The increasing digitalization of smart grid systems has introduced new cybersecurity challenges, particularly at the supervisory control and data acquisition (SCADA) edge gateways where resource constraints, latency sensitivity, and privacy concerns limit the applicability of centralized security solutions. This paper presents FED-SCADA, a novel federated intrusion detection system (IDS) that integrates Spiking Neural Networks (SNNs) for energy-efficient inference and Differential Evolution (DE) for optimizing model convergence in decentralized, non-independent and identically distributed (non-IID) environments. The proposed architecture enables real-time, privacy-preserving intrusion detection across distributed SCADA subsystems in a smart grid context. FED-SCADA is evaluated using three public IIoT/SCADA datasets: TON_IoT, Edge-IIoTset, and SWaT. FED-SCADA achieves a detection accuracy of 96.4%, inference latency of 28 ms, and energy consumption of 1.1 mJ per sample, demonstrating strong performance under real-time and energy-constrained conditions outperforming base-line federated learning models such as FedAvg-CNN and FedSVM. A detailed methodology flowchart and pseudocode are included to support reproducibility. To the best of our knowledge, this is the first study to combine neuromorphic computing, evolutionary optimization, and federated learning for trustworthy and efficient smart grid cybersecurity.

The increasing complexity and dynamism of modern cyber threats necessitate intelligent and adaptive network intrusion detection systems (NIDS). This paper proposes a novel hybrid metaheuristic approach that combines the Lion Optimization Algorithm (LOA) with the Virus Colony Search (VCS), enhanced by adaptive parameter tuning mechanisms. The proposed LOA-VCS hybrid algorithm addresses limitations in prior single and hybrid metaheuristic by alternating exploration and exploitation strategies across epochs, optimizing detection performance in high-dimensional feature spaces. Unlike previous hybrid metaheuristics that use fixed or non-adaptive control, our model uniquely alternates LOA and VCS phases adaptively across epochs to enhance convergence and detection robustness. A real-world intrusion detection dataset evaluated the LOA-VCS model with 98.4% detection accuracy, an F1-score of 0.976, and an AUC of 0.986, consistently outperforming the standalone LOA and VCS baselines. These results emphasize the power of adaptive hybrid met heuristics in maintaining low false alarms while ensuring strong recall for NIDS. The proposed approach can be deployed in scalable, high-speed systems in today’s contemporary cyber security environments.