Project proposals

As part of your application to the EPSRC CDT in Cyber-Physical Risk, you will have the opportunity to select a cutting-edge research project that aligns with your interests and expertise.

Below are project outlines from leading academics in UCL Security and Crime Science, UCL Computer Science, and other key departments. These projects tackle critical challenges in cyber-physical security and crime prevention, including AI-driven risks, extremist content’s role in offline violence, and securing smart homes and industrial networks.

Before choosing a project, we encourage you to explore the authors’ research and contact them directly to discuss your interest and suitability for the project. Further details on this process are provided in the application guidelines.

Each proposal below offers a unique opportunity to work on high-impact challenges with leading experts. Browse the list below, and if you have any questions, or to enquire about the availability of a specific project, kindly contact us at at scs.phd@ucl.ac.uk.

See our project proposals document. This also contains important information about the course (last updated February 2026).

Read now

Understanding, reconstructing, and analysing crime scenes requires integrating evidence from both the physical and digital domains. This project proposes to develop a 4D (3D + time) object-oriented mapping framework that fuses multi-sensor data (e.g., images, LiDAR, videos, and digital traces) using advanced neural representations such as neural radiance fields and graph-based scene reasoning. The resulting “living digital twin” of a crime scene will allow investigators to interactively explore spatio-temporal hypotheses, simulate human behaviour, and test physics-based object interactions under various scenarios. The system will enable users to examine causal relationships and reconstruct events consistent with available evidence. This research will help investigators manage cyber-physical risk by linking digital evidence (e.g., CCTV, IoT data) with physical actions, ultimately enhancing situational awareness, forensic reconstruction, prevention, and decision-making in complex hybrid crime scenes.

Critical infrastructure systems, such as electricity grids, water treatment facilities, manufacturing systems and transportation networks, are increasingly targeted by malicious actors, threatening societal safety and access to essential services. While existing research focuses on detecting cyber-physical attacks, detection alone is insufficient: systems must also respond and recover in real time. Designing such mechanisms poses technical challenges and human-centred considerations, including compliance with internal and external policies, accountability, transparency, unintended consequences and the role of human oversight. Despite this critical need, safe and secure autonomous recovery mechanisms remain underexplored. This PhD addresses the gap by developing response and recovery strategies that integrate technical robustness with human-centred considerations, along with metrics to evaluate recovery success. The research aims to ensure that critical infrastructure systems operate continuously, reliably and responsibly under existing and future threats, bridging detection, autonomous response and socio-technical safety. 

This research addresses the growing cybersecurity risks in critical national infrastructure (CNI) arising from the convergence of operational technology (OT) and IT networks. Cyber-physical systems (CPS), including power grids, water treatment plants, and industrial automation facilities, are increasingly connected and AI-integrated, expanding their attack surfaces and making them targets for sophisticated cyber threats. While AI is widely adopted in cybersecurity, limited research exists on AI-driven adversaries that can autonomously generate and refine attack strategies against CPS. Current red-teaming approaches rely on manual testing, static rules, or pre-programmed simulations, which are less adaptable than AI-based methods. This PhD project will aim to develop an AI-driven red-team agent using deep reinforcement learning with causal reasoning, to autonomously identify and exploit vulnerabilities in CPS systems such as SCADA-controlled systems. By evaluating its effectiveness against state-of-the-art CPS security defences, the research will benchmark traditional protections against adaptive AI-driven attacks, providing critical insights for improving the resilience and security of essential infrastructure systems.

Machine Learning and AI are revolutionising our lives. They have attracted a lot of attention in the Control Systems community too, where Reinforcement Learning and Learning-based control architectures promise enhanced performance, adaptability to varying/uncertain situations and ease of deployment. However, can these methodologies be reliably deployed for the control of safety-critical systems, such as the electric grid or transportation systems? What happens if the information they use is not accurate, or even worse, if some attackers intentionally modify the data to create a physical damage without being detected? The implications of attacks in AI technologies for control applications can be tremendous but have not been properly investigated yet. It is vital to assess cyber risks and vulnerabilities of learning based control architectures that can have an impact in the physical world. The goal is to design control schemes robust to these cyber-physical attacks, so to inform policy makers and make AI-enabled critical infrastructure systems reliable, secure and resilient.

