Skip to main content

Empirical framework for identification of the most harmful malicious attacks on a smart grid


The aim of this paper is the identification of the most harmful malicious attacks in a smart grid with basis on the removal of buses in a particular sequence. For that, we define the Electrical Most Damaging Element (EMDE) and the Iterated Centrality Measure (ICM). The EMDE is the element that leads to the largest unsatisfied load increase after removed, in the current state of the smart grid. The ICM is a meaningful scaled centrality for iterated attacks. Attack strategies such as the IEMDE (Iterated Electrical Most Damaging Element) and the Iterated Most Central Element (IMCE) are proposed as references for evaluating the impact of failure sequences by comparison. For each fault strategy approach, the vulnerability curves as well as a scalability analysis are presented. It is demonstrated that the IEMDE approximated the \(N-k-\varepsilon\) algorithm, but with reduced computational expense. Furthermore, the IMCE approach provided an efficient fault profile close to the performance of the IEMDE. Although this framework is applied in this paper to failures in buses, it can similarly be applied to other elements. Future research will be focused in applying these concepts to transmission lines.


Electric energy supply systems are critical infrastructures interdependent with other essential systems such as water supply, telecommunications and the Internet. The lack of electricity for a prolonged time can lead to severe risks. Therefore, the event of a malicious attack aiming to damage the integrity of the electric power system represents a major concern for authorities in charge of security (Seger 2004; Parfomak 2004; Office of Technology Assessment 1979; Mijuskovic 2000). This has motivated the study of power systems’ vulnerability, and in recent years many research works have been carried out in this field (Abedi et al. 2019; Mehrdad et al. 2018; Cuadra et al. 2015; He and Yan 2016).

In this context, researchers have developed vulnerability measures to bring new knowledge and tools for protecting the integrity of power systems. With the aim of identifying critical elements in the power grid, different centrality measures based on degree, closeness and betweenness have been proposed (Nasiruzzaman et al. 2011; Sun et al. 2018; Bompard et al. 2010; Nasiruzzaman et al. 2012, 2012; Nasiruzzaman and Pota 2011); such measures can take into account the structure of the power grid, its power flow and impedance electrical properties. The impact of top buses removal from a power system with basis on centrality was studied in Nasiruzzaman et al. (2012), comparing topological centralities with electrical centralities. It was demonstrated that the impact of removing buses according to topological centralities is lower than the impact of doing it with basis on electrical centralities. In addition, when comparing electrical betweenness and closeness, the removal of nodes according to closeness caused a higher impact on the path length, while the removal according to betweenness produced a significant impact on the load supply capacity and the connectivity. The topological structure and the robustness of power grids were studied in Arianos et al. (2009), where the authors introduced the concept of net-ability and generalized the geodesic distance concept for power grids. It was evidenced that the influence of failures in lines according to net-ability corresponds with the DC power flow calculation of overload.

Additionally, research evaluating the impact of intentional attacks on power systems and how to mitigate it has been motivated by the threat of terrorism. Possible malicious attacks can be made through electromagnetic (Dehbaoui et al. 2009), informatics-based (Hawrylak et al. 2012), and physical means (Liu et al. 2013; David 2014); the targets of such attacks may also include different equipment of the power system in the areas of transmission, generation, control, monitoring and communications (National Research Council 2002). The location of the most of transmission and generation equipment represents a risk since they must be outdoors, accessible to malicious attacks (Agarwal et al. 2010; Bilis et al. 2013).

Although the current progress in the operation and design of power grids allows the improvement of their efficiency and profitability, it also increases their complexity and stress due to the incorporation of modern technologies and energy sources (National Research Council 2002; Kinney et al. 2005). Hence, it is important that the design of modern power systems includes considerations for reducing vulnerability, correctly addressing all the security concerns. Furthermore, the power grid must comply with requisites of adaptability, intelligence and robustness in front of ill-intentioned attacks (NIST 2010). That scenario, will not be achievable without the creation and improvement of tools to model and analyze the strategies for prevention and recovery from possible threats to the power grid (National Research Council 2002).

It has been evidenced that electric power systems are robust under traditional failures, but they may be vulnerable in front of targeted attacks (Salmeron et al. 2004; Duman et al. 2017). A systematic attack on susceptible areas of the electric power system may produce a cascade failure and a possible long-term blackout, if the traditional structure of the power grid is considered (National Research Council 2002). Researchers have addressed the impact of malicious attacks in the power system with different methods. For instance, using optimization to maximize the load shedding in a power grid (Salmeron et al. 2004; Arroyo and Galiana 2005), to identify the groups of elements that can cause a blackout (Chen et al. 2014, 2012), or to determine the expansion planning under deliberate attacks (Arroyo et al. 2010; Davarikia et al. 2020).

There are diverse approaches applied to determine the effects of ill-intentioned attacks over the power systems, some of them are: examination of historical records (Farrell et al. 2004), fault tree analysis (Volkanovski et al. 2009), applications of game-theory to simulate possible attacks (Holmgren et al. 2007; Bompard et al. 2009, 2008; Jian et al. 2013; Piccinelli et al. 2017, Yuan and Zeng 2020), and identification of vulnerable elements and areas using complex network theory (Panigrahi 2017; Adebayo et al. 2018). Interdependent structures, such as the cyber network that monitors and controls the power system has been considered for vulnerability analysis as well (Guo et al. 2017; Vellaithurai et al. 2015; Zhang et al. 2019; Meyur 2020). Moreover, simulations that evaluate different defense strategies have been proposed (Rose 2007; Wang 2017; Ouyang et al. 2017).

