Cyber Physical Security Research Publications

Pleased to share our latest publication in the November 2025 issue of IEEE Transactions on Industrial Informatics, titled “Resilient Cyber-Physical System Honeypots for Cyberattacker Engagement.” This work introduces a novel honeypot framework for industrial cyber-physical systems that leverages safety-critical control to enhance realism and resilience against cyberattacks. By sustaining attacker engagement and capturing richer behavioral data, it deepens our understanding of evolving cyber-physical threats and charts a new path toward more proactive defense and threat intelligence in industrial environments. Read the full paper here: https://lnkd.in/giuuCzWg #CyberPhysicalSecurity #IndustrialCybersecurity #Honeypots #CyberDeception

As part of my now-completed PhD research, I’ve spent the last four years modeling cybersecurity risks and mitigation strategies for coordinated attacks on Distributed Energy Resources (DERs). I’ve become convinced that one of the most underestimated cyber-physical threats to the U.S. electric grid isn’t a massive power plant or transmission control room hack - it’s the growing fleet of connected grid-edge devices, including smart thermostats, solar inverters, and other controllable assets. My latest publication examines what happens when thousands, or even millions, of Distributed Renewables and DER assets are hijacked in a coordinated attack. The outcome isn’t just a few localized outages - it’s rapid, system-wide instability that can cascade faster than operators can respond. We’ve made huge strides in using DERs and demand response to benefit the grid - increasing flexibility, resilience, and decarbonization. But that same connectivity also creates new risk surfaces. When devices are aggregated or cloud-controlled, a single compromised point can have grid-wide consequences. While DOE and NERC have warned about these risks, detailed system-wide modeling has been rare. This research is among the first to move beyond “what if” - quantifying real system impacts of coordinated Distributed Renewables/DER attacks and identifying practical, achievable steps to improve our security posture. The resilience of the U.S. grid depends on continuing to integrate DERs securely - pairing innovation with robust cyber safeguards. Read the full paper here: https://lnkd.in/ewqEgWar

🔬 New #Research I’ve published a technical paper on #cyber #penetration #testing of the #F-#35 system-of-systems architecture. The work focuses on: #MIL-STD-1553 & ARINC 429 exploitation paths #ODIN supply-chain attack scenarios #Sensor-fusion false data injection #Detection logic and survivability countermeasures Perimeter security has improved, but internal trust and lateral propagation remain the weakest points in highly integrated avionics systems. Paper attached. Happy to discuss with folks working in aerospace & defense cyber. #CyberSecurity #PenetrationTesting #AerospaceCyber #DefenseTech #AvionicsSecurity #MilitaryCyber

Nonintrusive attacks, such as side-channel noise intrusion (SNI), threaten the stability of solid-state transformers (SSTs) by corrupting the measurement feedback signals fed to the controllers. This IEEE Transactions on Power Electronics article [1] of my Ph.D. students, entitled "Spectral Decomposition-Based Mitigation of Radiative Side-Channel Noise Intrusion in a Cascaded SST," proposes a novel technique for rapid intrusion detection and mitigation of radiative SNI threats to provide resilience to the secondary layer of the cascaded SSTs. The technique entails spectral decomposition of the noise-tampered signal, followed by noise-free signal reconstruction of the targeted frequency component. Experimental results validated the solution deployed in a cascaded SST experimental prototype’s secondary control layer to deal with radiative noise on global input voltage sensor feedback. The research work evolves out of University of Illinois Chicago led U. S. Department of Energy (DOE) and U. S. National Science Foundation (NSF) projects led by Prof. Sudip K. Mazumder on cybersecurity and cyber-resilience of power-electronic distributed energy resources (DERs) such as solid-state transformers (SSTs). Happy reading and hope it leads to further research in "Cyber-resilient Power Electronics." [1] D. Sur, S. Gupta, M. D. R. Greidanus and S. K. Mazumder, "Spectral Decomposition-Based Mitigation of Radiative Side-Channel Noise Intrusion in a Cascaded SST," in IEEE Transactions on Power Electronics, vol. 40, no. 2, pp. 2674-2679, Feb. 2025, doi: 10.1109/TPEL.2024.3477274. (Available at https://lnkd.in/g6-2ztWi)