Adversarial attacks are deliberate modifications of data that aim to deteriorate the function of machine learning models, e.g. inducing false classifications. In engineering systems, there are numerous cases of data-based decision-making, particularly for process monitoring and safety. These include fault and anomaly detection systems for safety measures and to assure product quality. With the increasing usage of machine learning and artificial intelligence, the risk of attacks on such models becomes a threat to the operation of industrial processes. Adversarial attacks may be distinguished as white-box and black-box attacks based on the knowledge of the attackers. Manufacturing companies generally protect their models and their deployment, but there are instances in which companies must interact with external entities, e.g., in resource procurement. For instance, early studies have shown that adversaries can learn the company's trading behaviour on electricity markets and launch targeted attacks that lead to significant losses. Furthermore, human factors in cyber-physical system interaction frequently present vulnerable interfaces. Ultimately, the project aims to support organisations and industrial manufacturers to detect their vulnerabilities and defend against data-based attacks.

The full title of this project AI-Powered Adaptive Nanomaterial Sensors for Combatting Cyber-Triggered Water Contamination via Cross-Domain Early Warning, Near-Realtime Attribution and Rapid Intervention.

Water treatment facilities represent critical national infrastructure serving 65 million UK residents daily, yet face escalating cyber threats with severe public health consequences. The 2021 Oldsmar, Florida attack — where hackers remotely increased caustic chemicals to lethal levels — exemplifies cyber-triggered physical contamination. Current detection systems face a critical timing asymmetry: cyberattacks propagate at digital speeds (milliseconds), physical contamination develops over minutes to hours, yet monitoring occurs at regulatory intervals (quarterly to monthly). The UK Environment Act 2021 mandates improved monitoring (15-minute to hourly frequency), but systems lack rapid chemical attribution capabilities distinguishing cyberattacks from operational errors. This project develops integrated sensor networks combining electrochemical sensors (pH, conductivity, chlorine) for continuous baseline monitoring and rapid anomaly detection with SERS-based chemical fingerprinting for adaptive batch analysis identifying organic contaminants (pesticides, pharmaceuticals, industrial chemicals) that enable forensic attack attribution. Real-time data integration with cyber threat intelligence enables response interventions before widespread contamination, fundamentally improving detection speed matching attack timescales.

Multimodal foundational models that integrate data from text, images, audio, and video have revolutionized various applications, including autonomous vehicles and healthcare systems. However, these models are increasingly vulnerable to sophisticated cyber-attacks that can extend into the physical world, posing risks to critical systems. This project seeks to identify vulnerabilities, develop defense mechanisms, and analyse the impact of virtual attacks on real-world systems like robotics and other cyber-physical systems. With this, it aims to enhance security and robustness in multimodal foundational models, addressing the growing concern of cyber-physical risks in critical applications. 

This research focuses on developing an intelligent four-legged robot capable of autonomously assessing and mapping both physical and cyber hazards in complex, high-risk environments such as disaster zones or critical infrastructure sites. Unlike conventional risk assessment methods that are slow and expose humans to danger, the proposed system integrates advanced perception, navigation, and cyber threat detection to generate a unified “hazard map.” This map combines information about physical obstacles and structural instability with data on cyber vulnerabilities, such as communication blackouts or compromised networks. By fusing these dimensions into a single, real-time situational overview, the system will enable faster, safer, and more informed decision-making for security and emergency response teams. The research is important because it addresses the growing interdependence of cyber and physical systems, providing a foundation for resilient robotic inspection technologies that enhance safety, situational awareness, and response effectiveness in critical environments.

AI agents are increasingly deployed in financial and energy markets, creating new cyber-physical attack surfaces. Evidence shows trading AIs have reduced strategic diversity (del Rio-Chanona et al., 2025) and heightened susceptibility to misinformation. These vulnerabilities let adversaries inject misinformation or targeted signals that trigger synchronised AI responses that destabilise markets within seconds. This can echo the 2010 Flash Crash, but here AI behaviour functions as an attack vector, not a mere market anomaly, via deliberate manipulation.  In electricity markets, coordinated AI selling could force plants offline and trigger rolling blackouts; in natural-gas markets, “pipeline sabotage” misinformation injection could cut heating; in just-in-time manufacturing logistics, market manipulations could halt production lines.