Nevertheless, there is research field is still open for the development of a framework to analyze the impact of attacks and consequent failures in the power system. The research presented in this paper focuses on identifying deliberate attack sequences consisting of buses or transmission lines removals that produce the largest electrical damage measured as the extent of brownout damage. Identifying such sequences will be crucial for suggesting strategies to increase the robustness of the smart grid in front of such attacks.

Particular attention is paid to solutions that are computational efficient for a given state, because an accurate estimation of vulnerability is not independent of the current power flow and generation state of the grid. Efficiency is important because the number of possible and relevant grid states is very large. The contributions are the following:

  1. 1

    Development of a framework based on the concept of relation between electrical damage and physical damage. This is an important tool for settling some key matters such as: (a) the most harmful attacks; (b) the most predictive centrality measure; (c) the most reliable physical damage measure; and (d) the vulnerability level of a grid compared to other.

  2. 2

    Introduction and application of various malicious attack algorithms, namely the Iterated Electrical Most Damage Elements (IEMDE) and the Iterated Most Central Elements (IMCE).

  3. 3

    Efficient identification of the most malicious attacks according to the framework of electrical damage versus physical damage.

  4. 4

    Identification of the fastest methods for quantification of the most harmful attacks in terms of computational complexity.


In this research, the estimation of unsatisfied load after each fault has been carried out using the simulation tool Matpower (Zimmerman et al. 2015). This is a high credibility package oriented to research and education based on MATLAB ( for the solution of power flow and optimal power flow problems (with flexible options and different algorithms) among other functions.

The normalized ULTotal Unsatisfied LoadUnsatisfied Load (UL) represents the proportion of power demand not met by the available generation. This is similar to energy not-supplied (Hashemi-Dezaki et al. 2015) or load shedding measures (Correa and Yusta 2013). The UL for a particular fault profile, assuming the removal of the first k buses as part of the fault evolution, is calculated as

$$\begin{aligned} \text {UL}(\beta (1:k))=1-\sum _{n_{i}}\frac{\text {PS}(n_{i})}{\text {PD}}, \end{aligned}$$

where \(\beta\) denotes the vector of ordered buses of particular fault profile, in MATLAB notation 1 : k is the vector of bus indices from 1 to k, PSSatisfied Power Load\(\text {PS}(n_{i})\) denotes the satisfied power load of island \(n_{i}\) formed after the removal of buses, and PDTotal Power Demand\(\text {PD}\) is the power demand of the whole system. A total blackout corresponds to an maximum level of unsatisfied load UL\((N;\beta )=1,\) and may result after removing a limited set of elements, for instance removing all generators.

The fault profiles can be classified into two types: natural faults, due for instance to hurricanes, and malicious attacks. There is a variety of such attacks depending on the means (cyber vs. physical), extent geographically (local vs. global), and random versus targets. For random attacks, the elements are removed according to a typically uniform probability distribution. For targeted malicious attacks, it is assumed that the attackers might have information about the power grid such as the topological or electrical structure, electric features and system limitations. It is logical to assume that if the attackers have sufficient information about the power grid, the attacks could have a larger impact, as they could determine critical points of the network.

Attackers might access the information of topological structure through particular companies [e.g., Platts (Platts 2014)], and might estimate electric characteristics of components such as impedance using standard values and typical calculations. However, the tolerances of the system are hardly available and are difficult to be clearly known by attackers (Kinney et al. 2005; Wang and Rong 2009; Wang et al. 2011; Zhu et al. 2014). Therefore, attack strategies can be classified into those having access to the tolerance of the system and not having access to such tolerance. While the unknown system tolerance strategies are based on degree, load, risk of failure and load distribution vector, the known system tolerance strategies are based on percentage of failures and exhaustive search approach (Kinney et al. 2005; Wang and Rong 2009; Wang et al. 2011).

A popular centrality-based attack is the Remove Most Central Element First (RMCEFRemove Most Central Element FirstRMCEF) fault profile, where the attacker is assumed to have knowledge about a centrality score of the power grid’s elements. In the RMCEF attack, centrality scores are computed using one of the standard techniques such as those in Eqs. (2)–(4) based on a a weighted or unweighted adjacency matrix that represents the structure of the grid. The buses are sorted according to their centrality scores from high to low and afterward they are removed according to such order.

There are 3 popular definitions of centrality:

$$\begin{aligned}&\text {(Degree)} \; c_{Di}=\frac{\sum _{j}a_{ij}}{\sum _{i}\sum _{j}a_{ij}}, \end{aligned}$$
$$\begin{aligned}&\text {(Eigenvector)} \; c_{Ei}=\frac{1}{\lambda _{max}}\sum _{j=1}^{N}a_{ij}u_{j}, \end{aligned}$$
$$\begin{aligned}&\text {(Betweenness)} \; c_{Bi}=\sum _{j\ne k\ne i}\frac{\sigma _{jk}(i)}{\sigma _{jk}}, \end{aligned}$$

where \(\sum _{j}a_{ij}\) represents the sum of the weights from the links connected to node i, \(\sum _{i}\sum _{j}a_{ij}\) is the sum all the elements of the adjacency matrix A\(u_{j}\) is the \(\text {j}\)th element of the eigenvector of A corresponding to the largest eigenvalue \(\lambda _{max}\), \(\sigma _{jk}\) is the number of shortest paths between nodes j and k, and \(\sigma _{jk}(i)\) is the number of these shortest paths between j and k, passing through node i.

