About

Katherine Davis is an Associate Professor in the Department of Electrical & Computer Engineering at Texas A&M University. She holds a Ph.D. in Electrical Engineering with a focus on Power and Energy Systems from the University of Illinois Urbana-Champaign, obtained in 2011, as well as a Master's degree in Electrical Engineering from the same university. She earned her Bachelor's degree with High Honors in Electrical Engineering from the University of Texas at Austin in 2007. Her research interests include the operation and control of power systems, interactions between computer networks and power networks, security-oriented cyber-physical analysis techniques, data-driven and model-based coupled infrastructure analysis and simulation, and cyber-physical situational awareness. Dr. Davis's work emphasizes the security and resilience of electric power systems through cyber-physical modeling and assessment frameworks, contributing to the understanding and enhancement of power grid security in the face of cyber threats.

Research topics

• Computer Science
• Engineering
• Astrobiology
• Physics
• History
• Data Mining
• Geology
• Computer Security
• Astronomy
• Remote sensing
• Data science
• Real-time computing
• Cartography
• Operations management
• Systems engineering
• Art
• Geography
• Risk analysis (engineering)
• Operations research
• Mathematics
• Computer network
• Reliability engineering
• Electrical engineering

Selected publications

• A Reinforcement Learning Engine With Reduced Action and State Space for Scalable Cyber‐Physical Optimal Response

  IET Cyber-Physical Systems Theory & Applications · 2026-01-01 · 1 citations

  preprintOpen accessSenior author

  ABSTRACT Numerous research studies have been conducted to enhance the resilience of cyber‐physical systems (CPSs) by detecting potential cyber or physical disturbances. However, the development of scalable and optimal response measures under power system contingencies based on fusing cyber‐physical data is still in an early stage. To address this research gap, this paper introduces a power system response engine based on reinforcement learning (RL) and role and interaction discovery (RID) techniques. RL‐RID‐GridResponder is designed to automatically detect the contingency and assist with the decision‐making process to ensure optimal power system operation. The RL‐RID‐GridResponder learns via an RL‐based structure and achieves enhanced scalability by integrating an RID module with reduced action and state spaces. The applicability of RL‐RID‐GridResponder in providing scalable and optimal responses for CPSs is demonstrated on power systems during cyber disturbances. Moreover, simulations are conducted on a Volt‐Var regulation problem using the augmented WSCC 9‐bus, augmented IEEE 24‐bus and IEEE 8500‐node systems based on fused cyber and physical datasets. The results show that the proposed RL‐RID‐GridResponder can provide fast and accurate responses to ensure optimal power system operation under cyber intrusions, such as DoS, and can extend to other system contingencies, such as line outages and load losses.

  PublisherDOI

• From Ports to Protocols: A Survey on Cyber Threats in Energy Storage Platforms for Microgrids

  2025-10-26

  article

  Energy storage control systems (ESCS) equipped with integrated energy storage platforms (IESPs) serve as vital components in modern microgrids and distributed energy systems. However, these systems also inherit a range of vulnerabilities common to industrial control systems (ICS), rendering them susceptible to cyber threats. This paper investigates the key cybersecurity weaknesses in platforms, including open or misconfigured ports, weak or default credentials, insecure communication protocols, and known software vulnerabilities. Drawing on recent real-world advisories and documented CVEs, we highlight how these flaws may be exploited to compromise operational integrity, cause grid instability, or enable lateral attacks within critical infrastructure networks. The findings underscore the urgency of adopting robust defense-in-depth strategies and secure configurations for proactive vulnerability management of IESPs.

  PublisherDOI

• Distributed detection and mitigation of FDIAs in smart grids via federated learning

  International Journal of Electrical Power & Energy Systems · 2025-09-26

  articleOpen access

  Employment of smart meters in power grids avails efficient data analytics and control over the system. However, the transmission of the measurement data over the communication networks may expose the power system to potential cyberattacks. Among these, false data injection attacks (FDIAs) pose a significant threat to the operation of smart grids. In order to tackle the cyberattacks on smart grids, we propose a federated learning-based method for distributed detection and mitigation of FDIAs. Federated learning facilitates distributed training of machine learning-based attack detectors while preserving privacy of sensitive data. The proposed detection method incorporates a graph autoencoder model that exploits the spatial correlations between the power load profiles of the connected network nodes to efficiently mitigate the effects of FDIAs. Extensive simulations using realistic power load profiles combined with the IEEE-57, 118, and 300 bus test cases corroborate the effectiveness of the proposed approach. • A federated learning-based approach detects and mitigates false data injection attacks (FDIAs). • Graph autoencoder captures spatial correlations in power grid data for enhanced accuracy. • The method ensures data privacy while enabling collaborative cybersecurity in smart grids. • Extensive simulations validate superior detection and mitigation performance over benchmarks. • Tested on IEEE 57, 118, and 300 bus systems using realistic power load profiles.

