£2.5m to combat cyber threats
19 Nov 2014
A new research project focusing on the cyber-security of the UK’s vital national infrastructure has received £2.5 million in funding.
The research, which will focus on control systems in manufacturing plants, power stations, the electricity grid, and the rail network, has been launched to help mitigate threats from hackers or malware.
The £2.5 million is being provided by the Engineering and Physical Sciences Research Council (EPSRC) and the UK’s National Cyber Security Programme.
Where control systems are linked to the internet we need to understand how failures could cascade across the system
RITICS professor Chris Hankin
The EPSRC said its plan was to produce metrics and software tools so that non-technical decision makers can assess cyber-security in the context of their business.
Historically industrial control systems have been isolated to keep them secure, however these systems are increasingly being connected into complex and interconnected networks via the internet.
“There are many business advantages from such interconnections but there are also greater risks that need to be recognised and effectively managed,” the EPSRC said.
The Research Institute in Trustworthy Industrial Control Systems (RITICS), based at Imperial College London, will coordinate the research.
“Where control systems are linked to the internet we need to understand how failures could cascade across the system,” said professor Chris Hankin from RITICS.
“We will be looking at new ways of repairing damage to systems if an attack happens. We need to address how to approach network maintenance for industrial control systems, particularly as most systems operate on a 24/7 basis. So we will be looking at how we can ensure better protection without compromising performance.”
The research comprises four funded projects:
- The University of Birmingham will conduct a detailed security analysis of the National Grid and The Rail Safety and Standards Board to build an understanding of possible failures
- City University London is producing a methodology supported with modelling software to be deployed in the risk assessment of critical infrastructures
- Lancaster University will lead a team to understand the business risks posed by cyber security breaches of industrial control systems
- Researchers at Queen’s University in Belfast will investigate vulnerabilities within the national grid as wind or solar generated electricity comes on stream.
