(59aa) Adversarial Data in Demand Side Management

Artificial neural networks (ANNs) have shown promising results in forecasting and surrogate modeling
for applications in process systems engineering (Tsay and Baldea, 2020; Schweidtmann et al., 2021).
However, ANNs are known to be susceptible to adversarial attacks, i.e., targeted modifications of input
data that induce significant changes to the model outputs (Xu et al., 2020). Surrogate models can be
combined with mechanistic models or trained with physics-informed approaches to limit possible errors
(Bradley et al., 2022). Meanwhile, such security measures are not applicable for the extrapolation task
of forecasting models, e.g., for the prediction of electricity prices. Knowledge of electricity prices allows
large-scale industrial consumers with flexible processes to use demand side management (DSM) to shift
their production in time to save cost or to maximize the usage of renewable electricity from wind or
photovoltaic (Mitsos et al., 2018). Generally, delivery and consumption commitments are due before the
market is settled and the prices are set. Thus, accurate electricity price forecasts are vital to the DSM
process. The field of electricity price forecasting has steadily evolved over time (Weron, 2014; Nowotarski
and Weron, 2018). In particular, ANNs have shown promising results and are expected to dominate
future research (Jedrzejewski et al., 2022). However, there are no studies on adversarial attacks on ANNs
for electricity price forecasting and subsequent DSM systems. In power system applications, adversarial
attacks on load forecasts can lead to grid failures (Chen et al., 2019). In this work, we study the potential
effects of adversarial attacks on ANNs for electricity price forecasting with subsequent DSM of chemical
plants. We implement an adversarial attack based on the fast gradient sign method (FGSM) (Goodfellow
et al., 2015). The FGSM attack is designed to maximize the change to the output of the forecasting model
by using minimal perturbations to the input data that are barely visible to the human eye. The intensity
of the attack can be scaled via an attack rate parameter. We consider a grid-scale battery storage case
study and a chlorine production plant (Brée et al., 2019). Both case studies use electricity price forecasts
from autoregressive ANNs with exogenous input features comprised of renewable electricity production
and demand forecasts. With the increasing intensity of the attacks, the changes to the DSM schedules
become more and more significant. Particularly for the grid-scale storage case study, the attack leads to
considerable financial losses.

Bibliography
Bradley, W., Kim, J., Kilwein, Z., Blakely, L., Eydenberg, M., Jalvin, J., Laird, C., and Boukouvala, F.
(2022). Perspectives on the integration between first-principles and data-driven modeling. Computers
& Chemical Engineering, 166:107898.
Brée, L. C., Perrey, K., Bulan, A., and Mitsos, A. (2019). Demand side management and operational
mode switching in chlorine production. AIChE Journal, 65(7):e16352.
Chen, Y., Tan, Y., and Zhang, B. (2019). Exploiting vulnerabilities of load forecasting through adversarial
attacks. In Proceedings of the Tenth ACM International Conference on Future Energy Systems, e-
Energy ’19, page 1–11, New York, NY, USA. Association for Computing Machinery.
Goodfellow, I., Shlens, J., and Szegedy, C. (2015). Explaining and harnessing adversarial examples. In
International Conference on Learning Representations.
Jedrzejewski, A., Lago, J., Marcjasz, G., and Weron, R. (2022). Electricity price forecasting: The dawn
of machine learning. IEEE Power and Energy Magazine, 20(3):24–31.
Mitsos, A., Asprion, N., Floudas, C. A., Bortz, M., Baldea, M., Bonvin, D., Caspari, A., and Schäfer,
P. (2018). Challenges in process optimization for new feedstocks and energy sources. Computers &
Chemical Engineering, 113:209–221.
Nowotarski, J. and Weron, R. (2018). Recent advances in electricity price forecasting: A review of
probabilistic forecasting. Renewable and Sustainable Energy Reviews, 81:1548–1568.
Schweidtmann, A. M., Esche, E., Fischer, A., Kloft, M., Repke, J.-U., Sager, S., and Mitsos, A. (2021).
Machine learning in chemical engineering: A perspective. Chemie Ingenieur Technik, 93(12):2029–2039.
Tsay, C. and Baldea, M. (2020). Integrating production scheduling and process control using latent
variable dynamic models. Control Engineering Practice, 94:104201.
Weron, R. (2014). Electricity price forecasting: A review of the state-of-the-art with a look into the
future. International Journal of Forecasting, 30(4):1030–1081.
Xu, H., Ma, Y., Liu, H.-C., Deb, D., Liu, H., Tang, J.-L., and Jain, A. K. (2020). Adversarial attacks and
defenses in images, graphs and text: A review. International Journal of Automation and Computing,
17:151–178.