XClose

UCL Department of Security and Crime Science

Menu

Cyber-Physical Risk Research

As researcher or partner, you can support groundbreaking work that strengthens national security, protects infrastructure, and builds resilience in the digital and physical worlds.

A tech worker using a laptop displaying code, surrounded by electronic tools and components. The workspace has a red-tinted light, creating a focused and cool atmosphere..

Understanding Cyber-Physical Risk

As our societies become increasingly connected through smart cities, autonomous systems, and the Internet of Things (IoT), the risks to critical infrastructure, national security, and everyday life grow exponentially. These risks, posed at the intersection of the digital and physical worlds, demand interdisciplinary and innovative research to understand, mitigate, and address them effectively. 

The EPSRC Centre for Doctoral Training (CDT) in Cyber-Physical Risk is a national research centre dedicated to training the next generation of experts in tackling these emerging threats.

Why Cyber-Physical Risk research matters

  • Growing threats to critical infrastructure: Cyberattacks targeting power grids, transport systems, and healthcare networks can have catastrophic real-world effects. Recent cyber-attacks have infiltrated essential systems such as water treatment facilities and waste management plants, exposing vulnerabilities that must be urgently addressed through cutting-edge, interdisciplinary efforts. 
  • Emerging hybrid threats: Nation-state actors and cybercriminals are increasingly using cyber tools alongside physical disruption, such as in the Ukraine conflict where malware like NotPetya caused widespread damage. Incidents like sabotage operations against European defence companies and infrastructure illustrate the complexity of these risks.
  • The rise of AI and mixed reality: The expanding use of AI, social media, and connected devices introduces new vulnerabilities, from deepfake disinformation to automated cyber-physical attacks. Hybrid warfare strategies now involve cyber espionage, misinformation campaigns, and direct attacks on critical digital and physical infrastructure.

We support a broad range of PhDs within the CDT spanning different areas of expertise. The research may combine elements of the following fields:

  • Cybercrime and cybersecurity, including cyber defence, cyber security governance, and cyber resilience.
  • Cyberwarfare and network security, including malware attacks, national security and critical infrastructure protection, and digital forensics.
  • Hybrid theats and cyber-physical attacks, including the use of cyber tools alongside physical disruption in modern conflict (e.g. hybrid warfare). 
  • AI and autonomous systems, such as AI robotics, digital twins, and the Internet of Things (IoT).
  • Risk management, including in areas such as environmental criminology, predictive modelling, and disaster prevention.
  • Ethics and emerging technologies, including AI ethics, misinformation, disinformation, and data privacy.

Interdisciplinary approach

To enhance the UK’s capability against cyber-physical risk, we foster collaboration across various disciplines, including computer science, mathematics, law, electronic engineering, environmental engineering, risk and disaster reduction, archaeology, anthropology, politics, policy, and ethics. As highlighted by one of our partners:

The convergence of digital technology and industrial processes demands expertise not only in cybersecurity but also in fields such as engineering, data science, risk management, and policymaking. We recognise the need for a national research training centre that fosters collaboration among diverse disciplines and educates the upcoming skilled workforce. Digital Catapult

To drive fundamental change in academia and industry, a cohort of leaders equipped with specialist skills specifically adapted to tomorrow’s hybrid risks is needed. These experts will be trained to: 

  • Manage risks that emerge across both cyber and physical domains.
  • Mitigate risks in one domain by implementing interventions in another.
  • Understand how criminal groups operate and protect their interests across multiple domains.
  • Anticipate and prevent unintended consequences (e.g., privacy risks) that may arise from interactions between domains.

Bridging the skills gap in Cyber-Physical Security

There is an urgent need for experts who understand both cybersecurity and physical security. As digital and real-world threats converge, addressing this skills gap is essential to safeguarding infrastructure and protecting our society. By entering and growing in this field, you have the opportunity to play a key role in shaping a safer and more resilient future. 

Research themes

Research topics are generated by potential supervisors and partners, and then advertised to prospective students. These topics are organised within a structured thematic framework, fostering the development of research groups across cohorts and encouraging interdisciplinary collaboration. The themes reflect key challenges in cyber-physical security and resilience, combining technical, social, and policy-driven approaches.

Futures

Emerging technologies bring both opportunities and risks, requiring proactive approaches to policymaking and corporate decision-making. This theme explores how socio-technical trends shape the geopolitical implications of cyber-physical risks and how to co-design effective control and mitigation measures for diverse legal, technical, and policy contexts. Research will focus on risk foresight, scenario planning, regulatory challenges, and societal resilience.

Cyber-Physical Systems

Cyber-Physical Systems (CPS) integrate sensing, computing, and networked communication, transforming industries such as manufacturing, healthcare, smart infrastructure, and autonomous transportation. This theme addresses challenges in securing CPS, analysing emerging threats, developing regulatory frameworks, and improving resilience to cyber-attacks. Research will also focus on adversarial machine learning, cyber-situational awareness, and forensic investigations of CPS breaches.

Online Communication

Digital platforms—including social media, messaging apps, and gaming environments—are increasingly misused for disinformation campaigns, hate speech, and criminal activities. This theme explores the impact of interventions to counter online threats, developing methods to assess and mitigate harm while considering the interplay between online and offline behaviours. Research will include AI-driven content detection, the evolution of criminal tactics in digital spaces, and regulatory approaches to online security.

Simulation and Interaction 

Immersive laboratories and augmented and virtual reality (AR/VR) technologies provide innovative tools for studying human behaviour in cyber-physical risk scenarios. By creating controlled, immersive environments, researchers can investigate decision-making under simulated threats, test new security interventions, and refine responses to emergencies. Research in this theme will explore the application of digital twins, XR technologies, and agent-based modelling for security and risk assessment.

Each year, prospective students will have access to a range of research projects within these themes. Visit the webpage below to explore the latest project outlines to find out how you can contribute to pioneering research in cyber-physical security and resilience.

Discover our project proposals in Cyber-Physical Risk

Join us

Become part of a community shaping the future of security in an increasingly digital and interconnected world.

Apply now for the PhD in Cyber-Physical Risk or learn more about how to partner with us