Most organisations/companies use bug bounty hunting programs to identify and then fix security vulnerabilities in their systems. Bounty hunters, in return for a reward, address cybersecurity flaws faced by organisations/companies before criminals/state-sponsored hackers exploit them. However, these programs do not fit Critical National Infrastructures such as clean water services given the nature of the program and the sensitivity of these systems. Nations are highly dependent on the operation and continuity of CNI therefore any failure/damage to them and/or their services will disturb day-to-day activities. Addressing this challenge will unlock a vast number of opportunities for cyber defenders.
This project is inspired by Digital Twin or digital clone for Cyber Physical Systems, which is an evolving field of research, and aims to produce a cyber replica of a real physical system. Digital Twin has been considered as a feasible digital platform due to its ability to simulate use case scenarios without directly operating on real physical systems. It has been employed for several Cyber Physical Systems (e.g., smart transportation), however, this does not cover water services. Additionally, the use of Digital Twin to mitigate two-way and realtime monitoring of cyberattacks against its real counterparts has not been well studied. Furthermore, this work proposes to move away from using Information Technology security paradigm (e.g., security of Cloud) to Operational Technology security (e.g., security of machinery) by the direct monitoring of hacker’s behaviour in Digital Twin. Therefore, our proposed work leverages the recent progress in Digital Twin for Cyber Physical Systems with a particular focus on 1) water services, 2) use of Digital Twin for cyberattack mitigation of Cyber Physical Systems, and 3) Operational Technology security. This project puts the system admin a step ahead of the hackers regarding the protection/hardening of their systems.
This work will consider our ongoing work on cybersecurity of Industrial Control System and Critical National Infrastructure. It will be based on our existing MPS Filtration System, which is representing a scaled-down version of a one-of-a-kind water treatment system, and will be linked to simulations to produce a cyber replica of such a system.
Perspective applicants are encouraged to contact the Supervisor before submitting their applications.
Applications should make it clear the project you are applying for and the name of the supervisors.
A first degree (at least a 2.1) ideally in automation & control, industry 4.0, cybersecurity with a good fundamental knowledge of simulation tools like Ansys, Anylogic, Matworks Simulink, Labview, programming languages like Python, R OR cybersecurity.
English language requirement
IELTS score must be at least 6.5 (with not less than 6.0 in each of the four components). Other, equivalent qualifications will be accepted. Full details of the University’s policy are available online.
· Experience of fundamental cybersecurity
· Competent in software development and algorithmic design
· Knowledge of /interest in application of machine learning, Programmable Logic Control (PLC), critical national infrastructure protection
· Good written and oral communication skills
· Strong motivation, with evidence of independent research skills relevant to the project
· Good time management
Knowledge of water services (e.g., clean water supply systems and/or clean water treatment systems
For enquiries about the content of the project, please email Dr Naghmeh Moradpoor, N.Moradpoor@napier.ac.uk
For information about how to apply, please visit our website https://www.napier.ac.uk/research-and-innovation/research-degrees/how-to-apply
To apply, please select the link for the PhD Computing FT application form.