Towards sustainable grid security: a lightweight adaptive framework for power system software vulnerability detection
摘要
To address the issues of high computational cost and reliance on labeled data in power system software vulnerability detection, this paper proposes a lightweight and adaptive detection framework that combines large language models and Gaussian mixture models. As modern power grids evolve toward highly digitalized and interconnected architectures, sustainable security solutions that can operate reliably under resource constraints and continuously changing cyber–physical threat landscapes have become increasingly critical. The proposed method first extracts semantic embedding features from control and automation code using large language models, after which the Nystroem algorithm is applied for nonlinear dimensionality reduction. Gaussian mixture models are then employed for unsupervised clustering and vulnerability probability estimation. Furthermore, an Adaptive Hybrid Detector is designed to dynamically choose the detection path according to code complexity: simple protection or communication functions are analyzed with GMM for efficiency, while complex control logic is selectively processed by a contrastive clustering module to refine semantic representations. Experiments conducted on the DiverseVul and ReposVul datasets validated the effectiveness of the method under scenarios with only non-vulnerable code or a limited number of labeled vulnerable samples. Results demonstrated that the proposed approach achieves competitive AUC and F1 scores across different configurations, exhibits strong cross-language transferability, and enhances robustness. Overall, the framework significantly reduces resource consumption while maintaining reliable detection performance, making it well-suited for rapid deployment in practical power system software development and security assurance environments.