  PublisherDOI

• InterGraph-CPS: A Graph-Theoretic Approach to Characterize Cross-Domain Cyber-Physical Interdependencies and Uncertainties in Electric Grid Systems for Improved Decision-Making in Operation and Response

  2025-09-01

  reportOpen access

  Critical infrastructure systems such as the electric grid are increasingly cyber-physical; yet, despite the cyber-physical characteristics of critical infrastructure systems, the physical process system and communication/control network system are traditionally analyzed in siloes.As these systems become more cyber-physical, it is crucial that models and methods are available to assess the cyberphysical system (CPS) interdependencies, characteristics, and event propagation for improved planning, operation, and response.Thus, we proposed an integrated structural and temporal CPS interdependency analysis framework, InterGraph-CPS, that provides insight into the CPS function during normal operation as well as disturbances.This integrated structural and temporal interdependency framework is uniquely designed for assessing CPSs by account for the challenges of analyzing cyber and physical data streams together due to data availability, data type, and time scale differences.By leveraging both structural (e.g., graph analysis) and temporal (e.g., data analytics) techniques, different CPS behaviors and configurations can be accounted for.

  PublisherOA PDFDOI

• Enhancing Cyber-Physical System Interdependencies through the Integration of Node2Vec-based Approach and Temporal Analysis Using LSTM Autoencoders

  2025-07-27

  articleSenior author

  Cyber threats targeting power systems have introduced great operational and security risks impacting the resilience of critical infrastructure. As cyber and physical components become increasingly integrated, understanding their interdependencies is crucial. Research questions remain about the most effective methods for doing these characterizations, specifically toward providing valuable insight to planners and operators. In this study, we emulate the WSCC 9-bus under the Denial-of-Service (DoS) disturbance. An LSTM autoencoder-based approach is proposed to detect affected components through temporal data analysis, coupled with a graph embedding-based approach for cyber-physical risk analysis (GEACRA) to identify high-risk components. By cross-validating results from structural analysis with temporal anomaly detection, this dual approach offers a comprehensive method for assessing both static and dynamic interdependencies, enhancing power system resilience to cyber threats.

  PublisherDOI

• Cooperative Optimization of Grid-Edge Cyber and Physical Resources for Resilient Power System Operation

  2025-07-27

  articleSenior author

  The cooperative operation of grid-edge power and energy resources is crucial to improving the resilience of power systems during contingencies. However, given the complex cyber-physical nature of power grids, it is hard to respond timely with limited costs for deploying additional cyber and/or phyiscal resources, such as during a high-impact low-frequency cyber-physical event. Therefore, the paper examines the design of cooperative cyber-physical resource optimization solutions to control grid-tied cyber and physical resources. First, the operation of a cyber-physical power system is formulated into a constrained optimization problem, including the cyber and physical objectives and constraints. Then, a bi-level solution is provided to obtain optimal cyber and physical actions, including the reconfiguration of cyber topology (e.g., activation of communication links) in the cyber layer and the control of physical resources (e.g., energy storage systems) in the physical layer. The developed method improves grid resilience during cyberattacks and can provide guidance on the control of coupled physical side resources. Numerical simulation on a modified IEEE 14-bus system demonstrates the effectiveness of the proposed approach.

  PublisherDOI

• Deep Cyber-Physical Situational Awareness for Energy Systems: A Secure Foundation for Next-Generation Energy Management

  2025-01-28

  reportOpen access

  This document provides the final report for the CYPRES project. The purpose is (1) to highlight and summarize its major accomplishments and (2) to provide guidance on how its outcomes have informed and can inform important additional research and technology transfer. The goal of CYPRES was the research, development, and demonstration of a security-oriented next generation cyber-physical EMS for electric power systems that detects malicious and abnormal events through the fusion of cyber and physical data. To achieve this, the CYPRES project team researched, developed, and built a prototype of the solution, referred to as the CYPRES EMS. The CYPRES EMS is a proof-of-concept cyber-physical platform that demonstrates the management of the energy system, communications, security, and cyber-physical grid modeling and analytics. As part of the capabilities of the CYPRES EMS, the team designed and developed a suite of power system applications for monitoring, risk analyses, detection, and control that are inherently cyberaware. At its core, the project aimed to research, develop, and demonstrate a security-oriented next-generation cyber-physical Energy Management System (EMS) capable of detecting malicious and abnormal events through the innovative fusion of cyber and physical data. This approach represents a fundamental shift from traditional EMS, reimagining how critical infrastructure can be protected through unified cyber-aware and physics-aware secure data flow pipelines. The project’s cornerstone deliverable, the CYPRES EMS, serves as a proof-of-concept cyber-physical platform that revolutionizes the management of energy systems, communications, security, and cyber-physical grid modeling and analytics. This prototype implements a comprehensive suite of power system applications for monitoring, risk analyses, detection, and control, all designed with inherent cyber awareness. The system’s architecture extends from end-devices in the field through to control center applications, establishing a secure and resilient control framework that addresses the challenges posed by diverse devices of unknown trustworthiness connecting to modern power systems. Through this innovative approach to deep cyber-physical situational awareness, the CYPRES project not only advances the state-of-the-art in energy infrastructure protection but also establishes a new paradigm for how EMS can be designed, deployed, and operated in an increasingly complex threat landscape. The findings and developments from this project provide crucial insights for stakeholders across the energy sector, offering a blueprint for enhancing the reliability and resilience of our nation’s critical energy infrastructure in the face of evolving cyber threats.

