Empirical Validation of a Hybrid Deep Learning Architecture for Real-Time Fault Detection and Cyber-Threat Classification in SCADA-Based Smart Grid Environments

Abstract

This study addresses a critical operational gap in smart grid infrastructure management: while hybrid deep learning architectures combining Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks have been theoretically proposed for simultaneous fault detection and cyber-threat classification in SCADA-based environments, no empirically validated quantitative framework exists to determine which hybrid architecture capability dimensions most strongly predict operational reliability, threat response effectiveness, and detection latency reduction in real-world deployment contexts. The purpose was to empirically validate a hybrid CNN-LSTM deep learning framework that links core architectural capabilities to smart grid operational outcomes within an enterprise-scale, case-based setting. Using a quantitative, cross-sectional, case-study design, data were collected from a purposive sample of N = 218 smart grid security and operations professionals including SCADA engineers, network security analysts, data scientists, grid operations managers, and protection relay engineers working in operational environments where AI-driven monitoring and anomaly detection platforms are actively deployed. Key independent variables were CNN Feature Extraction Capability (C), LSTM Temporal Sequence Modeling Capability (L), and Hybrid Architecture Integration Depth (H), alongside two domain-specific indices: the Hybrid Architecture Performance Index (HAPI) and the Real-Time Threat Detection Alignment (RTDA); key dependent variables were Fault Detection Accuracy (Y1), Cyber-Threat Classification Effectiveness (Y2), and Operational Continuity Performance (Y3). The analysis applied descriptive statistics, reliability and validity testing (Cronbach's alpha, EFA with KMO and Bartlett's test), Pearson correlations, and multiple regression models. Headline findings demonstrate strong measurement quality (alpha = .83-.89; KMO = .91; Bartlett's chi-squared = 2318.7, p < .001) and moderately high capability levels (CNN Capability M = 3.97, SD = 0.61; LSTM Capability M = 4.11, SD = 0.56; Hybrid Integration M = 3.84, SD = 0.67). All core relationships were positive and significant (p < .001), including Fault Detection Accuracy with HAPI (r = .66) and LSTM Capability (r = .63), Cyber-Threat Classification with RTDA (r = .68), and Operational Continuity with Hybrid Integration (r = .64). Regression results indicate substantial explained variance for Fault Detection Accuracy (R2 = .63; F(5,212) = 72.4, p < .001), with HAPI as the strongest predictor (beta = .37, p < .001), followed by LSTM Capability (beta = .25, p = .001).