In this joint project between Cardiff University and Thales UK Limited, approaches for identifying risks and vulnerabilities in Industrial Control Systems will be explored. Eligibility criteria apply, see below. The student will join the large Cybersecurity Research Group at Cardiff University and will work part-time with Thales at their National Digital Exploitation Centre (NDEC) in Ebbw Vale. This combination of the academic and industrial research environments offers an inspiring combination of challenges in fundamental research and cutting-edge application.
Industrial Control Systems (ICS) are increasingly being connected to the Internet. However, most of these systems have not been designed with this purpose in mind, rendering them highly susceptible to cyberattacks with potentially catastrophic consequences on whole supply chains. In order to secure ICS, vulnerabilities and risks of the system must be discovered. Such vulnerabilities and risks range from the individual device level to processes where the ICS forms only a part of the whole.
This project will investigate and develop approaches providing a comprehensive discovery of all vulnerabilities and risks in an ICS. There are many intellectual, scientific and technical challenges to be addressed, such as accuracy and coverage, scalability, and automation.
Aims and Methods
The overall aim of the project is to develop a scalable, automated approach for identifying the risks and vulnerabilities in an Industrial Control System. This involves, for instance, studying the components of an ICS and the methods and goals in attacking it, the application of stochastic models for impact assessment, the development of technical methods for gathering and importing vulnerability information, investigations into automatically/semi-automatically learning the structure of an ICS, and the implementation and evaluation of a prototype in a test-bed and in user studies.
• Surveys on challenges and state of the art in the field
• Stochastic methods for evaluating the impact of attacks
• Tools for gathering and importing ICS data
• Implementation of a scalable and user-friendly system
• Academic publications
HOW TO APPLY:
To apply please click the following link: https://www.cardiff.ac.uk/study/postgraduate/research/programmes/programme/computer-science-and-informatics
In the "Research proposal and Funding" section of your online application, please specify the project title and supervisors of this project and copy the project description in the text box provided.
Sunday 17 November 2019 – deadline for submission of CV and cover letter to supervisors
Sunday 1 December 2019 – deadline for full online application: PhD in Computer Science and Informatics, with start date of January 2020. In the funding field of your application, indicate applying for “KESS2 PhD Scholarship in Computer Science and Informatics”, and specify the project title and supervisors of this project in the text box provided.
Start date: 2 January 2020
UK tuition fees, stipend (£14,483 p.a. in first year - subject to confirmation), plus travel/conferences, support, consumables/equipment.
Eligibility - applicants must:
• have a home or work address in East Wales region (local authority areas Cardiff, Flintshire, Monmouthshire, Newport, Powys, Vale of Glamorgan and Wrexham) at application and enrolment;
• have the right to live and work in the UK for the duration of the scholarship, and the right to take up paid work in the East Wales region on completion of the scholarship;
• be classified as a ‘home’ or ‘EU’ student;
• satisfy the admissions criteria.