Security Analysis of Critical Infrastructure Systems with Cyber-Physical Attack Graphs


   School of Computer Science and Electronic Engineering

This project is no longer listed on FindAPhD.com and may not be available.

Click here to search FindAPhD.com for PhD studentship opportunities
  Dr Martin Barrere  No more applications being accepted  Funded PhD Project (Students Worldwide)

About the Project

Studentship group name

Digital Resilience

Department/School

School of Computer Science and Electrical Engineering                                                                                                                  

Project Description

Attack graphs (AGs) constitute a fundamental security tool intended to depict the many ways in which an attacker may compromise assets in a computer network [1]. In particular, AGs are focused on modelling how multi-stage attacks can be carried out through a network towards the attacker’s objective. Attack graphs have been successfully used in cyber networks (i.e. IT systems) for almost two decades. However, their use in Operational Technology (OT) and Critical Infrastructure Systems requires new approaches able to properly model and analyse Cyber-Physical Systems (CPS).

CPS are characterised by a deep integration between cyber elements (e.g. network devices, algorithms, data), physical components (e.g. actuators) and processes [2]. As such, CPS environments usually expose complex networks of dependencies among cyber and physical components designed to deliver a particular task. In this project, we call Cyber-Physical Attack Graphs (CPAGs) to the class of attack graphs that are able to cover both cyber and physical aspects [3].

Objective

The objective of this research project is to investigate and address some of the challenges involved in the modelling, generation, analysis, and practical use of CPAGs for complex CPS. To do so, this project aims at leveraging previous contributions and further exploring the concept of CPAGs to cover cyber-physical attacks, analyse how an attacker can move within the network, and understand the impact that these actions may have on a cyber-physical system. This research will also provide support to further security mechanisms such as risk analysis, criticality analysis, network hardening, and security metrics for complex CPS environments and critical infrastructure systems.

Candidate profile

Candidates with a good background on security, networking, graph-theory, and/or probabilistic graphical models, will probably feel more comfortable with this project. Programming skills and/or experience with network and security tools are highly welcome.

How to apply

Open to UK and International students starting in October 2023.

Applications should be submitted via the Computer Science PhD programme page. In place of a research proposal you should upload a document stating the title of the projects (up to 2) that you wish to apply for and the name(s) of the relevant supervisor. You must upload your full CV and any transcripts of previous academic qualifications. You should enter ’Faculty Funded Competition’ under funding type.

Funding

The studentship will provide a stipend at UKRI rates (currently £17,668 for 2022/23) and tuition fees for 3.5 years. An additional bursary of £1700 per annum for the duration of the studentship will be offered to exceptional candidates.


Computer Science (8) Engineering (12) Mathematics (25)

Funding Notes

The studentship will provide a stipend at UKRI rates (currently £17,668 for 2022/23) and tuition fees for 3.5 years. An additional bursary of £1700 per annum for the duration of the studentship will be offered to exceptional candidates.

References

[1] K. Kaynar, A taxonomy for attack graph generation and usage in network security, Journal of Information Security and Applications, Volume 29, 2016, Pages 27-56, ISSN 2214-2126, https://doi.org/10.1016/j.jisa.2016.02.001.
[2] A. Humayed, J. Lin, F. Li, and B. Luo, "Cyber-Physical Systems Security - A Survey," in IEEE Internet of Things Journal, vol. 4, no. 6, pp. 1802-1831, Dec. 2017. https://doi.org/10.1109/JIOT.2017.2703172.
[3] Karathymios, T. A. Cyber-Physical Attack Graphs, MSc Thesis. Πανεπιστήμιο Κύπρου, Πολυτεχνική Σχολή / University of Cyprus, Faculty of Engineering, Cyprus, Jan. 2021. http://gnosis.library.ucy.ac.cy/handle/7/64251.
Search Suggestions
Search suggestions

Based on your current searches we recommend the following search filters.