We will build agent-based models of AI-mediated markets with varied network structures and behaviours to trace shock propagation, attack pathways, and tipping points. Insights will inform defences—diversity-enhancing market rules, authenticated/verified data feeds, and automated “circuit-breakers”—to strengthen critical infrastructures. 

Governments and law enforcement agencies rely on effective threat assessment tools to address terrorism, mass shootings, and violence, including predicting if online threats will escalate into real-world actions. This project aims to advance AI and natural language processing (NLP) techniques, particularly in sentiment analysis and anomaly detection, to improve predictive models for threat assessment. The research includes collecting and cleaning data from various sources, including threats to industry organisations, the Royal Family, and Members of Parliament. It will also address the ethical use of these tools to prevent misuse or discrimination.

Patients with disabilities and long-term health conditions increasingly rely on personal healthcare technologies and “Health at Home” services for basic bodily safety and daily function. Common examples include hearing aids, continuous glucose sensors (CGMs), home oxygen machines, wearable cardiac tracers and fall detectors. These assistive and home health technologies enable independence, but they also create new cyber-physical risks when exploited in the context of domestic abuse, coercive control or stalking. 

Historically, medical device cybersecurity research has focused on remote, anonymous attackers and technical exploits such as breaking encryption or bypassing authentication. It has rarely accounted for intimate adversaries, such as individuals with legitimate proximity, shared devices, or embedded trust (e.g. partner, parent or carer). In such contexts, both passive misuse (e.g. passive tracking through Bluetooth emissions) and active interference (e.g. manipulating therapy delivery) are possible, without requiring advanced hacking skills, only access and intention [1]. This PhD directly fills the existing research gap by developing the first cyber-physical threat models grounded in domestic abuse, dependency and proximity-based harm - a critical but currently neglected priority for NHS digital safety and national safeguarding strategy.

[1] ‘Suspended Sentence for Woman Who Delivered Insulin Overdose to Her Partner’. Diabetes, 11 Mar. 2019, https://www.diabetes.co.uk/news/2019/mar/suspended-sentence-for-woman-who-delivered-insulin-overdos…

  • Supervisors: Dr Isabel Straw (UCL Institute of Health Informatics), Dr Leonie Tanczer (UCL Computer Science), and a third supervisor (to be confirmed).
  • Research themes: Cyber-Physical Systems, Futures

Vision-Language-Action Models (VLAMs) are transforming autonomous systems, such as self-driving cars and robotic manipulators, by integrating multimodal decision-making. However, their dependence on visual and linguistic inputs makes them vulnerable to hybrid cyber-physical attacks, posing significant risks to safety-critical applications. This research aims to identify these vulnerabilities, exploring adversarial attacks on VLAMs and developing robust defense mechanisms. The project aims to contribute to enhancing security and resilience of AI-driven transportation and automation systems by designing hybrid attack scenarios and creating defense strategies. 

This research focuses on the security and resilience of Building Management Systems (BMS), which control critical building services such as power, water, ventilation, and cooling. Failures or cyberattacks on these systems can have severe consequences, from uninhabitable offices and universities to data centre outages or life-threatening interruptions in hospitals. Despite their critical role, BMSs are often housed in major plant rooms, which are less secure than other building areas and frequently accessed by external trades for maintenance. Control panels and the wider BMS network are therefore exposed, presenting opportunities for attackers to disrupt building operations or gain access to wider IT networks. This project aims to identify and investigate the vulnerabilities of BMS technologies, analyse adversarial behaviours using deceptive honeypots, and develop a solution with best practices to integrate security and resilience into building management systems, thereby improving the protection of buildings and occupant safety against evolving cyber and physical threats. 

Remote driving and remote assistance of partially automated vehicles introduces new attack surfaces: prompts can steer operator user interfaces (UIs); networks can be degraded or spoofed; command pipelines can be tampered with. This project studies adversarial inputs against human-centred teleoperation, quantifies oversight failure modes under time pressure and uncertainty, and designs interaction safeguards and provenance checks for end-to-end command chains. Mixed reality testbeds link simulated traffic and real control devices to evaluate safety, trust calibration, and recovery. Outputs include tested operator interfaces, provenance and attestation mechanisms for commands, and measurable guidance for when to hand over, slow down, or stop. Prior work on remote control concepts, digital twins, uncertainty displays, and eye tracking provides a strong base.

