智能电网被视为优化电力分配，促进可持续发展和彻底改变能源格局的前沿技术。智能电网能够收集更多的信息，并根据这些信息对物理设施进行智能调节，这使得智能电网成为了信息物理系统。随着深度学习的崛起，在智能电网中利用神经网络进行信息整合及决策可以进一步提升性能及效率，故而深度学习越来越受学界和业界的青睐。然而，这个新的组成部分为这个复杂系统带来了潜在的脆弱性，因为恶意攻击者可能会对深度学习部分进行扰动，从而导致大量的经济损失。本论文深入研究了智能电网这一信息物理系统中各组成部分的复杂相互作用，探索了负荷预测、负荷预测的对抗性攻击以及新的防御方法。本论文的贡献有三个方面：（1）讨论了信息层中负荷预测模型的多种设计，在其中考虑了系统中的其他成分（比如物理层）；（2）通过实证实验展示了信息层模型的脆弱性以及其最终对系统经济损失的巨大影响——特别地，在实验中，对测试数据进行3% 的对抗性扰动会导致超过30% 的成本提升；（3）提出了通过充分利用整个系统设计尤其是利用物理层的技术来对抗网络层攻击的新型防御方法。

Smart grids are regarded as cutting-edge technology for revolutionizing the energy landscape, optimizing power distribution, and enhancing sustainability in the modern era. The smart grid is typically regarded as a cyber-physical system, where the cyber layer gives the predictions, and the physical layer makes the decisions. Given the rise of deep learning, it is fruitful to adopt neural networks in smart grids to enhance performance. However, the new component leaves potential vulnerability to the complex system, since malicious attackers can potentially contaminate the deep learning component and incur economic loss. This thesis delves into the intricate interplay of the cyber-physical system within smart grids, exploring load forecasting, adversarial attacks on load forecasting, and new methods for defense. The contribution of this thesis is threefold: (1) discussing several designs of the cyber layer, taking into account different components, including the physical layer; (2) demonstrating the vulnerability of the cyber layer and its huge impact on economic loss through empirical experiments (surprisingly, a 3% adversarial perturbation on the test data leads to over 30% economic loss in simulation); and (3) proposing novel defense methods against the attacks on the cyber layer by leveraging the system as a whole and utilizing techniques from the physical layer to tackle the attack.