For a selected centrality, we denote with c(i) the centrality calculated for node i, normalized to obtain \(\sum _{i}c(i)=1\). In this paper centralities are based in Power Traffic Matrix (PTM) which is the weighted adjacency matrix with weights that represent the active power flow on each link of the power grid. Other measures have been proposed in Cuadra et al. (2015).


The discussion about the methods to assess the vulnerability of power systems has been extensive in the last decade. Important part of the research has been dedicated to study the physical damage on power grids, by accounting it through different metrics related to their physical structure such as degree clustering coefficient (Albert et al. 2004), average path length (Albert et al. 2004), degree centrality (Bilis et al. 2013) and size of attack (Brummitt et al. 2012). On the other hand, several research works have studied the electrical damage, using metrics such as loss of power (Martinez-Anido et al. 2012), load shedding (Correa and Yusta 2013) and energy not supplied (Martinez-Anido et al. 2012). Nevertheless, few have taken into consideration both physical and electrical damages on the power grid (Correa and Yusta 2013; Bilis et al. 2013; Mei et al. 2011).

The distinction between physical damage measures and electrical damage measures is essential to settle criteria for vulnerability assessment in power systems. The measures of physical damage intend to characterize the size of the attacks by accounting the elements or the structural connections affected, while the electrical damage measures are related to the effect over the electrical performance of the power grid. The concept of vulnerability in essence attempts to measure the degradation of the performance depending on the size of the attack. For instance, an exceptionally robust grid can withstand severe physical damage presenting very low degradation in electrical performance.

In this sense, the proposed framework integrates physical damage and electrical damage measures with the aim of clearly and unambiguously defining: (a) the most harmful attack; (b) the most predictive centrality measure; (c) the most reliable measure of physical damage; and (d) the vulnerability level of a grid compared to other.

Figure 1 is presented as an illustration of this approach. To define the curve \({\mathcal {C}}_{0}\) for a particular power system, the procedure consists in designing an attack sequence by selecting a measure of physical damage, a fault profile, and a measure of electrical damage. Once the attack sequence is designed, the electrical damage is measured using an simulation. For example, we can select NOE as physical damage measure, UL as electrical damage measure and an attack profile based in RMCEF, then use an empirical simulation of DC power flow or cascading failures to determine the electrical damage measures for the attack profile.

Fig. 1
figure 1

Illustration of the framework

In this manner, different power grids, damage measures and fault profiles according to centrality measures can be compared using a vulnerability curve. In Fig. 1, the vulnerability curve \({\mathcal {C}}_{1}\) is higher than the baseline curve \({\mathcal {C}}_{0}\), depending on the whole attack design, we can obtain relevant information from these curves:

(a) Assuming that \({\mathcal {C}}_{1}\)is the a vulnerability curve for grid A, and \({\mathcal {C}}_{0}\) is determined for grid B with the same attack design, it can be concluded that the grid B is less vulnerable than the grid A, because a similar physical damage produces a lower electrical damage in the grid of B.

(b) If we consider that \({\mathcal {C}}_{1}\) was obtained with a different fault profile than \({\mathcal {C}}_{0}\), it implies that this attack profile is more harmful.

(c) Considering that \({\mathcal {C}}_{2}\) or \(C_{3}\) was obtained like \({\mathcal {C}}_{0}\), but with a different measure of physical damage implies that such measure is potentially more unreliable, because it appears that more intense attacks (according to physical damage) are required to obtain an equivalent electrical damage.

(d) And, if we assume that \({\mathcal {C}}_{1}\) in the same way that \({\mathcal {C}}_{0}\), but the electrical damage is measured through a different empirical simulation, then it is evident that such simulation exposes more vulnerabilities in the power grid than the one applied for calculating \({\mathcal {C}}_{0}\).

In general, the increment on the VPM is a quantitative measure of the degradation of robustness of the grid.

Proposed attack profile

Two different types of malicious attack profiles are introduced and described in this section.

Iterated attack based on the most central element (IMCE)

The IMCE is introduced as an attack in which the element with the highest centrality in the current grid is attacked and removed. The main feature is that the centrality score is recalculated after the removal of an element. The idea under this attack profile is that the centrality measures change after the removal of the most central element (MCE), thus the second most central element in the initial ranking may not be the most central once the MCE is removed. Then the vector of centralities must be recomputed to obtain the new ranking of elements according to centrality.

For this matter, we define a sequence of grids as \(\Gamma ^{0}\), \(\Gamma ^{1}\), \(\Gamma ^{2}, \ldots , \Gamma ^{N}\) where \(\Gamma ^{i}\) is the resulting grid from the removal of the MCE in the grids \(\Gamma ^{i-1}\). Also, \(\zeta _{j}\)(\(\Gamma ^{i}\)) is the centrality score of the element j in the grid \(\Gamma ^{i}\), and \(e_{i}\) represents the index of the MCE of such grid, as follows

$$\begin{aligned} e_{i}=\text {MCE}(\Gamma ^{i})=\text {argmax}_{j}(\zeta _{j}(\Gamma ^{i})). \end{aligned}$$

Furthermore, the value of centrality is denoted as \(z_{i}\), as follows

$$\begin{aligned} z_{i}=\zeta _{e_{i}}(\Gamma ^{i}) \end{aligned}$$

And the subsequent grid, in the corresponding sequence, is defined as

$$\begin{aligned} \Gamma ^{i+1}=\Gamma ^{i}-\{e_{i}\}. \end{aligned}$$

It is noted that \(\zeta _{j}\)(\(\Gamma ^{i}\)) is not normalized, thus it is necessary to determine a normalized centrality vector, given by

$$\begin{aligned} Z_{i}=\left( 1-\sum _{j<i}z_{j}\right) z_{i} \end{aligned}$$

This is called the Iterated Centrality Measure (ICM), considered the most meaningful scaled centrality generated by the IMCE,

$$\begin{aligned} {\varvec{Z}}=[Z_{1},Z_{2},\ldots ]. \end{aligned}$$

In the case that a collapse happens at an iteration \(i=\ell\), or in case that the attack ends at \(i=\ell\), the centrality of the remaining elements is equal to the so far unassigned centrality. That is,

$$\begin{aligned} Z_{\ell +1}=Z_{\ell +2}=\dots =\frac{1}{N-\ell +1}\sum _{i=1}^{\ell }Z_{i}. \end{aligned}$$

