Past work and future direction of research

I joined Bristol’s cyber security group after completing my undergraduate studies in Physics and my master studies in Telecommunication Networks and Systems Security in Aristotle University of Thessaloniki in Greece. During my studies I developed a special interest for technology and especially for automation in industrial processes, hence my master’s thesis topic was on security and authentication issues for Modbus protocol.

Joining University of Bristol was an amazing opportunity for my next steps in that field as our testbed provides a realistic environment for research into cyber physical systems security. From the first year of the CDT program, I was able to train on various PLC’s and physical processes such as a water treatment plant, a model factory and even create my own virtual processes to control and train with. Apart from the interdisciplinary approach towards cyber security the program offers enhanced training on PLC programming, attacks and defenses on industrial processes and many other technical resources creating a rich and complete educational process.

My personal interest focuses on the security of large, interconnected infrastructures, a topic that is of critical importance in the NCSC’s cyber strategy 2022 policy paper. Critical infrastructures are becoming much more distributed and complex while the interdependencies between them increase day by day. In the next few years, it will be extremely difficult for states and businesses to understand the risks they face and protect themselves in this demanding landscape. For this reason, we need to understand how these infrastructures work and communicate with each other, what information they are exchanging, how to build defense in depth strategies to make them more secure against threats and how to deal with attack scenarios and recover efficiently.

Blackhat 2021 experience

One of the benefits of the PhD life is the chance you are being given to attend conferences and workshops otherwise would be too expensive to attend. Blackhat is one of the biggest events in Information security, taking part every year in London, Singapore, and Las Vegas, bringing together a wide range of practitioners, like security analysts, risk managers, security engineers, penetration testers, software developers, cryptographers, and many others. Being a cyber security researcher in the second year of my PhD, was an amazing opportunity to be granted the Blackhat student scholarship to attend the main event in person having the chance to meet and hear about the latest research in the field by academic and industrial experts. During the two days Blackhat briefings lasted, I had the chance to meet many companies and talk with them about their products and their future steps in the field, having a good idea of how I could form my research in the future. I have attended interesting workshops and live hacking sessions and on top of that very interesting keynotes and panels consisted of security experts, sharing their knowledge and experience in cybersecurity. Personally, I was especially interested in the cyber physical system briefings where I had the chance to see practical attack implementations, expand my network of contacts and open channels for future collaborations.