Implanted cardiac devices such as pacemakers are increasingly common in our ageing population. Growing technological innovation has expanded cloud connectivity and remote monitoring across much larger patient cohorts, creating shared digital dependencies, and with them, new cyber-physical risks that directly interface with human biology. These cloud-connected ecosystems support early detection of life-threatening events but also vastly expands the cyber-attack surface in the healthcare sector. Exploits across these networks could place thousands of patients at simultaneous risk, posing novel technical and biological risks.   

Existing safety regulation focuses on attack surface of the implanted device, not the end-to-end digital pathway that encompasses the full ecosystem. This research will pioneer a full-stack threat model, from the pacemaker inside the body, to the home monitoring gateway, hospital network, and cloud infrastructure, to understand how cyber vulnerabilities could manifest as physical harm. It will generate new evidence to inform next-generation safety engineering and NHS readiness. 
 

This research explores how agentic AI systems (intended as a society/collection of goal-directed AI agents that can act and interact independently) create new forms of hybrid risk that span the digital and physical worlds. As such systems increasingly manage complex decision-making, they can have tangible real-world consequences. Competitive or misaligned agentic AI behaviour can amplify vulnerabilities, creating hybrid risks that span cyber and physical infrastructures. Understanding these dynamics is critical to ensuring the safety, reliability, and accountability of next-generation AI ecosystems. 

The rapid evolution of Unmanned Aerial Vehicles (UAVs) technology over the past decade has led to their increasing exploitation by criminals and hostile parties for cyber, physical, and hybrid attacks, threatening both national security and public safety. Physically, UAVs are used to carry and distribute explosives, hazardous chemicals, or contraband, facilitating organized crime. On the cyber front, UANs enable unauthorized surveillance, signal jamming, and eavesdropping. Hybrid cyber-physical attacks, such as UAV-driven sabotage of communication networks, pose significant risks to security agencies and law enforcement operations. This research leverages machine learning-enhanced radio sensing and signals intelligence (SIGINT) to counter these emerging threats. It focuses on the early detection and classification of both autonomous and connected UAVs involved in criminal or malicious activities. By identifying unauthenticated UAVs in real time, the project enhances security responses, mitigates risks to critical infrastructure, and aids crime prevention efforts, supporting law enforcement and national defence strategies.

Digital twins are increasingly integrated into critical sectors like utilities, energy, and transportation. They rely on complex systems like AI-driven analytics and industrial control technologies, making them vulnerable to cyberattacks that could cause physical harm. These attacks can disrupt operations, cause safety hazards, and result in economic losses. This research aims to investigate supply chain vulnerabilities and propose solutions to secure digital twins, ensuring their resilience in sectors that are critical for daily life.

Hybrid threats against mobility mix online planning, coordinated narratives, and cyber events that degrade physical transportation networks. The project develops retrieval-augmented LLM pipelines that integrate OSINT (Open-Source Intelligence) and transport telemetry to forecast potential attack scenarios on road networks in London and beyond. We leverage LLMs as proxies for real-world human behaviour, both as attackers and as simulations of human behaviour in the traffic network. It extracts event chains and simulates counterfactuals in a city twin, leveraging previous accomplishments using Simulation of Urban MObility (SUMO). Red and blue narratives co-evolve using real and LLM-based attackers to probe and harden defences.

This project explores how generative simulation environments can give rise to adaptive, self-organizing strategies among intelligent agents. The goal is to develop open-ended world models capable of generating an unbounded stream of dynamic, multi-agent scenarios where autonomous systems learn to cooperate, compete, and evolve. These environments serve as powerful testbeds for studying emergent behavior relevant to real-world challenges in cyber-physical and defense contexts—such as swarm coordination, adversarial adaptation, and resilient strategy formation under uncertainty. Core research questions include how world models can support continual scenario generation and model-predictive reasoning, which self-play or unsupervised curricula best drive innovation, and how emergent multi-agent behaviors can reliably transfer from simulation to reality. This interdisciplinary project, in collaboration with UCL’s DARK Lab and Iconic Interactive, bridges game AI, reinforcement learning, and cyber defense to advance the science of open-ended intelligence.

