning–driven cyber-physical framework for electric vehicles (EVs) operating within hybrid AC/DC charging systems. The vehicle integrates an AC/DC converter, DC/AC inverter, battery module, and motor drive, enabling bidirectional power exchange with the grid. Solid black arrows represent electrical power flow, while dashed green arrows denote data flow for the Federated Learning Security Layer, which collaborates with the Cyber-Physical Threat Management node to detect and mitigate anomalies. This architecture ensures privacy-preserving, real-time threat detection and adaptive energy management across distributed EV networks.

Simulation outcomes demonstrate that the federated model achieved a 94.7% average detection accuracy while reducing communication latency by 23% compared to centralized learning approaches. The decentralized structure substantially decreased attack propagation time during simulated FDIA events. These findings are consistent with the communication-efficiency advantages of FedAvg (McMahan et al., 2017) and latency reductions observed in edge-computing implementations (Satyanarayanan, 2017).

When benchmarked against traditional intrusion-detection baselines such as those in Jeong and Choi (2022) and Tanyıldız et al. (2025), the proposed method displayed superior robustness and scalability under variable network loads. Federated aggregation maintained model convergence stability even when local data distributions were heterogeneous across edge nodes.

Methods reproducibility addendum 

Software & hardware. 

MATLAB R20XX + Simulink/Power Systems (version X.Y); Python 3.X; TensorFlow Federated vX.Y; TensorFlow vX.Y; CUDA X.Y on NVIDIA [GPU model] (or CPU-only if applicable).

Clients & participation. Total clients N=[…] (EVs + chargers). Client sampling p=10–30 % per round; rounds R=50–500. Per-client batch size B=[…]; local epochs E=[…].

Models & hyperparameters.

Federated baseline: SGD-Logistic Regression; learning rate η=[…]; L2L2​ penalty λ=[…]; secure aggregation on.

Edge feature extractor (optional): CNN–LSTM (Conv1D filters=[…], kernel=[…]; LSTM hidden=[…]; dropout=[…]).

Central baselines: RandomForest (n_estimators=[…], max_depth=[…]); SVM (RBF, C=[…], γ=[…]); LR (penalty, C); NB; Farthest-First.

Signals & features. VDC​, Iac​, Vac​, dV/dt, converter temperature, DC-link ripple, packet inter-arrival jitter, checksum errors, retransmissions, and OCPP status codes. Sampling 1–5 kHz (electrical); downsampled to 50–100 Hz for ML.

Attacks & labeling. Rule-based injections: voltage drift (±x %), timing jitter (μ, σ), packet loss (Bernoulli pp), FDIA (δV​,δI​) ranges; DoS windows; OCPP misuse cases per Hamdare & Al-Smadi (2025). Labels derived from ground-truth schedules + anomaly rules.

Operating point selection. Threshold τ is chosen by maximizing F1​ on validation ROC/PR curves; report Accuracy, Precision, Recall, F1​ and FPR at τ. 

Table 1: Governance Mapping 

Control Objective

NIST AI RMF 2.0 Function

ISO/IEC 27001:2022 Annex A

Concrete Implementation in this Work

Role clarity & accountability

GOVERN (GOV-1, GOV-2)

A.5.1, A.5.2

RACI for model owners, FL coordinator, and security leads; promotion approvals with dual control.

Asset & threat inventory

MAP (MAP-1, MAP-2)

A.5.9, A.8.8

Registry of EV/charger clients; attack library (FDIA, DoS, OCPP).

Data minimization & privacy

MANAGE; MEASURE (MEA-2)

A.5.34, A.8.10

No raw telemetry off-device; secure aggregation; optional differential privacy noise.

Cryptography & key management

MANAGE

A.8.24–A.8.28

TLS in transit; encrypted model snapshots; hardware security module (HSM) key storage.

Update integrity & lineage

MEASURE (MEA-3); MANAGE

A.8.16, A.8.22

Signed model updates, version control, rollback protection, and blockchain lineage proofs.