For a better physical interpretation of the proposed centrality \(Z_{i}\), it is wanted that it is a monotonically decreasing sequence. In this sense, it can be demonstrated that the 1-norm of the sequence is equal to one by construction, i.e., \(\left\| {\varvec{Z}}\right\| _{1}=\sum _{j}Z_{j}=1\). This means that the sum of centralities is equal to one, and they are almost monotonically decreasing without the need of applying any sorting. Algorithm 1 presents a pseudo-code that describes the proposed approach to find the removed elements, the unsatisfied load, and the corresponding ICM.

figure a

In order to exemplify the IMCE previously described, the IEEE 14-bus test power system is employed. In terms of the degree centrality, the bus 2 is the most central, with a normalized degree score equal to 0.25. That bus is removed, and the modified grid \(\Gamma ^{1}\) that is shown in Fig. 2 is obtained (the black dashed lined represents the links that are removed as consequence of removing bus 2). Then, the degree centrality score is recalculated for such grid, resulting that the most central bus is the bus 5, with a normalized degree score equal to 0.20. Therefore, it corresponds to remove such bus, leading to the new grid \(\Gamma ^{2}\), as shown in Fig. 2 (the red dashed lines represent the links that are removed when bus 5 is attacked). In Table 1 the initial sequences of buses removed under IMCE using different centrality measures are presented for the IEEE 118-bus system and the IEEE 300-bus system, and it is noted that the sequences are different for different centrality measures.

Fig. 2
figure 2

IEEE 14-bus power system representation of the IMCE fault profile The transmission lines disconnected after the removal of buses are identified (dashed lines)

Table 1 Buses removed under the ICME according to different centrality measures

Furthermore, we suppose for instance, that collapse occurs after removing two buses. Then,

$$\begin{aligned} Z_{1}& = z_{1}\nonumber \\ Z_{2}& = (1-z_{1})z_{2} \end{aligned}$$

and the next Z scores are determined as

$$\begin{aligned} Z_{3}=Z_{4}=\cdots =\frac{1}{14-2}\left( 1-\sum _{i=1}^{2}Z_{i}\right) . \end{aligned}$$

Therefore, we obtain

$$\begin{aligned} \sum _{i=1}^{14}Z_{i}=Z_{1}+Z_{2}+12\left[ \frac{1-\left( Z_{1}+Z_{2}\right) }{12}\right] =1. \end{aligned}$$

where it is noted that \(Z_{i}\) are not sorted in this equation. Figure 3 shows the logarithm of the ICM for the IEEE test power grids of 118 and 300 buses, where it is observed to be monotonically decreasing.

Fig. 3
figure 3

Logarithm of degree centrality with basis on ICM (red) and MCE (black)

Iterated attack based on the electrical most damaging element (IEMDE)

The IEMDE is defined in this work as an attack that is based in the removal of the element that generates the largest raise in the UL of the power grid in the current state. The iterated attack generates a sequence of grids in which the electrical most damaging element (EMDE) is removed, such sequence is \({\tilde{\Gamma }}^{0}\), \({\tilde{\Gamma }}^{1}\), \({\tilde{\Gamma }}^{2}\), \(\dots\), \({\tilde{\Gamma }}^{N}\), where \({\tilde{\Gamma }}^{i}\) is the resulting grid after the removal of the EMDE of \({\tilde{\Gamma }}^{i}\). That means,

$$\begin{aligned} {\tilde{\Gamma }}^{i}={\tilde{\Gamma }}^{i-1}-\text {EMDE}({\tilde{\Gamma }}^{i-1}) \end{aligned}$$

and the iterated EMD centrality is

$$\begin{aligned} {\tilde{z}}_{i}=\text {U}\text {L}({\tilde{\Gamma }}^{i})-\text {U}\text {L}({\tilde{\Gamma }}^{i-1}). \end{aligned}$$

In the same way that for the IMCE, we observe that \(\left\| {\varvec{z}}\right\| _{1}=\sum _{j}z_{j}=1\). Figure 4 shows how these centrality scores are almost monotonically decreasing for the IEEE 118-bus and 300-bus test power systems.

Fig. 4
figure 4

Proposed iterated EMD centrality

Algorithm 2 illustrates the proposed approach for computing the IEMDE using pseudo-code. Also, as an example of the application of this approach, we employed the IEEE 14-bus test grid. When the Algorithm 2 is applied, we obtain the sequence of EMDE’s [3, 4, 5, 1], which are the buses to remove until the grid collapses. The grid is shown in Fig. 5, and the links removed for the IEMDE are denoted with dashed lines.

figure b
Fig. 5
figure 5

IEEE 14-bus test grid applying the EMDE failure sequence [3, 4, 5, 1]. The dashed lines are the links (transmission lines) disconnected after the removal of the EMDEs

In addition, the IEMDE malicious fault profile was applied to the IEEE 118-bus and the IEEE 300-bus systems, and the initial sequence of EMDE’s are shown in Table 2. It is noted that the removal of each of these elements leads to an important increment in the UL, and the EMDE (\({\tilde{\Gamma }}^{0}\)) produces the highest \({\tilde{z}}\).