In addition, we are working with a stealth 'adversarial intelligence' company. The intention of this project is to generate open-ended environments that help to train, test, and harden autonomous systems for real-world environments. Simulated environments will act as the synthetic training and proving ground for real-world capabilities. For instance, similar to how Wayve is using Gaia to train robust generalist drivers, this research will allow for a World model suited for training systems to model and intercept incoming objects at different MAG speeds, diverse conditions, swarms of systems etc.

  • Supervisors: Prof. Tim Rocktäschel (UCL Computer Science) and Dr Roberta Raileanu (UCL Computer Science). 

This research will tackle the safety challenges of deploying large Vision-Language-Action (VLA) models in close-proximity human-robot interaction (HRI). While VLAs can interpret visual cues and natural language to perform general tasks, their training on unstructured data means they may generate actions that violate physical laws or HRI safety constraints (e.g., excessive force or abrupt motion). To address this, this project will design a Physics-Inspired Machine Learning (PiML) framework, integrating kinematic and dynamic constraints into VLA training and execution so that all robot behaviours remain physically feasible and safe. This project will also explore Formal Verification as a high assurance to benchmark the reliability of the PiML approach. This work will enable intrinsic safety, reduces data requirements by leveraging physics priors, and limits cyber-physical risks by ensuring motion invariants are respected. Ultimately, it enhances trust, predictability, and regulatory readiness for real-world robotic collaboration.

[ALLOCATED] The full title of this project is Protecting Vulnerable Communities Online: Privacy-Preserving Interventions Against Cyber-Enabled Sexual Exploitation on Social Apps.

Criminal actors increasingly use dating and location-based social platforms to coordinate drug-facilitated sexual encounters (e.g., chemsex). These cyber-enabled interactions can lead to physical risks of overdose, sexual assault, coercion, and blackmail. Typically, users do not initially seek drugs online; drugs are introduced by others on the platforms. Offenders may exploit psychosocial vulnerabilities including social anxiety and loneliness to target users who rely on digital spaces for intimacy and connection. These factors reduce confidence in identifying danger and in seeking support. Moreover, prevention services operate almost entirely offline, yet the behaviour that anchors people to harm begins online — the critical gap this project addresses. Therefore, this project investigates how hybrid threats propagate across the cyber, social, and physical layers, and how malicious actors adapt to cause harm.  The aim is to develop privacy-preserving digital safety strategies that reduce physical harms while protecting the rights, dignity, and autonomy of LGBTQ+ communities and other at-risk users.

Industrial control networks are essential to national infrastructure, managing critical systems in energy, manufacturing, and transport. However, these networks are vulnerable to cyber-attacks, as many rely on legacy technologies that lack modern security protections. Attackers exploit these weaknesses through reconnaissance, identifying key targets even when network traffic is encrypted. Disrupting this early attack stage is crucial to preventing cyber-physical threats. This project will apply traffic-analysis resistance techniques to enhance the security of industrial control networks, safeguarding critical infrastructure from emerging cyber threats. 

Artificial Intelligence (AI) and Machine Learning (ML) have been widely adopted both for automated decision making (e.g., smart home automation) and for threat detection. However, this creates new opportunities for malicious actors to conduct “adversarial attacks” to compromise the security and privacy of AI-enabled device users. While the security and robustness of AI has been studied in many digital systems security scenarios (e.g., malware detection, network intrusion detection), it has been less explored in hybrid cyber and physical systems, where attacks may have different risk and impact. For example, systems including home automations, and industrial IoT devices that interact with humans. This project will design new risk assessment methodologies of AI-enabled devices in Cyber-Physical-Social Systems (CPSS), which is crucial to understand how AI security intertwines with the physical world, what hybrid mitigations need to be put in place, and how to produce evidence to inform AI policy makers and regulators.

Diminished reality (DR; removing objects from sight) and altered reality (AR; modifying object appearance) create new safety and manipulation risks across everyday contexts. Malicious actors or faulty systems could hide hazards, disguise threats as benign objects, alter warning signs, or conceal people. Beyond mobility, these risks extend to workplaces, public spaces, and social settings where AR mediation affects safety-critical decisions. This project will systematically test how DR/AR manipulations impact user behaviour across multiple scenarios, then develop countermeasures that protect both users and bystanders.  The research will produce a threat taxonomy, validated behavioural impact data, technical defences including cryptographic provenance and anomaly detection, and design patterns for safer AR systems.