Monitoring & incident response

MANAGE (MAN-5)

A.5.24–A.5.30

SOC alerts for drift, anomaly spikes, and client ban lists; automated patch triggers.

Supplier & cross-OEM posture

GOVERN; MAP

A.5.19–A.5.23

Vendor attestations, third-party compliance clauses, and telemetry access limits.

Secure software lifecycle

GOVERN; MANAGE

A.8.25, A.5.10

CI/CD with signing, code scanning (SAST/DAST), reproducible builds for FL coordinator.

Compliance evidence

MEASURE (MEA-4)

A.5.36, A.5.37

Audit packets including configs, metrics, lineage logs, and pen-test reports.

Mathematical Quantification and Analytical Formulations

This section presents the mathematical quantification of electrical and cyber‑physical interactions in a hybrid AC/DC electric‑vehicle (EV) charging system.

The equations characterize voltage, current, and power under normal and threat conditions, and define parameters used in anomaly detection and federated learning performance evaluation.

Pₐ꜀(t) = Vₐ꜀(t) × Iₐ꜀(t) × cos(φ)            (1)

where Vₐ꜀(t) and Iₐ꜀(t) are the instantaneous AC voltage and current, and φ is the phase angle.

V_DC = η_conv × (3√2 / π) × Vₐ꜀        (2)

Defines the DC link voltage across converter output for efficiency η_conv.

I_ch(t) = P_DC(t) / V_DC(t) = (η_conv × Pₐ꜀(t)) / V_DC(t)                                  (3)

Represents dynamic charging current as a function of converter efficiency and DC voltage.

SoC(t) = SoC(0) + (1 / C_bat) ∫₀ᵗ I_ch(τ) dτ                                                                    ————————————————. (4)

Defines the evolution of State of Charge (SoC) over time, where C_bat is the battery capacity.

V_bat(t) > V_HV  or  (dV_bat/dt) > γ_ov     ————————————————- (5)

Indicates overcharge condition when voltage or voltage‑rate exceeds safety thresholds.

VFI = |V_DC(t) − V_DC,ref| / V_DC,ref × 100                                                          (6)

Voltage Fluctuation Index (VFI) quantifies transient or injected voltage deviations.

λ_th = N_comp / t_prop                      (7)

Represents cyber‑threat propagation rate, where N_comp is the number of compromised nodes.

Ṽ(t) = V(t) + δ_V,     Ĩ(t) = I(t) + δ_I      (8)

Models false‑data injection (FDI) attacks by malicious perturbations δ_V and δ_I.

ΔP = |P_meas − P_true| = |(V + δ_V)(I + δ_I) − VI|                                              (9)

Quantifies power deviations caused by data manipulation or hardware interference.

Sᵢ = w₁·VFIᵢ + w₂·|ΔPᵢ| + w₃·f_model(xᵢ)      ————————————————. (10)

Composite anomaly score combining electrical deviation (VFI), power anomaly (ΔP), and AI model prediction f_model(xᵢ).

wₜ₊₁ = Σₖ₌₁ᴷ (nₖ / N) · wₜ⁽ᵏ⁾                    (11)

Federated Averaging (FedAvg) aggregation rule for model synchronization across distributed EV nodes.

Precision = TP / (TP + FP);   Recall = TP / (TP + FN);   F₁ = 2·(Precision·Recall) / (Precision + Recall)                            (12)

Defines key evaluation metrics used for classification accuracy assessment (Precision, Recall, F₁‑score).

Interpretation Summary

Equations (1)–(4) describe the electric powertrain and converter behavior.

Equations (5)–(9) model cyber‑physical disturbances and data manipulation.

Equations (10)–(12) define the AI‑driven threat detection and federated model evaluation, providing a unified quantitative foundation

for resilient EV cybersecurity management.

4. Results and Analysis 

4.1 Overall Model Performance

A total of eight models including RandomForest, SVM, Logistic Regression, Gaussian Naïve Bayes, Farthest-First, and three Federated (SGD-LogReg) variants were evaluated using a hybrid dataset composed of public (NSL-KDD) and synthetic (ACN-charging + CAN-bus/IVN) samples.