Table 2 Initial buses removed corresponding to the EMDE for IEEE 118-bus and IEEE 300-bus test systems

The framework proposed here has been though for attacks on buses, lines, or combination of both. To illustrate this, Table 3 shows the transmission lines that generate the highest damage for the IMDE applied to the IEEE 300-bus system. It is noted that the first EMDE does not present the largest value of \({\tilde{z}}\), in fact \({\tilde{z}}_{1}\)= 0.0375 < \({\tilde{z}}_{7}\)= 0.0585, which matches with our intuition. In this sense, it is expected that the grid is initially strong and able to tolerate the failure of one element, but as the grid losses elements it becomes more vulnerable. That explains why, in the sixth stage of the IMDE with the removal of the corresponding EMDE a higher impact is obtained.

Table 3 Transmission lines from low to high MDE, and their UL determined with Matpower

The attack profiles IMCE and IEMDE proposed here are somewhat similar to the one considered in Zhu et al. (2014) with an approach on sequential cascading failures. In that work, all possible attack sequences are considered and the Sequential Attack Graph is constructed from them. Nevertheless, one limitation of such proposal is the huge amount of cascading failures to consider, for example, the analysis of the IEEE 30-bus system requires the simulation of about 24,000 cascading failures.

Comparing various attack profiles

In the following, the Vulnerability Prediction Measure (VPM) is revised for the fault profiles with the algorithms described in Section Propsed Attack Profiles. Furthermore, several attack strategies are compared using this approach.

Analyzing the vulnerability curve and VPM of the fault strategies

The vulnerability curves resulting of the IMCE attack applied to the different test power grids and for every centrality measure selected are presented in Fig. 6. It is noted that the curves for eigenvector centrality and degree centrality are very close to each other and both present higher values of unsatisfied load than the betweenness centrality. This agrees with VPM scores shown in Table 4, which are very similar for the eigenvector and degree centrality. This also implies that the IMCE attack under such centralities is more damaging than under the betweenness, in fact the removal of approximately a third of the elements leads to a complete blackout.

Fig. 6
figure 6

Vulnerability curves for the IMCE fault profile based on PTM centralities and fraction of removed elements (FOE)

Table 4 Comparison of VPM scores using PTM centralities under IMCE malicious attack

For the IEMDE attack profile, the vulnerability curves corresponding to the test systems is shown in Fig. 7. These curves are steeper compared to the ones from IMCE attack, indicating the severity of the IEMDE, and this is confirmed with the VPM scores in Table 5, which are higher than the ones in Table 5. The IEMDE profile in the studied power grids leads to a blackout after the removal of less than the 20% of the buses.

Fig. 7
figure 7

Vulnerability curves produced by the IEMDE fault profile for IEEE 118-bus and IEEE 300-bus systems

Table 5 Results of VPM for the EMDE attack

The IEMDE, compared to other attacks in this research, is the most severe, except for fault sequences identified by the \(N-k-\epsilon\) algorithm. Therefore, this attack profile (IEMDE) can be employed as a reference for comparison in order to test the harm intesity of different attack profiles.

Comparison of attack profiles based on the vulnerability curve and the VPM

This section presents a comparison between the attack profiles proposed in this work (IMCE and IEMDE), the Remove Most Central Element First (RMCEF) attack and the worst case random (WCR) attack. Here, the random attacks strategy is implemented through a Monte Carlo simulation consisting in the removal of a permutation of buses on each realization and the measurement of the corresponding unsatisfied load. The VPM is calculated for each random sequence (permutation) after the removal of every bus, and the WCR denotes the scenario with the highest VPM of all the realizations (400 realizations were performed).

Several observations are made from the vulnerability curves corresponding to the aforementioned attack strategies (Fig. 8): (a) IEMDE attack produces the steepest vulnerability curve in comparison with RMCEF, WCR and IMCE, (b) IEMDE attack vulnerability curve is smoother than the rest, (c) IMCE curve is close to the IEMDE curve, and (d) for larger grids (IEEE 300-bus), the vulnerability curves are more predictable and have less abrupt variations.

Fig. 8
figure 8

Vulnerability curves for different attack strategies: IEMDE, WRC, IMCE (for PTM degree) and RMCEF (for PTM degree) performed

In Table 6 the VPM scores for the different attack strategies simulated are presented. The attack profiles that consider centrality measures are based in PTM centralities and may not hold for other centralities. The results show that the VPM for the IMCE attack with basis on PTM degree centrality is similar to this score with basis on PTM eigenvector centrality for both IEEE systems studied. Therefore, given such similarity, it is preferable to use the degree centrality as it is less complex to calculate.

Table 6 Comparison of the VPM for the different attack profiles under consideration

The results for the PTM degree centrality RMCEF show VPM scores of 0.891 and 0.854 for IEEE-118 and IEEE-300 respectively. These are not far from the VPM scores obtained for the IMCE (0.900 and 0.905 respectively) and for the IEMDE (0.958 and 0.954 respectively). Then, the RMCEF fault profile with degree centrality provides good understanding about the most damaging elements on the system. Nevertheless, the scores obtained with RMCEF under PTM betweenness and eigenvector are considerably lower and do not bring such information.

In addition, the VPM scores corresponding to the IEMDE attack profile for the IEEE-118 bus and the IEEE-300 systems are comparable. This happens also in the scores for the IMCE attack with PTM degree and the fraction of removed elements (FOE).

