City Research Online

Modelling smart grid IT-OT dependencies for DDoS impact propagation

Acarali, D. ORCID: 0000-0003-1787-6300, Rajesh Rao, K., Rajarajan, M. ORCID: 0000-0001-5814-9922 , Chema, D. & Ginzburg, M. (2022). Modelling smart grid IT-OT dependencies for DDoS impact propagation. Computers & Security, 112, article number 102528. doi: 10.1016/j.cose.2021.102528


The traditional power network has now evolved into the smart grid, where cyber technology enables automated control, greater efficiency, and improved stability. However, this integration of information technology exposes critical infrastructure to potential cyber-attacks. Furthermore, the interdependent nature of the grid’s composite information and operational technology networks means that vulnerability extends across interconnected devices and systems. Therefore, a DDoS (Distributed Denial-of-Service) attack, which is relatively easy to deploy but potentially highly disruptive, can be used strategically against the smart grid with particularly egregious results. In this paper, we take inspiration from epidemiological modelling to propose a compromise propagation model, alongside a behavioural DDoS model, to explore how dependencies between the grid’s networks might influence the scale and impact of DDoS attacks. We found that the internal connectedness of a network amplifies the received impact of failures in an external network on which it is dependent. Furthermore, testing showed that alongside attack force, attack duration influences recovery times, due to both the quantity of resources consumed and the time needed to accumulate recoveries. The models were validated against simulations conducted with cyber-security providers L7 Defense, showing our approach to be a viable companion or alternative to traditional graph-based dependency models.

Publication Type: Article
Additional Information: © 2022. This manuscript version is made available under the CC-BY-NC-ND 4.0 license
Publisher Keywords: Smart grids, DDoS modelling, DDoS mitigation, Critical infrastructure, Epidemiology
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
T Technology > TK Electrical engineering. Electronics Nuclear engineering
Departments: School of Science & Technology > Engineering
SWORD Depositor:
[thumbnail of 2021-07-13 manuscript (submitted).pdf]
Text - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

Download (563kB) | Preview


Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email


Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login