Imperial cyber security expert announced as GCHQ Fellow

Imperial ISST's Dr Martín Barrère has been selected to work with GCHQ on critical national security challenges.

Over the next six months, experts from the intelligence, cyber and security agency GCHQ will support Martín and four other academics from UK universities, to carry out research into areas like cyber security and counterterrorism.  

The Research Fellowships Programme for National Resilience is part of the agency’s efforts to pioneer a new kind of security by harnessing the collective power of academia and industry to provide fresh perspectives on ways to address national security priorities. 

The research conducted under these Fellowships will improve the intelligence community’s understanding of and ability to tackle some of the biggest national security challenges facing the UK. It will also help establish important relationships between the intelligence community and academics, who could be called upon in the future to help with technical challenges. 

Max Swinscow-Hall caught up with Martín to hear more about the Fellowship and his research.

What will your work under the Fellowship focus on?

My work will focus on smart cities and particularly on trustworthy critical infrastructure systems in a project called T-CITY, which addresses a number of problems. 

One objective is to build understanding of how attackers can penetrate digital networks to compromise cyber-physical systems. Alongside this, I will investigate structural network properties, and look at techniques to identify and prioritise the cyber-physical components which have vital roles for the successful operation of critical infrastructures.

The overall goal is to combine these two aspects into one integrated platform able to analyse and identify not only potential attack avenues, but also the critical assets whose compromise, at a cyber and/or physical level, could disrupt the overall operation of critical infrastructure systems. 

What are Cyber-Physical Systems and Critical National Infrastructure? 

Cyber-Physical Systems are characterised by a deep integration of cyber elements, such as computers, algorithms and data, with physical components like sensors and actuators, and also processes.

A fundamental difference between cyber-physical systems and pure information technology systems is the involvement of physical elements and subsequent processes. The physical elements are monitored by sensors whose outputs are used to make control decisions by cyber agents such as computers and programmable logic controllers. Decisions are materialised in the form of commands that are normally applied by effector components such as actuators in a closed control loop. 

Cyber-physical systems are central to what is called Critical National Infrastructure or CNI, which encompasses a wide range of systems and services that are vital for the proper functioning and development of a society. Some examples are power plants and smart grids, water distribution networks, transportation systems, manufacturing facilities and healthcare infrastructure. These systems form an ecosystem of fundamental societal services with complex cyber-physical interdependencies where many of them depend on each other to operate properly.

Failures or cyber-attacks on the cyber-physical components may provoke the inability of the infrastructure to function properly. This in turn may impact on other dependent systems, thus producing a cascading effect. 

What are the major challenges around security and CNI that you will be addressing?

From a broad perspective, CNI systems are often composed of various and diverse interconnected subsystems, creating a complex network of highly interdependent software, physical processes, and hardware components. This complexity presents a challenge when it comes to understanding where the weakest points are that attackers may leverage to compromise CNI environments via cyber channels, physical intrusions, or both, and what impact these attacks may have at the physical world. 

In that context, some fundamental questions are: how can we prioritise critical assets and provide actionable information to increase the security and safety of cyber-physical systems within CNI? How can we accurately grasp the scope of failure propagation within complex critical systems and across different infrastructures that depend on each? How can we leverage this information to reason about the strength and robustness of infrastructure designs? How can we dynamically understand and improve the resilience and security posture of real-time interconnected systems under the presence of sophisticated cyber-physical attacks? 

It is important to note that cyber-physical attacks on these systems can have serious consequences such as flooding, blackouts, or even nuclear disasters. So it is vital to have models, techniques, and tools, able to properly analyse the security and resilience of CNI environments, and that is precisely the overarching goal of this project.