<?xml version="1.0" encoding="UTF-8"?><ns2:project xmlns:ns1="http://gtr.rcuk.ac.uk/gtr/api" xmlns:ns2="http://gtr.rcuk.ac.uk/gtr/api/project" xmlns:ns3="http://gtr.rcuk.ac.uk/gtr/api/fund" xmlns:ns4="http://gtr.rcuk.ac.uk/gtr/api/person" xmlns:ns5="http://gtr.rcuk.ac.uk/gtr/api/project/outcome" xmlns:ns6="http://gtr.rcuk.ac.uk/gtr/api/organisation" ns1:created="2026-06-22T07:57:45Z" ns1:href="http://gtr.ukri.org/gtr/api/projects/FB42110A-48F7-47E9-ACDC-29C37C4186D0" ns1:id="FB42110A-48F7-47E9-ACDC-29C37C4186D0"><ns1:links><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/persons/05C0988E-885D-4AD3-B2E8-78721E3E2CBF" ns1:rel="PM_PER"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/02F66EDE-A71E-4A5C-B33F-97726DD3E21F" ns1:rel="LEAD_ORG"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/B2ACBF49-D3F4-422C-B86D-08E99112DBF1" ns1:rel="PARTICIPANT_ORG"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/02F66EDE-A71E-4A5C-B33F-97726DD3E21F" ns1:rel="PARTICIPANT_ORG"/><ns1:link ns1:end="2025-07-30T23:00:00Z" ns1:href="http://gtr.ukri.org/gtr/api/funds/AB589D0A-DC00-4F08-9285-EB27AC01645A" ns1:rel="FUND" ns1:start="2025-03-31T23:00:00Z"/></ns1:links><ns2:identifiers><ns2:identifier ns2:type="RCUK">10157671</ns2:identifier></ns2:identifiers><ns2:title>Dynamic Security for Industrial Control Systems Powered by Physics-Informed Moving Target Defence</ns2:title><ns2:status>Closed</ns2:status><ns2:grantCategory>Collaborative R&amp;D</ns2:grantCategory><ns2:leadFunder>Innovate UK</ns2:leadFunder><ns2:abstractText>Industrial Control Systems (ICS) are the backbone of critical infrastructure, managing essential services such as energy, water, transportation, and manufacturing. However, they are increasingly vulnerable to sophisticated cyberattacks.

One of the key challenges in ICS security is the potential for attackers to manipulate system controls while avoiding detection. Such threats can come from both external actors and insiders---individuals with legitimate access to system operations. Although our project is not specifically designed to target insider threats, it enhances overall resilience against such risks by dynamically adjusting key operational parameters in a controlled and safe manner. These parameters are carefully selected to maintain operational stability while introducing variability that disrupts potential attack strategies.

Unlike conventional defences, which are static and reactive, our solution continuously changes the system's vulnerable points and key parameters that attackers rely on to design stealthy attacks, using dynamic, multi-parameter perturbation. Instead of relying on a fixed security model, our system intelligently varies operational conditions in a way that remains fully functional but unpredictable to attackers. The key innovation here is that these adjustments are guided by physics-informed decision-making, ensuring that any changes align with the real-world constraints of industrial operations and Operational Technology (OT). This means security measures can be enforced without disrupting normal activities, maintaining both safety and efficiency. By synthesising IT, OT, and CVE data with MITRE techniques and integrating real-time data with predictive, physics-based models, our platform provides operators with enhanced situational awareness. This allows them to distinguish between normal operational fluctuations and potential cyber intrusions, significantly reducing false positives, revealing stealthy sophisticated attacks, and enabling rapid response to threats. For example, if an unexpected fluctuation occurs that does not align with physical laws, the system flags it as suspicious, even if it falls within normal operational thresholds.

Our approach leverages selective, built-in system parameters through our multi-parameter perturbation technique, therefore, eliminating the need for external hardware, reducing implementation expenses while maintaining robust security. Designed as a modular and scalable platform, our solution adapts to various ICS architectures, making it accessible to both large-scale industrial operators and smaller facilities.

With the increasing frequency and sophistication of cyberattacks on critical infrastructure, there is a pressing need for proactive and intelligent defence strategies. Our project not only addresses this need but also aligns with the objectives of the National Cyber Strategy, contributing to a more secure and resilient digital infrastructure in the UK.</ns2:abstractText></ns2:project>