Decentralized architectures in energy communities exacerbate power grid vulnerability to cyberattacks, necessitating security mechanisms that jointly ensure high detection accuracy and strict data privacy. This paper proposes an unsupervised anomaly detection framework integrating federated learning (FL) with deep autoencoders. A multi-source energy system simulation model—built in Simulink—generates realistic training data; autoencoders learn normal operational patterns to identify attack-induced deviations, while FL enables cross-entity distributed model training without sharing raw local data. Crucially, this work establishes the first deep coupling of FL and autoencoder-based anomaly detection, explicitly tailored to the privacy-sensitive and structurally decentralized nature of energy communities. Evaluated across multiple representative cyberattack scenarios, the method achieves a mean detection accuracy of 92.3%, approaching the performance of centralized training while preserving data sovereignty—thereby significantly enhancing both security and practical deployability.

Energy communities consist of decentralized energy production, storage, consumption, and distribution and are gaining traction in modern power systems. However, these communities may increase the vulnerability of the grid to cyber threats. We propose an anomaly-based intrusion detection system to enhance the security of energy communities. The system leverages deep autoencoders to detect deviations from normal operational patterns in order to identify anomalies induced by malicious activities and attacks. Operational data for training and evaluation are derived from a Simulink model of an energy community. The results show that the autoencoder-based intrusion detection system achieves good detection performance across multiple attack scenarios. We also demonstrate potential for real-world application of the system by training a federated model that enables distributed intrusion detection while preserving data privacy.