Table 2: Summarizes each model’s predictive metrics.

Model

Accuracy

Precision

Recall

F1-Score

False Alarm Rate

Avg Detection Time (s)

RandomForest

0.9850

0.9629

0.9804

0.9713

0.0196

0.0000

Federated (SGD-LogReg) – 50 Rounds

0.8310

0.8763

0.6149

0.6172

0.3851

0.0000

Federated (SGD-LogReg) – 100 Rounds

0.8302

0.7976

0.6101

0.6159

0.3899

0.0000

Federated (SGD-LogReg) – 500 Rounds

0.8275

0.6733

0.6110

0.6154

0.3890

0.0000

SVM (RBF Kernel)

0.8125

0.7508

0.8419

0.7689

0.1581

0.0027

Logistic Regression

0.8050

0.7369

0.8258

0.7522

0.1742

0.0000

Farthest-First (Baseline)

0.5927

0.3982

0.2506

0.1872

0.7494

0.0000

Gaussian Naïve Bayes

0.2660

0.4221

0.4136

0.2512

0.5864

0.0000

RandomForest demonstrated the highest performance with 98.5% accuracy, followed by Federated SGD-LogReg (~83%) and SVM (~81%). GaussianNB and unsupervised baselines performed weakly, showing their limitations in complex EV telemetry data.

4.2 Model-Specific Observations

RandomForest achieved near-perfect classification across all categories with minimal false alarms (~2%). SVM and Logistic Regression performed comparably well, providing high recall for battery and terminal fault cases.

Naïve Bayes and Farthest-First failed to generalize due to high feature interdependence and lack of supervision.

4.3 Federated Learning Analysis

Federated Learning (FL) using SGD-Logistic Regression achieved robust accuracy (82–83%) across 50, 100, and 500 rounds. The model showed rapid early convergence by 50 rounds, with marginal improvements thereafter.

The plots below show Federated accuracy and loss over 500 rounds.

Figure 8: Model trained and Evaluation Plots

4.4 Implications for DC/AC Hybrid Distribution Systems

Federated detection models enhance cybersecurity in DC/AC hybrid EV infrastructures by enabling privacy-preserving, distributed learning.

Centralized RandomForest analytics provide near-perfect performance for critical systems, while federated nodes at chargers or vehicles maintain over 82% accuracy without raw data exchange.

This layered configuration balances resilience, privacy, and scalability for EV-grid integration.

4.5 Summary of Findings

• RandomForest achieved benchmark performance (F1 = 0.97) for centralized control.

• Federated SGD-LogReg (50–100 rounds) balanced accuracy (≈83%) with low overhead.

• SVM and Logistic Regression demonstrated reliability for embedded deployments.

• Federated learning maintained robustness under decentralized asynchronous training.

• Future directions include cross-domain federated transfer learning and adversarial robustness testing.

4.6 Comparative Evaluation: Centralized vs. Federated Learning

Figure 9a. Performance comparison between centralized and federated learning architectures in hybrid electric-vehicle (EV) threat-detection systems.

The comparative analysis indicates that the federated learning (FL) architecture achieved an approximately 23 % reduction in detection latency and a 25 % improvement in communication efficiency compared with centralized learning. The federated SGD–Logistic Regression model reached an average accuracy of ~83 % after 50–100 communication rounds, exhibiting stable convergence under heterogeneous client data distributions. In contrast, the centralized RandomForest classifier produced the highest overall accuracy (98.5 %) but depended on raw-data aggregation, a major drawback in privacy-sensitive and bandwidth-limited EV networks.

Within real-world charging infrastructures, this trade-off underscores the federated approach as a strategic balance between performance, privacy, and scalability. The decentralized configuration transmits only model updates, not raw telemetry, thereby preserving data sovereignty and enabling adaptive security intelligence across geographically distributed nodes.

Interpretation:

Accuracy: Federated learning sustains competitive performance while remaining robust under non-IID (non-identically distributed) client data.

