# Energy Theft Attacks On an Hybrid Charging Station This repository contains an extended dataset described in the conference paper, called "Detecting Energy Theft Attacks On A Off-Grid Station". The primary goal of this dataset is to provide researchers working with attack detection methods with a real, measured attacked dataset to test the detection and classification algorithms. ## Description This dataset contains power measurements collected in the testbed called the "Smart Room." The measurements represent the 72-day experiment of emulating an off-grid charging station for electric bikes under energy theft attacks. The dataset is presented in two sets. **1)** The one included in the folder 'Raw_dataset' represents real measurements collected by the monitoring system of the Testbed. Each folder contains .csv files with a timestamp and a value for a recorded measurement, which are: - batteryChargeCurrent [A], the recorded current in amperes which is charging the batteries installed in the Smart Room, using excess energy generated by the PV panel; - batteryChargeState [%], the state of charge of batteries in the Smart Room, used for charging the bikes when PV production is not enough; - batteryDischargeCurrent [A], the current in amperes which corresponds to the utilization of the batteries to charge the bikes when the PV production is not sufficient; - batteryVoltage [V], the voltage of the batteries in volts; - gridPower [W], the power consumed by the grid in watts, used for the auxiliary equipment installed in the Smart Room and not directly related to the experiment (sensors, PCs, Raspberry Pis, etc.). The negative value corresponds to the case where the excess power is being sent to the public grid. - PVpower [W], the power produced in watts by the photovoltaic panel on the roof of the building; - VariableChargePower [W], the power consumed by the electric programmable load, which in the case of the first week is a combination of charging profiles of 1-3 bikes; - VariableChargePower [W], the power consumed by the electric programmable load representing a combination of charging profiles of 1-3 bikes and possibly corrupted by the FDI attack, subtracting the additional increase (4th bike); - mode [1-4], the Inverter setting, which defines the power distribution in the grid; - attack status [0/1], defines the time instant where the attack was active (1) or not (0); - PVpower_wifi [W], provides the additional, more frequent measurements (every 3-5 seconds), intending to reduce the impact of the disturbances on the overall energy balance equation. **2)** The second set of data in the folder 'Processed_dataset' uses the transformed raw dataset and presents it in a complete format for the attack detection methods to be readily applied. The transformation includes: - Fixed timestep. The data collection principle of the testbed is set up in a way that every ~60 seconds, the measurement is collected, and it is recorded only in the case where the value is different from the previously recorded one. In order to make the data more representative, the data was extended, filling the gaps between the measurements, to have a fixed timestep of exactly 60 seconds. - Variable transformation. The data collected in a raw dataset was simplified to obtain 4 main sets of readings in watts: **Pload** (VariableChargePower), **Pbatt** (batteryVoltage*(batteryDischargeCurrent-batteryDischargeCurrent)), **Ppv** (PVpower), **Pgrid** (gridPower), **SoC** (batteryChargeState), **mode** (mode), as well as a new variable which represents the consumption-production balance error **Pe** (VariableChargePower-PVpower-batteryVoltage*(batteryDischargeCurrent-batteryDischargeCurrent)-0.9*gridPower) - The label variable called 'Attack' is added to indicate at which instances of time the programmable load consumption profile was altered (corresponding to '1'), and when it was not (corresponding to '0'). - The timestamp converted to 'Time', indicating time, day, and year of every measurement. Finally, the completed dataset includes a .csv file 'Full_dataset.csv', which corresponds to all data collected during the experiments. Full description of the experiment as well as an example of a detection method can be found in the paper presented for ACM EnergySP '25 ACM SIGEnergy Workshop on Cybersecurity and Privacy of Energy Systems and published as a part of the proceedings of ACM eEnergy '25 in ACM digital library. ## Support For any questions related to the dataset as well as to the paper, the reader is welcome to contact the author by e-mail anatolii.khalin@centralesupelec.fr or anatolii.khalin@gmail.com. ## Contributing The data is in open access, all contributions are welcome. For reference, please cite the paper "Detecting Energy Theft Attacks On A Off-Grid Station". ## Authors and acknowledgment This dataset collection was funded and supported by Direction Générale de l’Armement through CREACH LABS under the project CAMTAR, with the help and under supervision of Jean-François Lalande (jean-fracois.lalande@centralesupelec.fr) and Romain Bourdais (romain.bourdais@centralesupelec.fr).