Engineering for Cyber Resilience: Through-Life Modelling and Analysis (ENCYRCLE)
Lead Research Organisation:
SWANSEA UNIVERSITY
Abstract
Engineering and operating safe and secure systems, such as connected transport, manufacturing, and energy systems, is increasingly proving to be a substantial challenge. Traditionally, several factors play a role here including complexity, hyper-connectivity, regulatory compliance and supply chain economics. A step change in this challenge is posed by the introduction of AI, which means systems are continually evolving and operating an increasingly unpredictable environment.
This proposal unites two organisations - Thales and Swansea University - in their vision to make the world a more resilient place, laying down the scientific foundations of cyber resilient systems engineering and operation, and ultimately paving the way for a deeper strategic and prosperity partnership between the two.
The UK’s National Cyber Strategy (2022), currently in place, has explicitly set out the challenge to “identify novel and emerging technology applications that have the potential to create cyber security risks, and ensure the UK is at the forefront of the safe and secure development of these technologies”, and has indeed explicitly identified ‘connected and automated vehicle deployments’ as part of this challenge. More widely, the recent EU Cyber Resilience Act (CRA), which will come into force over a phased transition period starting in late 2025, insists on cybersecurity requirements governing the planning, design, development and maintenance with obligations to be met at every stage of the value chain. As such, it places on system manufacturers and operators an obligation to provide duty of care for the entire lifecycle of systems such as automotive. Globally, for the automotive industry, the UNECE Regulation 155, which comes into force in July 2024, already mandates a cyber security management system, covering risk assessment and mitigation through the life of automotive platforms.
This proposal sets out to overcome this very challenge by addressing the following research objectives:
Establishing a deeper understanding of the problem of cyber resilience in the real world, and characterising intricate behaviours that systems exhibit leading to failure;
Reviewing the state-of-the-art of engineering safety and security in complex systems, through a systematic examination of methodologies and tools;
Developing a through-life model of resilience incorporating safety, security and liveness, with a particular focus on the operational phase;
Developing and implementing a systems and property specification language supporting cyber resilience design and analysis; and
Identifying and applying AI-driven tools towards analysis and verification of cyber resilience in model architectures.
This project for "Engineering for Cyber Resilience: Through-Life Modelling and Analysis (ENCYRCLE)" will be delivered by a leading team of industrial and academic researchers with access to world-class research facilities.
By enhancing cyber resilience of connected transport (and other associated infrastructure), this project will improve public safety and trust in these technologies, ensuring the continued operation of essential services even under adversarial conditions, highlighting its societal impact. Increased system resilience will reduce economic losses caused by system downtimes and cyber attacks, supporting the automotive and other high-stakes industries by minimising vulnerabilities and safeguarding their operational integrity and market confidence, emphasising economic impact. Furthermore, secure and resilient systems will enhance the efficiency and sustainability of industrial operations, potentially leading to reduced environmental footprints through optimised and uninterrupted performance, underscoring the environmental impact.
A proposed joint lab, equipped with the bespoke tool chain developed in the project, would serve as enduring impact as capacity for modelling and analysis of cyber resilience.
This proposal unites two organisations - Thales and Swansea University - in their vision to make the world a more resilient place, laying down the scientific foundations of cyber resilient systems engineering and operation, and ultimately paving the way for a deeper strategic and prosperity partnership between the two.
The UK’s National Cyber Strategy (2022), currently in place, has explicitly set out the challenge to “identify novel and emerging technology applications that have the potential to create cyber security risks, and ensure the UK is at the forefront of the safe and secure development of these technologies”, and has indeed explicitly identified ‘connected and automated vehicle deployments’ as part of this challenge. More widely, the recent EU Cyber Resilience Act (CRA), which will come into force over a phased transition period starting in late 2025, insists on cybersecurity requirements governing the planning, design, development and maintenance with obligations to be met at every stage of the value chain. As such, it places on system manufacturers and operators an obligation to provide duty of care for the entire lifecycle of systems such as automotive. Globally, for the automotive industry, the UNECE Regulation 155, which comes into force in July 2024, already mandates a cyber security management system, covering risk assessment and mitigation through the life of automotive platforms.
This proposal sets out to overcome this very challenge by addressing the following research objectives:
Establishing a deeper understanding of the problem of cyber resilience in the real world, and characterising intricate behaviours that systems exhibit leading to failure;
Reviewing the state-of-the-art of engineering safety and security in complex systems, through a systematic examination of methodologies and tools;
Developing a through-life model of resilience incorporating safety, security and liveness, with a particular focus on the operational phase;
Developing and implementing a systems and property specification language supporting cyber resilience design and analysis; and
Identifying and applying AI-driven tools towards analysis and verification of cyber resilience in model architectures.
This project for "Engineering for Cyber Resilience: Through-Life Modelling and Analysis (ENCYRCLE)" will be delivered by a leading team of industrial and academic researchers with access to world-class research facilities.
By enhancing cyber resilience of connected transport (and other associated infrastructure), this project will improve public safety and trust in these technologies, ensuring the continued operation of essential services even under adversarial conditions, highlighting its societal impact. Increased system resilience will reduce economic losses caused by system downtimes and cyber attacks, supporting the automotive and other high-stakes industries by minimising vulnerabilities and safeguarding their operational integrity and market confidence, emphasising economic impact. Furthermore, secure and resilient systems will enhance the efficiency and sustainability of industrial operations, potentially leading to reduced environmental footprints through optimised and uninterrupted performance, underscoring the environmental impact.
A proposed joint lab, equipped with the bespoke tool chain developed in the project, would serve as enduring impact as capacity for modelling and analysis of cyber resilience.