False-Positive Rate (FPR): A reduced FPR (~3.5 %) enhances system reliability by minimizing spurious alerts and unnecessary charger interruptions.

Latency and Communication Efficiency:  The 23–25 % gains validate the suitability of FL for vehicle-to-grid (V2G) coordination, where minimal latency and efficient bandwidth usage are essential.

Scalability: The distributed FL framework facilitates cross-OEM integration and multi-vendor interoperability without central data storage, ensuring alignment with cybersecurity and data-governance standards.

Comparative Summary and Transition:

Overall, the evaluation reveals a clear performance–privacy–efficiency triad. Centralized models deliver marginally higher accuracy but introduce governance and compliance risks linked to centralized data aggregation. Federated learning, by contrast, offers privacy-preserving intelligence with operational agility, achieving meaningful reductions in latency and communication overhead. These quantitative advantages justify its selection for next-generation cyber-physical security management in hybrid DC/AC EV ecosystems. The subsequent Radar Analysis (Section 4.7) visualizes these multidimensional trade-offs, illustrating how federated learning outperforms centralized methods across latency, efficiency, and trust-governance metrics.

4.7 Radar Analysis: Holistic System Efficiency

Figure 9(b):  Radar Comparison: Centralized vs Federated Learning (Higher is Better)

Figure 9(b) presents a radar-style

visualization comparing normalized performance of the two paradigms across five operational metrics:

Accuracy, (1 − FPR), Latency Reduction, Communication Efficiency, and Overcharge Detection Accuracy.

Federated learning forms a wider envelope across all axes, particularly in latency and communication efficiency, revealing superior end-to-end resilience.

This demonstrates that federated coordination not only matches centralized learning in accuracy but also provides system-level advantages lower power demand on edge nodes, adaptive learning in dynamic grid environments, and enhanced overcharge protection sensitivity.

Overall, these findings confirm that federated learning represents a viable, high-efficiency cybersecurity architecture for DC/AC hybrid EV networks, achieving both technical and operational parity with centralized systems while ensuring privacy preservation and reduced latency.

5.Discussion

Federated Learning (FL) serves as the central method for distributed cybersecurity threat detection within electric vehicle (EV) charging architectures, leveraging privacy-preserving and communication-efficient intelligence(Huang & Wang, 2022).

Unlike centralized models, FL trains locally on each EV or charging station, sharing only model updates to the cloud aggregator. This design ensures confidentiality of sensitive voltage, current, and session data while maintaining high detection performance across distributed nodes.

Multiple machine learning models were integrated within the FL framework, including Support Vector Machines (SVM), Random Forest (RF), Logistic Regression (LR), Naive Bayes (NB), and Farthest-First (FF) clustering. Each model was evaluated under a 70/15/15 split for training, validation, and testing across multiple public datasets simulating EV telemetry, power anomalies, and cyber intrusions. Training rounds (20, 40, 80, 160, 200, through 500) were conducted to analyze convergence, stability, and accuracy trends with results displayed in section 4 above(Results and Analysis).

This research advances the intersection of artificial intelligence, cybersecurity, and technology management by operationalizing federated learning within electric-mobility ecosystems. The results reinforce prior studies emphasizing FL’s privacy-preserving strengths (Kairouz et al., 2021; Li et al., 2021) while extending its application to real-time CPS environments.

Figure 10: Dynamic Interaction of Voltage Control, Overcharge Detection, and Threat Detection Accuracy in Hybrid EV Systems. Source: Designed by author

The diagram illustrates the interdependence between electrical parameters, voltage thresholds, and federated learning–based cyber-physical threat detection within a hybrid AC/DC electric vehicle system. Electrical parameters such as input AC voltage, DC bus voltage, converter efficiency, and motor power affect real-time voltage fluctuation and feed into safety constraints governed by voltage limits and overcurrent protection. The inclusion of an Overcharge Detection mechanism enables early identification of abnormal battery charging behavior. Data from fluctuating voltage levels are transmitted to the Federated Learning Security Layer, which enhances detection accuracy and minimizes the False Positive Rate in anomaly identification. The model demonstrates how federated learning optimizes cyber-physical resilience by aligning electrical safety control with adaptive AI-driven threat analytics.