I’m excited to share that my new paper "Cognitive Cyber Defense Applying Artificial General Intelligence to Predict and Counteract Advanced Persistent Threats" is now published in "Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications" (JoWUA). In this work, I introduce the Cognitive-Generative Defense Framework (CGDF) combining AGI-inspired reasoning, behavioral analytics, and game-theoretic countermeasures to proactively detect and respond to advanced persistent cyber-threats. Our simulations show CGDF can significantly improve threat detection and adaptive response compared to conventional AI/ML-based cyber defense systems. As cyber threats become more sophisticated, we need defense systems that learn, adapt, and respond dynamically. I believe CGDF represents an important step toward autonomous, resilient cybersecurity for modern distributed computing environments. Read the full article here: https://lnkd.in/dXB4azKd #cybersecurity #artificialIntelligence #agi #research #cyberdefense

I am excited to share my graduate research conducted at Northeastern University (Khoury College of Computer Sciences) under the guidance of Prof. Themis A. Papageorge. I extend my gratitude to my TAs, Utkarsha S. & Sujith Morusu, for their valuable support and technical guidance throughout this project. This 57-page study analyses cyber-physical vulnerabilities in a 16-node Boston metropolitan energy distribution network using: • Complex Network Analysis • Model-Based Risk Assessment (MBRA) • Resilience threshold modeling (γ₀ = 0.728) • Fault Tree Analysis (FTA) • Targeted vs. random cyber-physical attack simulations Key findings include: - Identification of Tier-1 critical substations - Network operating close to fragility boundary (γ ≈ 0.667) - Development of a $76.7M resilience optimization strategy - Demonstration of strong prevention ROI for critical nodes The full paper is attached below. #Cybersecurity #CriticalInfrastructure #EnergySecurity #OTSecurity #ICS #RiskModeling #NortheasternUniversity

After months of systematic research analyzing 87 security incidents and examining 143 vulnerabilities across major commercial and enterprise drone platforms, I'm proud to share this in-depth exploration of how drone security has evolved from isolated, proprietary frameworks toward standardized, layered approaches. Key highlights include: - Detailed analysis of attack vectors specific to drone systems - Examination of hardware security elements and secure boot processes - Comprehensive review of communication protocols and data link security - Novel framework integrating hardware-based root-of-trust with dynamic threat assessment - Forward-looking analysis of security for autonomous operations and urban air mobility As drones increasingly operate in critical infrastructure, commercial operations, and public services, robust security architecture is essential. This publication provides both theoretical models and practical guidelines for security professionals, manufacturers, and policymakers. Looking forward to connecting with others in the drone security community to continue advancing this critical field! Link to paper: https://lnkd.in/duwu7d5D #DroneSecurityArchitecture #UAVSecurity #CyberPhysicalSystems #CriticalInfrastructure #SecurityResearch

I am delighted that ACM Transactions on Cyber-Physical Systems has just published our team's paper on modeling and experimentation required to measure Cyber Resilience. Here is the free-access paper https://lnkd.in/dm5zFjcy Although partial results have been published before, this paper offers the most integrated, comprehensive treatment. #Cyber #resilience is the ability of a #system to #resist and #recover from a cyber #attack, thereby restoring the system's functionality. Efective #design and development of a cyber resilient system requires #experimental #methods and tools for #quantitative #measuring of cyber resilience. This paper describes an experimental method and test bed for obtaining resilience-relevant #data as a system (in our case – a truck) executes it's mission, in repeatable, systematic experiments. We model a truck equipped with an #autonomous #cyber-defense system. When attacked by #malware, this ensemble of #cyber-physical features (i.e., “#bonware”) strives to resist and recover from the #performance #degradation caused by the malware's attack. We propose parsimonious mathematical #models to aid in quantifying systems’ resilience to cyber attacks, in a practical manner. We hope you read the paper, and use the proposed method! Your questions are most welcome. Thanks to Michael Weisman, Jason Ellis, Brian J. Murphy, Travis W. Parker, Sidney Smith, Joachim Vandekerckhove

Cybersecurity attacks on brain implants: theoretical in 2020, practical PoC in 2025. 👨🏻💻🧠🎯😈👁️ An international group of academic researchers led by Sergio López Bernal has, for at least the last six years, published research on vulnerabilities and cyberattacks from Brain-Computer Interfaces (BCIs) to the brain (assuming the device is already compromised). If back in 2020 most of the assumptions were theoretical, in 2025 the authors released a PoC that ran against a virtual simulation explicitly based on the anatomy and physiology of the mouse, with about 230,000 neurons. Types of attacks tested: 1️⃣ Neuronal Flooding (FLO) - Forces targeted neurons to communicate by raising their membrane voltage. 2️⃣ Neuronal Jamming (JAM) - Forces targeted neurons to their reset potential to suppress their ability to communicate. Both attacks affected the brain’s ability to see and process visual information, with some effects lasting longer than others. Well, this is the future we’re going to live in, huh… Let’s at least make those BCIs secure by design. P.S. No mouse was harmed during the PoC. More details: Cyberattacks on Miniature Brain Implants to Disrupt Spontaneous Neural Signaling [PDF, 2020]: https://lnkd.in/dQyte-YH Security in Brain-Computer Interfaces: State-of-the-Art, Opportunities, and Future Challenges [PDF, 2020]: https://lnkd.in/dSZHstcB Neural cyberattacks applied to the vision under realistic visual stimuli [PDF, 2025]: https://lnkd.in/dvXum2QS #cybersecurity #medical #brain #BCI #technology #medicine #Neuralink #future #infosec #tech #hacking #attack #cyber #security #safety #healthcare #nedtech

