Physical-Layer Insecurities of Cyber-Physical Systems

About the Project

Modern digital systems are increasingly integrated with the physical world. Examples include power grids, autonomous vehicles, and space systems. These Cyber-Physical Systems (CPS) combine physical processes with digital computation, and are therefore exposed to threats in both domains. While security measures such as encryption and authentication address digital risks, the physical interfaces of CPS (such as sensors and communication links) remain vulnerable and are often overlooked. A system cannot easily distinguish between genuine and manipulated inputs, and in either case it may respond in ways that disrupt its operation. Research has shown that such weaknesses can be exploited in practice, for example through signal injection attacks on sensors [1, 3], interference with wired communication such as electric vehicle charging [2], and protocol-aware jamming of satellite communications [4]. The growing accessibility of low-cost hardware and software-defined radios further increases the potential for exploitation by a wide range of actors.

Unlike software flaws, vulnerabilities in physical components cannot be ‘patched’ in the traditional sense. It is therefore critical to address these weaknesses at the design stage. Yet Physical-Layer Security remains relatively underexplored, largely due to limited awareness of the risks and the challenges of implementation.

This PhD project will:

• systematically analyse threats and attack vectors targeting the physical layer of CPS, focusing on sensors and communication systems
• evaluate state-of-the-art countermeasures to protect from attacks
• propose and experimentally validate new techniques for improving recovery from attacks such as signal injection, electromagnetic interference, and jamming.

The successful applicant will have the opportunity to work with real-world cyber-physical systems (electric vehicles, space and satellite systems, and power grid testbeds), and will develop expertise in embedded systems, wireless communication, and applied security research.

Eligibility

Applicants are expected to hold (or be close to completing) a minimum of an upper second-class undergraduate honours degree (or equivalent) in Computer Science, Electrical Engineering, or a closely related discipline, ideally with a focus on Cyber Security. Experience with common laboratory equipment such as oscilloscopes, signal generators, and software-defined radios is desirable, as is an interest in the security of Cyber-Physical Systems. A solid foundation in programming (C, C++ or Python) together with familiarity with operating systems and computer networks will also be beneficial. Relevant professional or research experience in areas such as embedded systems, wireless communication, or hardware security would be advantageous but is not essential.

Funding

This 3.5-year PhD studentship is open to Home (UK) applicants and EU students with settled status. The successful candidate will receive an annual tax-free stipend set at the UKRI rate (£20,780 for 2025/26; subject to annual uplift), and tuition fees will be paid. We expect the stipend to increase each year.

We recommend that you apply early as the advert may be removed before the deadline.

Before you apply

We strongly recommend that you contact the supervisors for this project before you apply. Please include details of your current level of study, academic background and any relevant experience and include a paragraph about your motivation to study this PhD project.

How to apply

Apply online through our website: https://uom.link/pgr-apply-2425

When applying, you’ll need to specify the full name of this project, the name of your supervisor, if you already having funding or if you wish to be considered for available funding through the university, details of your previous study, and names and contact details of two referees.

Your application will not be processed without all of the required documents submitted at the time of application, and we cannot accept responsibility for late or missed deadlines. Incomplete applications will not be considered.

After you have applied you will be asked to upload the following supporting documents:

• Final Transcript and certificates of all awarded university level qualifications
• Interim Transcript of any university level qualifications in progress
• CV
• Supporting statement: A one or two page statement outlining your motivation to pursue postgraduate research and why you want to undertake postgraduate research at Manchester, any relevant research or work experience, the key findings of your previous research experience, and techniques and skills you’ve developed. (This is mandatory for all applicants and the application will be put on hold without it).
• Contact details for two referees (please make sure that the contact email you provide is an official university/work email address as we may need to verify the reference)
• English Language certificate (if applicable)

If you have any questions about making an application, please contact our admissions team by emailing FSE.doctoralacademy.admissions@manchester.ac.uk.