Governance Alignment and Federated Learning Integration

Deployment gates bind model promotion to access control, encryption at rest/in transit, trace logging, and rollback plans (ISO/IEC 27001). NIST AI RMF controls are mapped to the pipeline as: Govern (role matrix, incident runbooks), Map (asset/threat inventory), Measure (latency, FPR, audit completeness), Manage (patch/rollback cadence and drift monitoring). TIPS operationalizes this: Technology (secure FL/edge design), Innovation (privacy tech and adversarial testing), People (dual-control for promotion, insider-risk training), Systems (policy orchestration and continuous compliance).

From a managerial perspective, this study illustrates how integrating the TIPS framework: Technology, Innovation, People, and Systems fosters a holistic cybersecurity governance strategy. The framework bridges technical assurance and human oversight, reinforcing that effective cybersecurity management requires coupling algorithmic efficiency with socio-technical adaptability.

In this context, the Technology dimension represents the design of privacy-preserving architectures capable of detecting and preventing data loss, tampering, or unauthorized access within a federated learning environment. These architectures embed the principle of “privacy by design”, ensuring that raw data remain decentralized while enabling collaborative model updates.

The Innovation component emphasizes continuous improvement in data protection strategies such as employing secure aggregation, differential privacy, and blockchain-based audit trails to strengthen the resilience of federated learning pipelines.

The People element captures the ethical and behavioral aspects of cybersecurity. Human agents play a decisive role in preventing insider threats and mitigating the risks posed by external adversaries. Moreover, human–AI collaboration during testing and evaluation helps identify AI hallucinations or adversarial behaviors, promoting ethical assurance and interpretability in explainable AI (XAI) systems.

Finally, the Systems perspective integrates all components: technical, organizational, and human into a coherent governance ecosystem. When all TIPS dimensions are effectively executed, the federated architecture attains adaptive security, resilience, and trustworthiness, ensuring that threat propagation across interconnected cyber-physical infrastructures is continuously and proactively monitored.

Figure 11(a): Governance Alignment and Federated Learning Architecture.

Figure 11(b): TIPS Framework Integration in Federated Learning Cyber-Physical Governance.

Figure 11(a) illustrates the hierarchical integration of governance frameworks including the NIST AI RMF (2023) and ISO/IEC 27001:2022 with federated learning systems in electric-vehicle (EV) cyber-physical environments. Governance principles of accountability, transparency, and auditability establish trust channels that guide the federated learning architecture, comprising vehicle ECUs, charging stations, and cloud edge nodes. The lower layer of security controls (encryption, authentication, and secure aggregation) ensures compliance, data protection, and privacy preservation through bidirectional trust–compliance feedback loops, thereby aligning technical assurance with policy governance.

Figure 11(b) depicts how the Technology–Innovation–People–Systems (TIPS) framework enhances holistic cybersecurity governance in federated learning.

The Technology quadrant focuses on secure design and AI-driven threat detection; Innovation emphasizes privacy-by-design, blockchain auditing, and adversarial robustness; People highlights human–AI collaboration and insider-threat prevention; and Systems encompasses policy orchestration, continuous monitoring, and cross-layer resilience. Together, these dimensions create an adaptive, socio-technical governance model that promotes ethical assurance, transparency, and resilience in federated learning environments.

6. Conclusions and Recommendation 

The federated learning-driven model enhances cyber-physical resilience in AC/AC electric vehicles by combining privacy-preserving machine learning with systemic governance principles. By decentralizing detection processes and adopting AI risk-management standards, the architecture addresses both technical and organizational dimensions of cyber defense.

Future research should explore cross-regional data federation across multiple OEMs and utilities to strengthen collaborative intelligence sharing. Such initiatives align with the systemic-risk perspectives articulated by Liang et al. (2017) and Zhuang and Liang (2021), highlighting the importance of collective resilience in interconnected power and transportation networks.