  PublisherOA PDFDOI

• The Challenges and Opportunities with Cybersecurity Regulations: A Case Study of the US Electric Power Sector

  2025-11-19 · 1 citations

  articleOpen access

  In various industries, cybersecurity regulations have been enacted in an effort to drive improvements to organizational security postures. Despite the prominent influence of these regulations, there has been limited prior investigation of how organizations engage with these regulations and the challenges that they face. Assessing these factors is vital for understanding the impact of cybersecurity regulations in practice and how to enhance them moving forward.

  PublisherDOI

• An Efficient Framework for Multi-DER Integration in Distribution Networks With Time-Series Demand Flexibility

  IEEE Access · 2025-01-01 · 1 citations

  articleOpen access

  The increasing penetration of renewable energy sources (RESs) has transformed power system operations. However, balancing supply and demand is more challenging due to the inherent variability of RESs. This paper presents an efficient framework that integrates demand flexibility, RESs, and energy storage in distribution systems to enhance distribution system performance. The study implements a detailed time-series power flow analysis to investigate the impact of distributed energy resources (DERs) on system performance over a 24-hour period. The simulations incorporate a modified IEEE 123-bus network with two PV systems, flexible loads, and a 300 kW/1200 kWh battery. Additionally, the IEEE 8500-node distribution feeder integrates higher-rated PV, wind generators, and a 500 kW/2000 kWh battery to evaluate grid performance under diverse operational conditions. The battery storage system provides essential grid support through strategic charging during high PV generation and discharging during peak demand periods. The simulation results demonstrate robust voltage regulation and effective demand response throughout the feeder despite varying generation and load conditions. The flexible loads effectively respond to system conditions, varying between 23 to 82 kVA. This study demonstrates the viability of coordinated DER operations and their impact on modern distribution networks.

  PublisherDOI

• DESTinE Block: Private Blockchain Based Data Storage Framework for Power System

  arXiv (Cornell University) · 2025-10-18

  preprintOpen accessSenior author

  This paper presents DESTinE Block, a blockchain-based data storage framework designed for power systems and optimized for resource-constrained environments, including grid-edge devices such as single-board computers. The proposed architecture leverages the InterPlanetary File System (IPFS) for storing large files while maintaining secure and traceable metadata on a custom blockchain named DESTinE Block. The metadata, comprising the IPFS Content Identifier (CID), uploader identity, administrator verification, and timestamp; is immutably recorded on-chain to ensure authenticity and integrity. DESTinE Block adopts a dual-blockchain abstraction, where the blockchain remains unaware of the IPFS storage layer to enhance security and limit the exposure of sensitive file data. The consensus mechanism is based on Proof of Authority (PoA), where both an administrator and an uploader with distinct cryptographic key pairs are required to create a block collaboratively. Each block contains verified signatures of both parties and is designed to be computationally efficient, enabling deployment on devices like the Raspberry Pi 5. The framework was tested on both an x86-based device and an ARM64-based Raspberry Pi, demonstrating its potential for secure, decentralized logging and measurement storage in smart grid applications. Moreover, DESTinE Block is compared with a similar framework based on Multichain. The results indicate that DESTinE Block provides a promising solution for tamper-evident data retention in distributed power system infrastructure while maintaining minimal hardware requirements.

  PublisherOA PDFDOI

Recent grants

• Deep Learning-based Detection of Stealth False Data Injection Attacks in Large-Scale Power Grids

  NSF · $360k · 2018–2022

• Collaborative Research: SHIELD: Strategic Holistic Framework for Intrusion Prevention Using Multi-modal Data in Power Systems

  NSF · $375k · 2022–2025

Frequent coauthors

• Hao Huang

  Princeton University

  60 shared

• Abhijeet Sahu

  National Renewable Energy Laboratory

  44 shared

• Zeyu Mao

  40 shared

• Saman Zonouz

  Georgia Institute of Technology

  37 shared

• Ana Goulart

  34 shared

• Astrid Layton

  Walker (United States)

  33 shared

• Shamina Hossain‐McKenzie

  Sandia National Laboratories

  30 shared

• Thomas J. Overbye

  Texas A&M University

  27 shared