  • Supervisors: Dr Mark Colley (UCL Computer Science), and the second supervisor is Prof. Anthony Steed (UCL Computer Science).
  • Research themes: Simulation and Interaction, Cyber-Physical Systems 

This research addresses the rising Cyber-Physical Risk posed by modern genAI models such as text-to-image and text-to-video generative models. These models can produce photorealistic synthetic media at scale, leading to major safety challenges for cyber physical systems. Integrity failures arise when deepfakes corrupt automated perception pipelines in domains such as surveillance, industrial monitoring, or robotics; synthetic media misinterpreted as real can trigger unsafe or catastrophic physical actions. Also, content-safety failures occur when harmful, biased, or violent outputs is produced that can lead to physical risks. To address these issues, this research will develop novel framework and algorithms to embed proactive safeguards directly into generative models. The framework will introduce intrinsic watermarking to guarantee deepfake detectability and controlled safety via generation aligned to safety norms. By integrating integrity and safety at generation time, this research builds foundational safeguards that preserve physical security, operational trust, and system resilience across CPS reliant on visual data.

Cyber-physical systems, which integrate digital networks with physical processes, are vital to modern infrastructure. However, their connectivity makes them vulnerable to cyber-attacks that can disrupt critical services. This research will study vulnerabilities in cyber-physical systems and develop defence strategies using advanced modelling techniques. It will involve mathematical models, hybrid network structures, and the use of machine learning, complex network theory, and game theory to simulate attacker-defender interactions, test security strategies, and optimise resource allocation to improve system resilience and security. 

Low-Earth orbit satellite networks (LSNs) that are being built are expected to be a key future asset and critical infrastructure for nation states, including the UK. This is also testified by the recently increasing investments in LSN technologies (see for example https://www.gov.uk/government/news/16-million-for-new-projects-to-boost-uk-benefits-of-satellite-constellations). LSNs have indeed the potential to deliver much more performant, ubiquitous and diversified network services than the terrestrial Internet. Soon, LSNs’ security will therefore be crucial for future digital ecosystems, with possible consequences on individuals, industry and nation states. This project focuses on simulating, designing and rigorously assessing secure LSNs for a range of future use cases. This will encompass consideration of vulnerabilities and interactions of both physical (e.g., satellites’ hardware, antennas and radio transmissions, etc.) and virtual (e.g., network control logic) components of LSNs.

Environmental policies and legislation are emerging as key sources of political division, often sparking anti-social behaviour and criminal acts, such as the destruction of ULEZ cameras, vandalism of museum paintings, and conflicts between drivers and cyclists. This project investigates how digital communication tools, particularly social media platforms, may facilitate, enable, and legitimize environmentally driven crime and anti-social behaviour. The research will analyse social media content to provide insights into these dynamics and develop strategies to prevent and mitigate the risks associated with digital facilitation of crime and disruptive actions.

In the context of cyber-attacks on healthcare systems rising, this project investigates how hospitals can prepare for and respond to digital disruptions. It will identify the impact of cyber incidents on hospital operations, explore network effects when multiple hospitals are affected, and assess mitigation strategies such as manual record-keeping and patient prioritisation. The research will involve developing simulation-optimisation algorithms to test response strategies and support real-world decision-making.

This is a multi-faceted project that seeks to first gain a better understanding of the systemic risks in the IoT ecosystem, and then understand the best way to address these. This will involve looking at technical aspects of IoT devices and protocols, their security policies and features, and how these interact with the wider environment and the incentives of various stakeholders.

You will use a number of approaches throughout the project, including modelling and simulation to explore risk, as well as studies (such as interviews, surveys, or workshops) with stakeholders to understand their roles.

The full title of this project is The Balance between Efficiency, Performance and Resilience of Embedded AI Systems under Cyber-Physical Risk.

AI models are in the foundation of many systems, e.g. AVs, CCTVs and robots. However, they are vulnerable to cyber-attacks (e.g. adding purposely computed perturbation to the data) and physical attacks (e.g. specially designed stickers to traffic signs to fool self-driving systems, garments with patterns to fool person identification systems). There is active research in improving the model resilience against the afore-mentioned attacks. However, the current solutions often lead to large models, long training time, and frequent re-training. This creates a practical problem for Embedded AI systems in e.g. robots, AVs, which have limited compute resources and require fast responses. Model compression is a promising solution, but it severely compromises the performance and the resilience. The project will investigate the triangle of efficiency, performance and resilience of such systems by (1) theoretically analysing of the trade-offs of the triangle, and (2) building a practical deployment-centric framework for adaptive model compression.