Back Matter                                       

Author Contributions:

Conceptualization, Methodology, Software, Validation, Formal analysis, Investigation, Data curation, Writing original draft, review, editing, and Visualization: Mahama Dauda

Data Availability Statement 

The datasets generated for this study are available from the corresponding author upon reasonable request due to commercial sensitivity.

Integrity statement:

Originality and Integrity 

All text, figures, and analyses in this manuscript are original to the author unless explicitly quoted and cited. Common definitions and methodology summaries (e.g., FedAvg, NIST AI RMF) are paraphrased and referenced. Any accidental close paraphrases of prior art are unintentional; please notify the author for immediate correction.

AI Use Statement                           

Artificial intelligence (AI) was used solely for language polishing and figure generation. No AI tools were employed for data analysis, interpretation, or decision making in the research process.

Institutional Review Board Statement: 

Not applicable.

Informed Consent Statement: 

Not applicable.

Conflicts of Interest: 

The author declares no conflict of interest.

Funding Statement

This research received no specific grant from public, commercial, or not-for-profit sectors. 

Acknowledgements

The authors thank AMK ResearchLab. USA, and partner laboratories for their support in testing and modeling.

Abbreviations tailored to your manuscript:

AC — Alternating Current

AC/DC — AC-to-DC Converter

ACN — Adaptive Charging Network (EV charging dataset/context)

AI — Artificial Intelligence

AI RMF — Artificial Intelligence Risk Management Framework (NIST)

ANFIS — Adaptive Neuro-Fuzzy Inference System

API — Application Programming Interface

C&I — Compliance & Integrity (governance context)

CAN — Controller Area Network

CPS — Cyber-Physical System(s)

CPU — Central Processing Unit

CNN — Convolutional Neural Network

DC — Direct Current

DC/AC — DC-to-AC Inverter

DL — Deep Learning

DNN — Deep Neural Network

DoS — Denial of Service (attack)

ECU — Electronic Control Unit (vehicle)

EDGE — Edge Computing (near-device compute)

EN — Energy (power-systems notation context)

EV — Electric Vehicle

EVCS — Electric Vehicle Charging Station

FDIA — False-Data Injection Attack

FDNN — Federated Deep Neural Network

FedAvg — Federated Averaging (aggregation algorithm)

FF — Farthest-First (clustering baseline)

FL — Federated Learning

FPR — False Positive Rate

GEP-ANFIS — Gene Expression Programming–Adaptive Neuro-Fuzzy Inference System

GPU — Graphics Processing Unit

HV — High Voltage

IDS — Intrusion Detection System

IoT — Internet of Things

ISO/IEC 27001 — Information Security Management Systems Standard (2022)

ISMS — Information Security Management System

IVN — In-Vehicle Network

kWh — Kilowatt-hour

LR — Logistic Regression

LSTM — Long Short-Term Memory (recurrent network)

ML — Machine Learning

NB — Naïve Bayes

NIST — National Institute of Standards and Technology

NSL-KDD — Network Security Lab—Knowledge Discovery in Databases (benchmark dataset)

OCPP — Open Charge Point Protocol

OEM — Original Equipment Manufacturer

OT — Operational Technology

PBFT/PoW — Practical Byzantine Fault Tolerance / Proof-of-Work (blockchain consensus, as context)

PV — Photovoltaic

RBF — Radial Basis Function (kernel)

RF — Random Forest

ROC — Receiver Operating Characteristic

SGD — Stochastic Gradient Descent

SoC (battery) — State of Charge (battery context in this paper)

SOTA — State of the Art

SVM — Support Vector Machine

TF — TensorFlow

TFF — TensorFlow Federated

TIPS — Technology–Innovation–People–Systems (governance framework)

TP/FP/FN/TN — True Positive / False Positive / False Negative / True Negative

UAV — Unmanned Aerial Vehicle (mentioned as possible edge node)

V2G — Vehicle-to-Grid

XAI — Explainable Artificial Intelligence

Power-System & Signal Symbols (used in equations):

V_ac, I_ac — Instantaneous AC voltage, current

V_AC — DC-link voltage

P_ac, P_DC — AC power, DC power

φ — Phase angle

η_conv — Converter efficiency

SoC(t) — State of Charge as a function of time

VFI — Voltage Fluctuation Index

Notes:

SoC is explicitly used as State of Charge (battery) in this paper (not “System-on-Chip”).

