Resilient Information Systems Security

Hazard Driven Threat Modelling for Cyber Physical Systems

Adversarial actors have shown their ability to infiltrate enterprise networks deployed around Cyber Physical Systems (CPSs) through social engineering, credential stealing and file-less infections. When inside, they can gain enough privileges to maliciously call legitimate APIs and apply unsafe control actions to degrade the system performance and undermine its safety. Our work lies at the intersection of security and safety, and aims to understand dependencies among security, reliability and safety in CPS/IoT. We present a methodology to perform hazard driven threat modelling and impact assessment in the context of CPSs. The process starts from the analysis of behavioural, functional and […]

Research Assistant / Research Associate in Federated and Adversarial Machine Learning

Research Assistant salary in the range: £35,477 to £38,566 per annum* Research Associate salary in the range: £40,215 to £47,579 per annum Full Time, Fixed Term appointment for to start ASAP until the 31/11/2021 The Resilient Information Systems Security Group (RISS) in the Department of Computing at Imperial College London is seeking a Research Assistant/Associate to work on EU funded Musketeer project. Musketeer aims to create a federated and privacy preserving machine learning data platform, that is interoperable, efficient and robust against internal and external threats. Led by IBM the project involves 11 academic and industrial partners from 7 countries […]

MUSKETEER: Machine learning to augment shared knowledge in federated privacy-preserving scenarios

The massive increase in data collected and stored worldwide calls for new ways to preserve privacy while still allowing data sharing among multiple data owners. Today, the lack of trusted and secure environments for data sharing inhibits data economy while legality, privacy, trustworthiness, data value and confidentiality hamper the free flow of data. By the end of the project, MUSKETEER aims to create a validated, federated, privacy-preserving machine learning platform tested on industrial data that is inter-operable, scalable and efficient enough to be deployed in real use cases. MUSKETEER aims to alleviate data sharing barriers by providing secure, scalable and […]

Luca Maria Castiglione

Luca joined the group as PhD student on HiPEDS in October 2018. He received his MSc in Computer Science and Engineering from University of Napoli Federico II, defending his thesis entitled “Negotiation of traffic junctions over 5G networks”. The thesis work has been carried out at Ericsson, Gothenburg (Sweden), within a joint project between University of Napoli Federico II, Chalmers University of Technology and Ericsson. He strongly believes in open source development and he currently is a mentor within the Open Leadership Programme offered by Mozilla. His research interests are on the edge between cybersecurity and control engineering. In particular, […]

Kenneth Co

Kenny joined the group as a PhD student in April 2018. He received an MSc in Machine Learning from Imperial College London and an MA in Mathematics from Johns Hopkins University. His general interests are in machine learning, cryptography, and mathematics. His current research is on the security of machine learning algorithms, primarily adversarial machine learning. He is also interested in health or lifestyle optimization, and is very much into enjoying good food. Find him on LinkedIn.

Javier Carnerero Cano

Javi joined the group as a PhD Candidate in May 2018. He received his MEng in Telecommunications Engineering and his MRes in Multimedia and Communications from Universidad Carlos III de Madrid (Spain). He is currently interested in adversarial machine learning, aiming to investigate the security of machine learning algorithms (with special focus on data poisoning attacks); bilevel optimization problems; Generative Adversarial Networks (GANs); and applications of machine learning in security. You can also find him on his personal website, LinkedIn, Google Scholar, ResearchGate and GitHub.


An Infographic based on our work has been published by IoT UK, which describes the fusion of the digital, physical and human aspects in IoT systems the vulnerabilities this introduces and the way to leverage these aspects to defend systems against malicious threats. Find the Infographic here.  

Can We Trust Cyber-Physical Systems?

A post/blog entry on the trustworthiness of cyber-physical systems including consideration of Malicious Data Injections, Adversarial Machine Learning and Bayesian Risk Assessment. Follow this link to the post.

Ensuring the resilience of WSN to Malicious Data Injections through Measurements Inspection

Malicious data injections pose a severe threat to the systems based on Wireless Sensor Networks (WSNs) since they give the attacker control over the measurements, and on the system’s status and response in turn. Malicious measurements are particularly threatening when used to spoof or mask events of interest, thus eliciting or preventing desirable responses. Spoofing and masking attacks are particularly difficult to detect since they depict plausible behaviours, especially if multiple sensors have been compromised and collude to inject a coherent set of malicious measurements. Previous work has tackled the problem through measurements inspection, which analyses the inter-measurements correlations induced […]