However, none have considered the dual challenge of attacking both DL-based detection models and triggering the physical relay operation, as is required for attacks on LCDRs. To our knowledge, no prior work investigated the vulnerabilities of DL-based FDIA detection systems in LCDRs against adversarial attacks, despite the critical role LCDRs play in line protection. This problem also encompasses a unique additional set of objectives and constraints that must be taken into consideration to design successful adversarial attacks against the LCDR. For instance, for an adversarial attack to succeed, it must not only deceive the DLS but also trigger the LCDR to trip, adding complexity beyond scenarios where decision-making relies solely on a machine-learning model. Herein, the adversarial samples must be misclassified by the DLS as faults, since the primary objective of the attacker is to cause the LCDR to trip unnecessarily in the absence of a real fault. Moreover, the problem is constrained by the requirement that only features from remote measurements can be manipulated, while local measurement features remain unchanged. Local measurements, being closely tied to the relay, are difficult to manipulate as they are transmitted directly through copper wires, whereas remote measurements, which traverse longer distances and potentially vulnerable media, offer a broader attack surface. This distinction highlights the need for robust detection systems capable of withstanding targeted adversarial attacks. Finally, for LCDRs, these robust detection systems must not negatively impact the LCDR's ability to detect actual faults.

Line Current Differential Relays (LCDRs) are high-speed relays progressively used to protect critical transmission lines. However, LCDRs are vulnerable to cyberattacks. Fault-Masking Attacks (FMAs) are stealthy cyberattacks performed by manipulating the remote measurements of the targeted LCDR to disguise faults on the protected line. Hence, they remain undetected by this LCDR. In this paper, we propose a two-module framework to detect FMAs. The first module is a Mismatch Index (MI) developed from the protected transmission line's equivalent physical model. The MI is triggered only if there is a significant mismatch in the LCDR's local and remote measurements while the LCDR itself is untriggered, which indicates an FMA. After the MI is triggered, the second module, a neural network-based classifier, promptly confirms that the triggering event is a physical fault that lies on the line protected by the LCDR before declaring the occurrence of an FMA. The proposed framework is tested using the IEEE 39-bus benchmark system. Our simulation results confirm that the proposed framework can accurately detect FMAs on LCDRs and is not affected by normal system disturbances, variations, or measurement noise. Our experimental results using OPAL-RT's real-time simulator confirm the proposed solution's real-time performance capability.