Alignment with the IEMDE sequence

It is important to introduce a procedure to compare two attack profiles to determine the most damaging sequence. In this section, we propose the Attack Sequence Misalignment (ASM) measure computation as a method to find the similarity between two different attack profiles. Considering two sequences of elements removed, the difference in the location of an element in both sequences is determined. Such difference is averaged over the top elements in what is defined here as the primary sequence. The IEMDE sequence is the primary sequence of the most elements. This is needed because of the electrical collapse after the most damaging elements are removed. Figure 9 exemplifies this concept.

Fig. 9
figure 9

Explanation of the ASM application between two fault sequences

Note that for IEEE-118 Bus the ASM shows 5.90 for the IEMDE as a primary sequence , and \(\text {IMC}\text {E}_{D}\) as a secondary sequence. The calculation of ASM was performed for attack profiles IMCE and RMCEF with different centralities leading to Table 7. Results show that the most similar sequence compared with the IEMDE is the IMCE with degree centrality followed by the IMCE with eigenvector centrality. While the IMCE and RMCEF fault profiles according to betweenness centrality presented the worst ASM.

Table 7 Calculated ASM for IEEE test systems considered with primary sequence IEMDE

Computational cost of attacks

In the subsequent, the time complexity of the proposed attack strategies is discussed. The least complex algorithm from the ones studied in this research is the RMCEF as it is not iterative to determine the elements to remove. The proposed algorithms and the \(N-k-\epsilon\) approach are shown in Fig. 10 in order of time complexity, from the lower to the highest.

Fig. 10
figure 10

Approaches in order increasing complexity

Newton–Raphson power flow calculation is one of the most costly operations performed. Regarding the time complexity of the Newton–Raphson solution for the power flow, it has been demonstrated that for a sufficiently close initial point, it converges with a quadratic rate. The execution time and the convergence of the AC power flow with Newton–Raphson depends on different aspects such as the number of buses of the grid, its structure and the initial values selected for the unknown variables. For a fully connected system with N buses it converges approximately in \(O(N^{3}\text {log }N)\). Nevertheless, the solution of AC power flow with Matpower uses the sparsity of power systems to improve such complexity to O(N).

If the time complexity of the proposed fault strategies is evaluated in function of the power flow calculation as an elemental operation, then RMCEF entails only one power flow computation and one centrality computation, thus its complexity is O(N). It is noted also, that IMCE requires the calculation of N times the power flows, and N times the centralities of the system. Furthermore, the IEMDE complexity is \(O(N^{2}/2)\) as it requires the calculation of power flows \(N^{2}\) times. And the Monte-Carlo simulation of random failure sequences for n realizations will require the computation of n power flows.

Comparing the results of execution time from the proposed attack strategies with the results replicated from Chen et al. (2014) with the application of the \(N-k-\varepsilon\) strategy, it is noted that the proposed algorithms present lower execution times in terms of scaling. This is shown in Fig. 11, where the \(N-k-\varepsilon\) algorithm executes in \(O(N^{3})\) approximately, which is more time expensive than the proposed algorithms.

Fig. 11
figure 11

Comparing the running time versus number of elements removed


This research presents an empirical framework for identifying and analyzing malicious attacks according to the impact in the power system. Concepts such as the ICM(z), the EMDE, and the ASM, which help to define and compare the most harmful attacks, are introduced. Moreover, the attack strategies IMCE and IEMDE are proposed for evaluating the impact of failure sequences by comparison.

The main contribution of this research was the identification of the malicious attack strategies that are more harmful for a smart grid by the removal of a sequence of its buses. As a result of the comparison of different attack profiles using the IEEE 118 bus and 300 bus test systems and the proposed framework, it is demonstrated that the IEMDE attack is the most harmful attack strategy, in terms of the VPM. This attack strategy presented a higher VPM than the WCR, the RMCEF attack and the IMCE attack sequences, and represents an approximation to the the \(N-k-\varepsilon\) attack strategy with a lower computational effort.

In addition, it is shown that the IMCE attack strategy with degree and eigenvector PTM centralities are the most similar to the IEMDE fault profile. This means that such attack strategies can be useful for predicting harmful attacks with a reduced computational complexity.

Although this approach is applied here to failures in buses, it can be also implemented to failures in different elements of the power grid. Future research will be focused in applying these concepts to transmission lines.

Availability of data and materials

The data set used in this article is available in the cited references.



Electrical most damaging element


Iterated centrality


most central element Measure


Total power demand


Satisfied power load


Remove most central element first


Total unsatisfied load


  • Abedi A, Gaudard L, Romerio F (2019) Review of major approaches to analyze vulnerability in power system. Reliab Eng Syst Saf 183:153–172

    Article  Google Scholar 

  • Adebayo I, Jimoh A, Yusuff A (2018) Techniques for the identification of critical nodes leading to voltage collapse in a power system. Int J Emerg Electr Power Syst 19(2):1–14

    Google Scholar 

  • Agarwal PK, Efrat A, Ganjugunte SK, Hay D, Sankararaman S, Zussman G (2010) Network vulnerability to single, multiple, and probabilistic physical attacks. In: Proceedings of the military communication conference, San Jose, CA, USA, pp 1824–1829

  • Albert R, Albert I, Nakarado GL (2004) Structural vulnerability of the North American power grid. Phys Rev E 69:4

    Article  Google Scholar 

  • Arianos S, Bompard E, Carbone A, Xue F (2009) Power grids vulnerability: a complex network approach. Chaos 19:013119

    Article  Google Scholar 

  • Arroyo JM, Galiana FD (2005) On the solution of the bilevel programming formulation of the terrorist threat problem. IEEE Trans Power Syst 20(2):789–797

