Disruptive　design　change　risk　propagation　is　a　key　obstacle　restricting　the　success　of　complex　product　development　(CPD)　projects.　Considering　the　incomplete　information　of　initial　change　source　selection,　this　paper　develops　the　design　change　risk　propagation　model　with　gray　attack　information　based　on　complex　network　theory.　In　this　model,　parameters　π　and　σ　are　introduced　to　describe　the　gray　information　from　both　global　and　local　perspectives.　Based　on　the　gray　information,　four　kinds　of　gray　attack　strategies　are　provided.　The　robustness　of　the　CPD　project　against　design　change　risk　propagation　under　different　gray　attacks　is　analyzed　through　numerical　simulation.　The　results　show　that　the　CPD　project　is　most　robust　under　the　small　out-degree　attack,　while　is　most　vulnerable　under　the　large　out-degree　attack.　No　matter　based　on　global　or　local　gray　information,　increasing　the　gray　level　of　information　is　beneficial　to　improve　the　project　robustness　under　large　out-degree　attack,　while　reduces　the　project　robustness　under　small　out-degree　attack　under　certain　circumstances.　Parameters　σ　and　π　have　thresholds　σ*　and　π*,　which　can　keep　the　project　robustness　stable.　This　paper　has　implications　for　project　managers　to　make　reasonable　decisions　for　project　information　management　and　provides　a　new　perspective　for　CPD　project　robustness　prediction　and　improvement.　©　2023　Elsevier　Ltd