We have witnessed overlaps in online conspiracy theorist communities and offline violence, from QAnon and the 2021 storming of the US capitol building to 5G COVID-19 conspiracy theories and the attacking of critical communication infrastructure in the UK. Whilst prior research has investigated language use in these harmful online communities, analysis has typically been conducted either at a higher-level such as discourse analysis (i.e., what was said), or has been conducted at a community-level (i.e., understanding language within a community such as toxicity levels over time). Little prior work has focused on linguistic patterns of individual members and their power relationship within communities over time. This project will investigate the role of language as a marker of power and influence within harmful online communities. It will compare changing linguistic patterns (e.g., linguistic style matching, and linguistic variations and norms) of influential and non-influential community members and compare these to both community-level and individual-level linguistic patterns. Through the identification of members of influence, we can better understand how they influence and shape communities, and how their influence impacts risks of harm that develop from these online communities. Moreover, if early indicators of influence can be understood and measured, interventions could be developed to monitor and/or mitigate risks associated with these users.

This research topic is intentionally broad to allow prospective applicants the flexibility to develop a project aligned with their own interests:

This doctoral research will examine whether current theories about crime (e.g., offender decision-making, risk perception and fear of crime) and crime prevention principles (e.g., Situational Crime Prevention, Crime Prevention Through Environmental Design) are applicable to digital and hybrid spaces (e.g., the Metaverse). Part of the project will involve investigating how immersive and biosensing technologies (e.g. eye tracking, brain wave, heart rate, respiration, skin impedance) can be used to better understand how individuals perceive, interpret, and respond to events and situations in virtual spaces. 

The full title of this project is Understanding the role of ‘grey zones’ in hybrid attacks against critical national infrastructure in the UK.

‘Grey zones’ are the areas immediately bordering critical national infrastructure. The NPSA define these areas as those within the vicinity of a venue but not under its direct control and give the example of the large foyer area adjacent to the Manchester arena in the 2017 attack2. These areas, whilst beyond the perimeter and jurisdiction of organisations, have a direct impact on their security risks. This is a parallel idea to ‘buffer zone’ areas in crime science- where crime at a place is strongly linked with that in the immediate surrounding environment. In grey zones, the ownership of risk and security problems is often vague, and place management can be lacking, leading to areas that are ripe for state actor espionage, reconnaissance and attack. It is likely that such actors will consider using cyber, physical and/or cyber-physical means (‘attack vectors’) to undertake activities in grey zones at different stages during a national security incident crime commission process (crime script). Understanding the attack vectors used in grey zones should help with more tailored prevention and mitigation within these spaces.   

In this PhD project, we propose to develop LLM based simulators which can be used to detect the possible attacks a cyber-physical system may face before the system has been used in reality. As part of this work, we propose to develop two different types of simulators: Initially we will focus on developing simulators that simulate a typical environment in which the system will be used, together with how a real user would interact with the system in such an environment, and detect whether there are any cyber-physical risks associated with the system in a typical environment when a regular user of the system is using it.

We will further focus on developing adversarial simulators, where the goal of the simulator would be to detect any possible risks coming from adversarial attacks. 

Modern organisations operate cyber-physical systems where digital infrastructure underpins virtually all productive activity. Traditional cybersecurity focuses on prevention, yet breaches are inevitable. When Jaguar Land Rover suffered a ransomware attack, the company couldn't produce a single vehicle for over a month, costing billions and cascading through supply chains. The attack itself was unremarkable; the catastrophic impact came from inadequate recovery capability. 

This research challenges the prevailing assumption that cyber resilience means stronger defences. Instead, it asks: how do we design systems and organisations that can rapidly recover from successful attacks? Current business continuity approaches inadequately address cyber-physical integration. We need architectures, processes, and organisational structures that assume breach and prioritise recovery speed. This isn't about damage limitation; it's about maintaining societal and economic function when attacks succeed. As critical infrastructure becomes increasingly digitised, recovery capability becomes a matter of national resilience.  

Visit our application guidance

Read now