PhD in Computing Science - Virtualisation of Programmable Logic Controllers (PLCs) for Cyber Security Use Cases - Understanding the Art of the Possible

   College of Science and Engineering

This project is no longer listed on and may not be available.

Click here to search for PhD studentship opportunities
  Prof Dimitrios Pezaros  Applications accepted all year round  Funded PhD Project (European/UK Students Only)

About the Project

Industrial Control Systems (ICS) form essential economic and life-critical elements of UK national infrastructure and play a key part in enabling the operation of complex defence platforms. Within these environments, Programmable Logic Controllers (PLCs) facilitate the overall industrial process through the orchestration of physical actuators based on the logical processing of sensory and user input within the context of a pre-defined program.

There are numerous makes and models of PLC on the market which consist of different proprietary hardware and supporting control and management software. There is a number of challenges associated with these PLCs from a Cyber Security perspective, including:

• Little to no security functionality built into the PLCs leaving them vulnerable to a range of attacks;

• A disparate set of communication protocols which vary depending on manufacturer;

• Relatively low computational power which cannot be modified/supplemented;

• Whilst supplementary hardware modules (for example to introduce additional communication interfaces) can be used on some PLCs, the options tend to be limited;

Prior research has highlighted how virtualisation of the functionality of these devices may offer a solution. By using commodity IT hardware to host the virtual PLC (vPLC) instances, the physical footprint of these devices can be reduced (increasing scalability options), whilst increasing the possible flexibility of device hardware characteristics. Whilst some solutions exist currently, these primarily serve as a mechanism to support process development and testing. 

The proposed project will investigate the feasibility of developing a vPLC that can orchestrate a Cyber-physical process. The work will consider the approaches and techniques that have already been undertaken within this space with a cataloguing of the benefits and drawbacks. Subsequent phases will look to develop a proof-of-concept vPLC that can manage a Cyber-physical process and benchmark this solution against an equivalent hardware implementation. Analysis of this effort would provide an evidence-based breakdown of the true benefits and drawbacks of vPLCs as well as the Cyber Security relevant opportunities enabled by a virtual implementation.

The main outcomes of this research will be to provide a means to address the issues highlighted above whilst giving defenders new ways to protect (for example introducing authentication measures on the hypervisor or within the vPLC itself), detect (re-using a vPLC as a sacrificial or decoy node) and respond (provisioning vPLCs with different configurations in response to hostile activity) to malicious activity.

How to Apply: Please refer to the following website for details on how to apply:

The position will be filled once a suitable candidate has been identified.

Computer Science (8) Engineering (12)

Funding Notes

Funding is available to cover tuition fees for UK/Home applicants (EU applicants need settled/pre-settled status) for 4 years, as well as paying a stipend at the Research Council rate (estimated £18,022 / annum, for Session 2023-24). An additional £300 top-up per month is funded by company contributions.
Student eligibility requirements for EPSRC Industrial CASE funding are:
• a relevant connection with the UK, usually established by residence
• an upper second-class honours degree, or a combination of qualifications and/or experience equivalent to that level.
Search Suggestions
Search suggestions

Based on your current searches we recommend the following search filters.