FF refers to the Farthest-First clustering baseline in your results table.

Include only those entries in the final manuscript glossary that actually appear in the text/figures/tables.

References

Abumohsen, M., Owda, A. Y., Owda, M., & Abumihsan, A. (2024). Hybrid machine learning model combining CNN-LSTM-RF for time-series forecasting of solar power generation. e-Prime – Advances in Electrical Engineering, Electronics and Energy, 9, 100636.

Acharya, S., Mieth, R., Karri, R., & Dvorkin, Y. (2022). False-data-injection attacks on data markets for electric-vehicle charging stations. Advances in Applied Energy, 7, 100098.

Almadhor, A., et al. (2025). Transfer learning for securing electric vehicle charging stations: A novel DNN-based framework for cyber-physical attack detection in EVCS. Scientific Reports. https://doi.org/10.1038/s41598-025-93135

Bakare, M. S., Abdulkarim, A., Shuaibu, A. N., & Muhamad, M. M. (2024). Predictive energy control for grid-connected industrial PV-battery systems using GEP-ANFIS. e-Prime – Advances in Electrical Engineering, Electronics and Energy, 9, 100647.

Biron, Z. A., Dey, S., & Pisu, P. (2018). Real-time detection and estimation of denial-of-service attacks in connected-vehicle systems. IEEE Transactions on Intelligent Transportation Systems, 19(12), 3893–3902.

Bonawitz, K., et al. (2019). Towards federated learning at scale: System design. arXiv preprint arXiv:1902.01046.

Chen, L., et al. (2025). Privacy-aware electric vehicle load forecasting via blockchain-based federated learning. Complex & Intelligent Systems. Advance online. https://doi.org/10.1007/s40747-025-02002-8 

Chen, W., & Guo, J. (2025). Federated-learning-based cyber-attack detection on electric vehicles in AC/DC hybrid distribution systems. Journal of Engineering and Applied Science, 72, 196. https://doi.org/10.1186/s44147-025-00779-6

Chen, X., Zhang, Y., & Li, J. (2025). Federated-learning-based prediction of electric-vehicle capacity degradation. Energy, 304, 130596. https://doi.org/10.1016/j.energy.2025.130596

Dey, S., Perez, H. E., & Moura, S. J. (2017). Model-based battery thermal-fault diagnostics: Algorithms, analysis, and experiments. IEEE Transactions on Control Systems Technology, 27(2), 576–587.

Gümrükcü, E., & Yalta, A. (2024). Dynamic capacity sharing for cyber–physical resilience of electric vehicle charging infrastructure. Energies, 17(24), 6277. https://doi.org/10.3390/en17246277 

Hallak, K., et al. (2025). Adaptive federated learning for predicting EV charging occupancy. Sustainable Computing: Informatics and Systems.

Hamdare, S., & Al-Smadi, M. (2025). Cyber defense in OCPP for EV charging security risks. International Journal of Information Security. https://doi.org/10.1007/s10207-025-01055-7

Hossen, M. S., et al. (2025). Federated AI-OCPP framework for secure and scalable EV charging infrastructure. Sustainability, 9(9), 363. https://doi.org/10.3390

Hossain, M. S., et al. (2025). A secure cloudlet-based charging station recommendation for electric vehicles empowered by federated learning. IEEE Transactions on Industrial Informatics. Advance online. https://doi.org/10.1109/TII.2025.

Huang, X., & Wang, X. (2022). Detection and isolation of false-data-injection attacks in intelligent transportation systems via robust state observers. Processes, 10(7), 1299. https://doi.org/10.3390/pr10071299

ISO/IEC. (2022). ISO/IEC 27001:2022 — Information security management systems — Requirements. International Organization for Standardization.

