Research Institute in Trustworthy Inter-connected Cyber-physical Systems (RITICS)

The Research Institute in Trustworthy Industrial Control Systems consisted of five projects: SCEPTICS (PI Clive Roberts, University of Birmingham), CEDRICS (PI Robin Bloomfield, City, University of London), MUMBA (PI Awais Rashid, Lancaster University), CAPRICA (PI Sakir Sezer, Queen's University Belfast), and RITICS (PI Chris Hankin, Imperial College London). The aim of the research institute was to address three key questions: 1) What physical harm do cyber threats pose to ICS and business? 2) Can we confidently articulate these threats as business risk? and 3) Are there novel effective and efficient interventions? The Director was funded from January 2014 and the other projects, which cover these questions, started in October 2014 funded for a period of three years. Apart from supporting a collection of research projects the aim of the institute was to provide coordination to promote cross-project collaboration and promote the results of the research to the practitioner community. EPSRC has invited this application to continue the funding for the coordination activity for a further 5 years, to enable the community to continue and expand, and serve as a UK hub for evidence-based research aiming to improve cyber security for industrial control systems. The hub
will seek to attract funding for new projects on this topic; it aims to be an open community offering a service to other projects and individuals conducting research on this topic. Through discussions with NCSC, we propose to broaden the scope of RITICS to more general cyber-physical systems; we will retain the acronym and associated branding but have changed the full title of the Institute to the Research Institute in Trustworthy Interconnected Cyber-physical Systems.

The NCSC Community of Interest is in the process of creating a problem book which will be a major source of challenges for the research calls and activities of the RITICS community. The interactions between RITICS and the NCSC CoI will expose
RITICS members to new industrial contacts and our concentration on problems from the NCSC problem book will facilitate pathways to exploitation and impact for results produced by RITICS members. We expect to achieve impact through through the dissemination of commercialising our results through NCSC or the innovation arms of the individual RITICS members. The revised set of questions for the RITICS continuation give greater emphasis to policy-related outcomes. Examples already exist from the first phase of RITICS such as our contributions to the cyber security strategy for the railway sector and the European work on certification of components for industrial control systems. This aspect will be sterngthened and supported by the appointment of our part-time Communications and Outreach Officer.