    Article  Google Scholar 

  • Arroyo JM, Alguacil N, Carrion M (2010) A risk-based approach for transmission network expansion planning under deliberate outages. IEEE Trans Power Syst 25(3):1759–1766

    Article  Google Scholar 

  • Bilis EI, Kroger W, Nan C (2013) Performance of electric power systems under physical malicious attacks. IEEE Syst J 7(4):854–865

    Article  Google Scholar 

  • Bilis EI, Kroger W, Nan C (2013) Performance of electric power systems under physical malicious attacks. IEEE Syst J 7(4):854–865

    Article  Google Scholar 

  • Bompard E et al (2009) Risk assessment of malicious attacks against power systems. IEEE Trans Syst Man Cybern A Syst Hum 39(5):1074–1085

    Article  Google Scholar 

  • Bompard E, Napoli R, Xue F (2008) Vulnerability of interconnected power systems to malicious attacks under limited information. Eur Trans Electr Power 18(8):820–834

    Article  Google Scholar 

  • Bompard E, Wu D, Xue F (2010) The concept of betweenness in the analysis of power grid vulnerability. In: Proceedings of the complexity engineering, Rome, Italy, pp 52–54

  • Brancucci Martinez-Anido C, Boladoa R, De Vriesb L, Fulli G, Vandenbergh M, Masera M (2012) European power grid reliability indicators, what do they really tell? Electr Power Syst Res 90:79–84

    Article  Google Scholar 

  • Brummitt CD, DaSouza RM, Leicht EA (2012) Suppressing cascades of load in interdependent networks. Proc Natl Acad Sci 109(12):E680–E689

    Article  Google Scholar 

  • Chen RL, Cohn A, Fan N, Pinar A (2012) “\(N-k-\varepsilon\)” survivable power system design. In: Proceedings of the international conference on probability methods applied to power systems, pp 459–464

  • Chen R, Cohn A, Fan N, Pinar A (2014) Contingency-risk informed power system design. IEEE Trans Power Syst 29(5):2087–2096

    Article  Google Scholar 

  • Correa GJ, Yusta JM (2013) Grid vulnerability analysis based on scale-free graphs versus power flow models. Electr Power Syst Res 101:71–79

    Article  Google Scholar 

  • Cuadra L, Salcedo-Sanz S, Del Ser J, Jimenez-Fernandez S, Geem ZW (2015) A critical review of robustness in power grids using complex networks concepts. Energies 8(9):9211–9265

    Article  Google Scholar 

  • Davarikia H, Barati M, Al-Assad M, Chan Y (2020) A novel approach in strategic planning of power networks against physical attacks. Electr Power Syst Res 180:106140

    Article  Google Scholar 

  • David JE (2014) Double threat: US grid vulnerable on two fronts.

  • Dehbaoui A, Lomne V, Maurine P, Torres L, Robert M (2009) Enhancing electromagnetic attacks using spectral coherence based cartography. In: Presented at the international conferenec, VLSI (VLSI-SoC), Florianopolis, Brazil

  • Duman O, Zhang M, Wang L, Debbabi M (2017) Measuring the security posture of IEC 61850 substations with redundancy against zero day attacks. In: IEEE international conference on smart grid communications (SmartGridComm), pp 108–114

  • Farrell AE, Zerriffi H, Dowlatabadi H (2004) Energy infrastructure and security. Annu Rev Environ Resour 29:421–469

    Article  Google Scholar 

  • Guo J, Han Y, Guo C, Lou F, Wang Y (2017) Modeling and vulnerability analysis of cyber-physical power systems considering network topology and power flow properties. Energies 10(1):87

    Article  Google Scholar 

  • Hashemi-Dezaki H, Askarian-Abyaneh H, Haeri-Khiavi H (2015) Reliability optimization of electrical distribution systems using internal loops to minimize energy not-supplied (ENS). J Appl Res Technol 13(3):416–424

    Article  Google Scholar 

  • Hawrylak PJ, Haney M, Papa M, Hale J (2012) Using hybrid attack graphs to model cyber-physical attacks in the smart grid. In: Proceedings of the 5th international symposium on resilient control systems, Salt Lake City, UT, USA, pp 161–164

  • He H, Yan J (2016) Cyber-physical attacks and defences in the smart grid: a survey. IET Cyber-Phys Syst Theory Appl 1(1):13–27

    Article  Google Scholar 

  • Holmgren AJ, Jenelius E, Westin J (2007) Evaluating strategies for defending electric power networks against antagonistic attacks. IEEE Trans Power Syst 22(1):76–84

    Article  Google Scholar 

  • Jian Z, Shi L, Yao L, Masoud B (2013) Electric grid vulnerability assessment under attack-defense scenario based on game theory. In: IEEE PES Asia–Pacific power and energy engineering conference (APPEEC), pp 1–5

  • Kinney R, Crucitti P, Albert R, Latora V (2005) Modeling cascading failures in the North American power grid. Eur Phys J B 46:101–107

    Article  Google Scholar 

  • Liu X, Ren K, Yuan Y, Li Z, Wang Q (2013) Optimal budget deployment strategy against power grid interdiction. In: Proceedings of the IEEE INFOCOM, Turin, Italy, pp 1160–1168


  • Mehrdad S, Mousavian S, Madraki G, Dvorkin Y (2018) Cyber-physical resilience of electrical power systems against malicious attacks: a review. Curr Sustain Energy Rep 5(1):14–22