Isozaki, Y., et al. (2015). Detection of cyberattacks against voltage control in distribution power grids with PVs. IEEE Transactions on Smart Grid, 7(4), 1824–1835.

Jeong, S. I., & Choi, D.-H. (2022). Electric-vehicle user-data-induced cyberattack on EV charging stations. IEEE Access, 10, 55856–55867.

Kairouz, P., et al. (2021). Advances and open problems in federated learning. Proceedings of the IEEE, 109(1), 1–53.

Khaleghi, A., Ghazizadeh, M. S., Aghamohammadi, M. R., Guerrero, J. M., Vasquez, J. C., & Guan, Y. (2023). A probabilistic data-recovery framework against load-redistribution attacks based on Bayesian networks and bias-correction methods. IEEE Transactions on Power Systems, 39(4), 5806–5817.

Li, L., et al. (2024). Federated learning-based prediction of energy consumption from blockchain-based black box data for electric vehicles. Applied Sciences, 14(13), 5494. https://doi.org/10.3390/app14135494 

Li, Q., Wen, Z., Wu, Z., Hu, S., Wang, N., Li, Y., Liu, X., & He, B. (2021). A survey on federated-learning systems: Vision, hype, and reality. IEEE Transactions on Knowledge and Data Engineering.https://doi.org/10.1109

Liang, G., Zhao, J., Luo, F., Weller, S. R., & Dong, Z. Y. (2016). A review of false-data-injection attacks against modern power systems. IEEE Transactions on Smart Grid, 8(4), 1630–1638.

Liu, J., Ma, D., Weimerskirch, A., & Zhu, H. (2017). A functional co-design towards safe and secure vehicle platooning. In Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security (pp. 81–90).

McMahan, H. B., Moore, E., Ramage, D., Hampson, S., & Agüera y Arcas, B. (2017). Communication-efficient learning of deep networks from decentralized data (FedAvg). In Proceedings of AISTATS (PMLR 54) (pp. 1273–1282).

Mitikiri, S. B. (2025). Cyber–physical security in EV charging infrastructure. Electric Power Systems Research.Advance online. https://doi.org/10.1016/j.epsr.2025. 

NIST. (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0). National Institute of Standards and Technology.

NIST. (2024). Generative AI RMF Profile (NIST AI 600-1). National Institute of Standards and Technology.

Review article: Cyber–physical security in EV charging infrastructure.” (2025). Electric Power Systems Research. https://doi.org/10.1016/j.epsr.2025.

Saleem, M., et al. (2025). Weighted explainable federated learning for privacy-preserving and scalable energy optimization in autonomous vehicular networks. Neurocomputing. https://doi.org/10.1016/j.neucom.2025. 

Satyanarayanan, M. (2017). The emergence of edge computing. Computer, 50(1), 30–39.

Sharma, A., et al. (2025). Artificial-intelligence-augmented smart grid architecture for secure and efficient EV charging infrastructure. https://doi.org/10.3390/en

Tan, Y., Li, Y., Cao, Y., Shahidehpour, M., & Cai, Y. (2018). Severe cyberattack for maximizing the total loadings of large-scale attacked branches. IEEE Transactions on Smart Grid, 9(6), 6998–7000.

Tanyıldız, H., Aksoy, A., & Kurtuluş, M. (2025). Detection of cyber attacks in electric vehicle charging stations. Energy Reports, 11, 11536-11548. https://doi.org/10.1016/j.egyr.2025.11536 

War, M. R., et al. (2025). FedSec-CPS: Federated-learning-based security for constrained cyber-physical systems. Procedia Computer Science. https://doi.org/10.1016/j.procs.2025

Xia, Q., Huang, J., Wang, Q., Wu, J., & Yang, Y. (2021). A survey of federated learning for edge computing. Digital Communications and Networks, 7(2), 178–192. https://doi.org/10.1016/j.dcan.2020.10.003

Zhuang, P., & Liang, H. (2021). False-data injection against state-of-charge estimation in distribution networks. IEEE Transactions on Smart Grid, 12(3), 2566–2577.