Overview
Programmable Logic Controllers (PLCs) are embedded industrial computers used to automate manufacturing processes, assembly lines, and other equipment by continuously monitoring inputs, executing programmable logic, and controlling analogue or digital outputs in real-time. In recent years the convergence of IT and OT (Operation Technology) networks exposes PLCs to new threats that were not traditionally considered in such environments. PLCs have faced increasing security threats, exemplified by malware such as Incontroller (also called Pipedream https://www.dragos.com/blog/analyzing-pipedream-results-from-runtime-testing/). These sophisticated threats aim to exploit functions or vulnerabilities in PLCs to manipulate and disrupt industrial processes. To protect PLC networks, rules and policy-based approaches are relatively well established for monitoring the presence of some of the activities associated with cyber threats, such as attempts to connect via disabled services, or communication via unused ports and protocols. However, alternatively, at the device level, recently the ISA Global Cybersecurity Alliance (ISAGCA) proposed “20 Secure PLC Coding Practices” to define best security practices for PLC programmers, based on input from industry leaders and experts (https://plc-security.com). These are principally based on utilising existing functionality within PLCs, and the principles are applied at the design stage. Yet, there is unexploited potential to adapt many of the 20 principles to define features and a framework towards training models of how individual or groups of PLCs behave, with the objective to detect violations of the principles during run-time operations. Furthermore, since PLCs operate in environments where traditional IT security measures may not be feasible or could interfere with real-time control requirements, a further valuable research challenge is to consider how edge-based response agents might be able to intervene to recover an attacked PLC process into an acceptable and stable condition.
The research will aim to:
Develop a method, using AI-based approaches or appropriate alternatives, to capture, model, and analyse PLC data and behaviours, to evaluate compliance against all relevant “Secure PLC Coding Practices”. For example, through monitoring, train a model to be able to detect outlier behaviours related to:
[1] Communication ports and protocols required for the normal application, normal types of connections, read/write capabilities, etc.
[2] PLC cycle times, trends, and uptime.
[3] Restart events, hard stops, faults, etc.
[4] PLC memory usage.
Develop automated approaches for plausibility checks based on observation of historical physical instrument readings, data, and control actions.
Investigate how to translate detection of malicious activity into response actions that can be deployed autonomously by edge-based agents, developed to provide threat mitigation that ensures stable continuous operation of the system under PLC control, even while under attack.
Develop and implement scenarios for testing and verification of the proposed approaches, based on research available about real threats such as the Incontroller/Pipedream malware and the attack techniques applied by this, or similar, ICS malware.
This project will take advantage of a substantial PLC-based testbed at CSIT, which emulates a factory production line. This will support experiments using PLCs for data collection, systems training, etc., including the ability to conduct experiments with cyber-attacks in a secured environment.
Funding Information
To be eligible for consideration for a Home DfE or EPSRC Studentship (covering tuition fees and maintenance stipend of approx. £19,237 per annum), a candidate must satisfy all the eligibility criteria based on nationality, residency and academic qualifications.
To be classed as a Home student, candidates must meet the following criteria and the associated residency requirements:
• Be a UK National,
or • Have settled status,
or • Have pre-settled status,
or • Have indefinite leave to remain or enter the UK.
Candidates from ROI may also qualify for Home student funding.
Previous PhD study MAY make you ineligible to be considered for funding.
Please note that other terms and conditions also apply.
Please note that any available PhD studentships will be allocated on a competitive basis across a number of projects currently being advertised by the School.
A small number of international awards will be available for allocation across the School. An international award is not guaranteed to be available for this project, and competition across the School for these awards will be highly competitive.
Academic Requirements:
The minimum academic requirement for admission is normally an Upper Second Class Honours degree from a UK or ROI Higher Education provider in a relevant discipline, or an equivalent qualification acceptable to the University.
Entrance requirements
Graduate
The minimum academic requirement for admission to a research degree programme is normally an Upper Second Class Honours degree from a UK or ROI HE provider, or an equivalent qualification acceptable to the University. Further information can be obtained by contacting the School.
International Students
For information on international qualification equivalents, please check the specific information for your country.
English Language Requirements
Evidence of an IELTS* score of 6.0, with not less than 5.5 in any component, or equivalent qualification acceptable to the University is required (*taken within the last 2 years).
International students wishing to apply to Queen’s University Belfast (and for whom English is not their first language), must be able to demonstrate their proficiency in English in order to benefit fully from their course of study or research. Non-EEA nationals must also satisfy UK Visas and Immigration (UKVI) immigration requirements for English language for visa purposes.
For more information on English Language requirements for EEA and non-EEA nationals see: www.qub.ac.uk/EnglishLanguageReqs.
If you need to improve your English language skills before you enter this degree programme, INTO Queen’s University Belfast offers a range of English language courses. These intensive and flexible courses are designed to improve your English ability for admission to this degree.
How to Apply
Apply using our online Postgraduate Applications Portal and follow the step-by-step instructions on how to apply.
Find a supervisor
If you’re interested in a particular project, we suggest you contact the relevant academic before you apply, to introduce yourself and ask questions.
To find a potential supervisor aligned with your area of interest, or if you are unsure of who to contact, look through the staff profiles linked here.
You might be asked to provide a short outline of your proposal to help us identify potential supervisors.