    Article  Google Scholar 

  • Mei S, Zhang X, Cao M (2011) Power grid complexity. Springer

    Book  Google Scholar 

  • Meyur R (2020) A Bayesian attack tree based approach to assess cyber-physical security of power system. In: 2020 IEEE Texas power energy conference, TPEC 2020, pp 1–6

  • Mijuskovic N (2000) Serbia restoration after war damages May-99. Presented at the CIGRE Session, SC 39 workshop on large disturbances

  • Nasiruzzaman ABM, Pota HR, Anwar A (2012) Comparative study of power grid centrality measures using complex network framework. In: IEEE international power engineering and optimization conference Melaka, Malaysia, pp 176–181

  • Nasiruzzaman ABM, Pota HR, Mahmud MA (2011) Application of centrality measures of complex network framework in power grid. In: IECON 2011—37th annual conjerence on IEEE industrial electronics society, pp 4660–4665

  • Nasiruzzaman ABM, Pota HR, Mahmud MA, Islam F (2012) Modified centrality measure based on bidirectional power flow for smart and bulk power transmission grid. In: Proceedings of the 2012 IEEE international power engineering and optimization conference (PEDCO), Melaka, Malaysia, 6–7 June 2012, pp 159–164

  • Nasiruzzaman ABM, Pota HR (2011) Transient stability assessment of smart power system using complex networks framework. In: IEEE power and energy society general meeting, San Diego, CA, pp 1–7

  • Nasiruzzaman ABM, Pota HR, Barik MA (2012) Implementation of bidirectional power flow based centrality measure in bulk and smart power transmission systems. IEEE PES Innovative Smart Grid Technologies, pp 1–6

    Google Scholar 

  • National Research Council (2002) Making the nation safer: the role of science and technology in countering terrorism. National Academies Press

  • NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0. NIST Special Publication 1108, January 2010.

  • Office of Technology Assessment (1979) The effects of nuclear war. U.S. Congress

  • Ouyang M, Xu M, Zhang C, Huang S (2017) Mitigating electric power system vulnerability to worst-case spatially localized attacks. Reliab Eng Syst Saf 165(February):144–154

    Article  Google Scholar 

  • Panigrahi P (2017) Vulnerability analysis of weighted Indian power grid network based on complex network theory. In: 2017 14th IEEE India council international conference (INDICON), pp 1–6

  • Parfomak PW (2004) Pipeline security: an overview of federal activites and current policy issues. Congressional Research Service, Rep. RL31990

  • Piccinelli R, Sansavini G, Lucchetti R, Zio E (2017) A general framework for the assessment of power system vulnerability to malicious attacks. Risk Anal 37(11):2182–2190

    Article  Google Scholar 

  • Platts (2014) GIS data.

  • Rose A (2007) Economic resilience to natural and man-made disasters: multidisciplinary origins and contextual dimensions. Environ Hazards 7(4):383–398

    Article  Google Scholar 

  • Salmeron J, Wood K, Baldick R (2004) Analysis of electric grid security under terrorist threat. IEEE Trans Power Syst 19(2):905–912

    Article  Google Scholar 

  • Seger KA (2004) Utility security: a new paradigm. PennWell, p 238

    Google Scholar 

  • Sun Y, Yang D, Meng L, Gao X, Hu B (2018) Universal framework for vulnerability assessment of power grid based on complex networks. In: The 30th Chinese control an decision conference (2018 CCDC), pp 136–141

  • Vellaithurai C, Srivastava A, Zonouz S, Berthier R (2015) CPIndex: cyber-physical vulnerability assessment for power-grid infrastructures. IEEE Trans Smart Grid 6(2):566–575

    Article  Google Scholar 

  • Volkanovski A, Eepin M, Mavko B (2009) Application of the fault tree analysis for the power system reliability. Reliab Eng Syst Saf 94(6):1116-1127J

    Article  Google Scholar 

  • Wang C et al (2017) Robust defense strategy for gas-electric systems against malicious attacks. IEEE Trans Power Syst 32(4):2953–2965

    Article  Google Scholar 

  • Wang J, Rong L (2009) Cascade-based attack vulnerability on the US power grid. Saf Sci 47:1332–1336

    Article  Google Scholar 

  • Wang W, Cai Q, Sun Y, He H (2011) Risk-aware attacks and catastrophic cascading failures in U.S. power grid. In: Proceedings of the IEEE GLOBECOM

  • Yuan W, Zeng B (2020) Cost-effective power grid protection through defender–attacker–defender model with corrective network topology control. Energy Syst 11(4):811–837

    Article  Google Scholar 

  • Zhang H, Peng M, Guerrero JM, Gao X, Liu Y (2019) Modelling and vulnerability analysis of cyber-physical power systems based on interdependent networks. Energies 12(18):3439

    Article  Google Scholar 

  • Zhu Y, Yan J, Sun Y, He H (2014) Revealing cascading failure vulnerability in power grids using risk-graph. IEEE Trans Parallel Distrib Syst 25(12):3274–3284.

    Article  Google Scholar 

  • Zimmerman RD, Murillo-Sanchez CE, Thomas RJ (2015) Matpower v5.1 user’s manual

Download references

Author information

Authors and Affiliations



AA and MB conceived, designed and carried out the research, AA carried out the simulations, AA wrote the manuscript MB supervised the research. Both authors read and approved the final manuscript.

Corresponding author

Correspondence to Aiman J. Albarakati.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Albarakati, A.J., Bikdash, M. Empirical framework for identification of the most harmful malicious attacks on a smart grid. Appl Netw Sci 7, 13 (2022).

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI:


  • Vulnerability assessment
  • Graph theory
  • Powergrid
  • Centrality measures
  • Matpower