Backdoor Attacks on Fault Detection and Localization in Cyber-Physical Systems

Cyber-Physical Systems CPS integrate sensing, communication, computation, and control to support critical infrastructure, including smart grids, industrial automation, and control systems. In the electrical utility domain, various controllers are used in CPS to ensure the system detects and...

SMSI: System Model Security Inference: Automated Threat Modeling for Cyber-Physical Systems

Threat modeling for cyber-physical systems CPS remains a largely manual exercise. This project presents SMSI System Model Security Inference, a hybrid neuro-symbolic pipeline that starts from a SysML architecture model and produces a prioritized list of NIST 800-53 security controls. The prototyp...

On the Challenges of Holistic Intrusion Detection in ICS

Past attacks against industrial control systems ICS show that adversaries often target both the ICS network and the physical process to achieve potential catastrophic impact. To secure ICS, intrusion detection systems promise timely uncovering of such adversaries. However, as these detection...

From Incomplete Architecture to Quantified Risk: Multimodal LLM-Driven Security Assessment for Cyber-Physical Systems

Cyber-physical systems often contend with incomplete architectural documentation or outdated information resulting from legacy technologies, knowledge management gaps, and the complexity of integrating diverse subsystems over extended operational lifecycles. This architectural incompleteness...

TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats

TrendAI™ Research explored agentic AI cybercrime and EV infrastructure security through two research sessions at RSAC 2026...

Secure Reinforcement Learning: On Model-Free Detection of Man in the Middle Attacks

We consider the problem of learning-based man-in-the-middle MITM attacks in cyber-physical systems CPS, and extend our previously proposed Bellman Deviation Detection BDD framework for model-free reinforcement learning RL. We refine the standard MDP attack model by allowing the reward function to...

Cyber-Resilient Digital Twins: Discriminating Attacks for Safe Critical Infrastructure Control

Industrial Cyber-Physical Systems ICPS face growing threats from cyber-attacks that exploit sensor and control vulnerabilities. Digital Twin DT technology can detect anomalies via predictive modelling, but current methods cannot distinguish attack types and often rely on costly full-system...

Supporting Artifact Evaluation with LLMs: A Study with Published Security Research Papers

Artifact Evaluation AE is essential for ensuring the transparency and reliability of research, closing the gap between exploratory work and real-world deployment is particularly important in cybersecurity, particularly in IoT and CPSs, where large-scale, heterogeneous, and privacy-sensitive data...

Lifecycle-Integrated Security for AI-Cloud Convergence in Cyber-Physical Infrastructure

The convergence of Artificial Intelligence AI inference pipelines with cloud infrastructure creates a dual attack surface where cloud security standards and AI governance frameworks intersect without unified enforcement mechanisms. AI governance, cloud security, and industrial control system...

Secure Group Key Agreement on Cyber-Physical System Buses

Cyber-Physical Systems CPSs rely on distributed embedded devices that often must communicate securely over buses. Ensuring message integrity and authenticity on these buses typically requires group-shared keys for Message Authentication Codes MACs. To avoid insecure fixed pre-shared keys and...

satellitectf

CONSTELLATION PIVOT CTF A Satellite Cyber-Physical CTF Chal...

Agentic AI for Cyber Resilience: A New Security Paradigm and Its System-Theoretic Foundations

Cybersecurity is being fundamentally reshaped by foundation-model-based artificial intelligence. Large language models now enable autonomous planning, tool orchestration, and strategic adaptation at scale, challenging security architectures built on static rules, perimeter defenses, and...

An Efficient Privacy-Preserving Intrusion Detection Scheme for UAV Swarm Networks

The rapid proliferation of unmanned aerial vehicles UAVs and their applications in diverse domains, such as surveillance, disaster management, agriculture, and defense, have revolutionized modern technology. While the potential benefits of swarm-based UAV networks are growing significantly, they...

Evaluation of Real-Time Mitigation Techniques for Cyber Security in IEC 61850 / IEC 62351 Substations

The digitalization of substations enlarges the cyber-attack surface, necessitating effective detection and mitigation of cyber attacks in digital substations. While machine learning-based intrusion detection has been widely explored, such methods have not demonstrated detection and mitigation...

Multi-Domain Security for 6G ISAC: Challenges and Opportunities in Transportation

Integrated sensing and communication ISAC will be central to 6G-enabled transportation, providing both seamless connectivity and high-precision sensing. However, this tight integration exposes attack points not encountered in pure sensing and communication systems. In this article, we identify...

RampoNN: A Reachability-Guided System Falsification for Efficient Cyber-Kinetic Vulnerability Detection

Detecting kinetic vulnerabilities in Cyber-Physical Systems CPS, vulnerabilities in control code that can precipitate hazardous physical consequences, is a critical challenge. This task is complicated by the need to analyze the intricate coupling between complex software behavior and the system's...

Grid-STIX: A STIX 2.1-Compliant Cyber-Physical Security Ontology for Power Grid

Modern electrical power grids represent complex cyber-physical systems requiring specialized cybersecurity frameworks beyond traditional IT security models. Existing threat intelligence standards such as STIX 2.1 and MITRE ATT&CK lack coverage for grid-specific assets, operational technology...

From Misinformation to Climate Crisis: Navigating Vulnerabilities in the Cyber-Physical-Social Systems

Within the cyber-physical-social-climate nexus, all systems are deeply interdependent: cyber infrastructure facilitates communication, data processing, and automation across physical systems such as power grids and networks, while social infrastructure provides the human capital and societal norm...

An AUTOSAR-Aligned Architectural Study of Vulnerabilities in Automotive SoC Software

Cooperative, Connected and Automated Mobility CCAM are complex cyber-physical systems CPS that integrate computation, communication, and control in safety-critical environments. At their core, System-on-Chip SoC platforms consolidate processing units, communication interfaces, AI accelerators, an...

False Data-Injection Attack Detection in Cyber-Physical Systems: a Wasserstein Distributionally Robust Reachability Optimization Approach

Cyber-physical system CPS is the foundational backbone of modern critical infrastructures, so ensuring its security and resilience against cyber-attacks is of pivotal importance. This paper addresses the challenge of designing anomaly detectors for CPS under false-data injection FDI attacks and...