🚨 𝗧𝗵𝗲 𝗙𝘂𝘁𝘂𝗿𝗲 𝗼𝗳 𝗜𝗖𝗦 𝗔𝘁𝘁𝗮𝗰𝗸𝘀 - 𝗕𝗲𝘆𝗼𝗻𝗱 𝗦𝘁𝘂𝘅𝗻𝗲𝘁: 𝗪𝗵𝗲𝗻 𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗟𝗲𝗮𝗿𝗻𝘀 𝗣𝗵𝘆𝘀𝗶𝗰𝘀 👁️ 🔎 This research paper “𝗛𝗲𝘆, 𝗠𝘆 𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗞𝗻𝗼𝘄𝘀 𝗣𝗵𝘆𝘀𝗶𝗰𝘀!” introduces 𝗛𝗔𝗥𝗩𝗘𝗬 – 𝗮 𝗽𝗵𝘆𝘀𝗶𝗰𝘀-𝗮𝘄𝗮𝗿𝗲 𝗣𝗟𝗖 𝗿𝗼𝗼𝘁𝗸𝗶𝘁 that could change how we think about OT cybersecurity. Unlike traditional ICS malware, HARVEY doesn’t just exploit code. It leverages the laws of physics to stay invisible while damaging critical infrastructure. 💡 𝗞𝗲𝘆 𝗜𝗻𝘀𝗶𝗴𝗵𝘁𝘀: ⚡ 𝗣𝗵𝘆𝘀𝗶𝗰𝘀-𝗔𝘄𝗮𝗿𝗲 𝗦𝘁𝗲𝗮𝗹𝘁𝗵 – HARVEY simulates plant behavior in real time, injecting fake “normal” sensor data while manipulating actuators toward unsafe states. 🛠 𝗙𝗶𝗿𝗺𝘄𝗮𝗿𝗲-𝗟𝗲𝘃𝗲𝗹 𝗖𝗼𝗺𝗽𝗿𝗼𝗺𝗶𝘀𝗲 – Lives inside PLC firmware, bypassing logic-layer defenses. 🔬 𝗣𝗿𝗼𝘃𝗲𝗻 𝗶𝗻 𝗮 𝗣𝗼𝘄𝗲𝗿 𝗚𝗿𝗶𝗱 𝗧𝗲𝘀𝘁𝗯𝗲𝗱 – Tested on an Allen Bradley CompactLogix PLC, showing adversary-optimal attacks that caused grid instability while operators saw normal readings. 🛡 𝗗𝗲𝗳𝗲𝗻𝘀𝗲 𝗚𝗮𝗽𝘀 – Traditional IDS and anomaly detection fail. Mitigation requires secure firmware updates, runtime attestation, and independent physical-state monitoring. ⚠️ 𝗪𝗵𝘆 𝗶𝘁 𝗺𝗮𝘁𝘁𝗲𝗿𝘀: This research highlights the next frontier of OT threats—malware that understands physics. Future attacks won’t just hack code — they’ll exploit the laws of physics. 📄 Read the full paper 👇 💬 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻 𝘁𝗼 𝘁𝗵𝗲 𝗰𝗼𝗺𝗺𝘂𝗻𝗶𝘁𝘆: What approaches do you think will be most effective against the next wave of ICS threats? 👉 Follow OT SECURITY PROFESSIONALS (OTSecPro) for more cutting-edge OT Security research highlights, insights, and community knowledge. #OTSecurity #ICS #PLC #CyberPhysical #CriticalInfrastructure #IndustrialCyberSecurity #OTSecPro #OTSecProInsights #OTSecurityPro Robert M. Lee John Kingsley chitrannk shrivastav DEVIKA JAY Bimal Mehta Kunal S. Mini TT