{"686564":{"#nid":"686564","#data":{"type":"event","title":"PhD Proposal by Burak Sahin","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003ETitle:\u0026nbsp; \u003C\/strong\u003EPhysics-Aware\u0026nbsp;Cybersecurity\u0026nbsp;for Industrial Control Systems: A Unified Path from Testing to Hardening to Integrity\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EDate:\u003C\/strong\u003E\u0026nbsp;Monday, Dec. 8th, 2025\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ETime:\u003C\/strong\u003E\u0026nbsp;2:00 PM to 3:00 PM EST\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ELocation:\u003C\/strong\u003E\u0026nbsp;Coda 0903 Ansley\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EBurak Sahin\u003C\/p\u003E\u003Cp\u003EComputer Science Ph.D. student\u003C\/p\u003E\u003Cp\u003ESchool of\u0026nbsp;Cybersecurity\u0026nbsp;and Privacy\u003C\/p\u003E\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003EDr. Saman Zonouz (advisor), School of\u0026nbsp;Cybersecurity\u0026nbsp;and Privacy, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Mustaque Ahamad, School of\u0026nbsp;Cybersecurity\u0026nbsp;and Privacy, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Brendan Saltaformaggio, School of\u0026nbsp;Cybersecurity\u0026nbsp;and Privacy, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EAbstract:\u0026nbsp;\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EIndustrial Control Systems (ICS) present a unique challenge: the same PLC software stack is deployed across radically different physical processes, yet each process has its own dynamics, safety boundaries, and temporal behaviors. Cyber-wise, these systems appear identical\u2014the same runtime, memory layout, and control logic interfaces, but physically, they behave nothing alike. Because real ICS failures emerge from how software interacts with process dynamics, effective security must specialize to the underlying physical process rather than generalize from shared software. My research addresses this foundational gap by developing physics-aware\u0026nbsp;cybersecurity\u0026nbsp;frameworks that adapt testing, hardening, and runtime integrity to each plant\u2019s unique physical requirements. This foundational mismatch is addressed by building physics-aware\u0026nbsp;cybersecurity\u0026nbsp;frameworks that adjust their analysis and defenses to each plant\u2019s unique physical process. Across fuzzing, debloating, and runtime integrity, my work centers on a unifying principle: security for ICS cannot be one-size-fits-all, because the physical processes they control are not one-size-fits-all.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EI begin with ICSFlux, a physics-aware fuzzing framework that shifts the focus from software execution paths to physical-state evolution. Rather than assuming vulnerabilities emerge from malformed inputs or code-level bugs, ICSFlux reasons about the temporal dynamics of the physical process itself. By computing how physical states evolve toward unsafe conditions, ICSFlux tailors its exploration to each system\u2019s physical model and secure physical operations. Two plants running the same PLC software will produce entirely different physical interactions and failures. ICSFlux automatically adapts to each underlying physical process, revealing multi-cycle, physics-driven vulnerabilities that are invisible to IT-centric testing.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EBuilding on the insight that identical software deployments can have radically different physical requirements, I develop ICSFit, a debloating framework that reduces PLC runtime code by analyzing what the specific physical mission actually requires. Conventional binary debloating assumes that unused code is defined by cyber-level reachability. ICSFit instead uses the control logic and its associated physical process to determine which firmware components are physically meaningful for the plant\u2019s operation. This allows safe removal of large segments of code\u2014from boot-time routines to unused protocol handlers, yielding a hardened PLC runtime tailored to the unique physical system it controls.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EFinally, I introduce ICS-PFI (Physics-Flow Integrity), a new class of runtime protection that anchors control-flow integrity not in static CFG structure, but in the physical plausibility of controller execution. Traditional CFI treats all deployments of the same PLC as identical. ICS-PFI recognizes that what counts as a legitimate control-flow path depends on the physical process: two sequences of logic may be software-legal yet physically impossible or unsafe. ICS-PFI enforces that controller execution remains consistent with the expected evolution of the underlying physical system, detecting attacks that preserve CFG correctness but violate physical semantics.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003ETogether, these systems create a cohesive, physics-aware approach to ICS security. By acknowledging that common software controls diverse physical processes, my research develops defenses that adapt to each plant\u2019s unique physical dynamics rather than forcing industrial systems into IT-style abstractions. My long-term vision is to establish a scientific foundation for cyber-physical security - one where testing, hardening, and runtime guarantees are aligned with the realities of industrial operations, ensuring safer and more resilient critical infrastructure.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003EPhysics-Aware Cybersecurity for Industrial Control Systems: A Unified Path from Testing to Hardening to Integrity\u0026nbsp;\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Physics-Aware Cybersecurity for Industrial Control Systems: A Unified Path from Testing to Hardening to Integrity "}],"uid":"27707","created_gmt":"2025-11-20 21:47:18","changed_gmt":"2025-11-20 21:47:50","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2025-12-08T14:00:00-05:00","event_time_end":"2025-12-08T15:00:00-05:00","event_time_end_last":"2025-12-08T15:00:00-05:00","gmt_time_start":"2025-12-08 19:00:00","gmt_time_end":"2025-12-08 20:00:00","gmt_time_end_last":"2025-12-08 20:00:00","rrule":null,"timezone":"America\/New_York"},"location":"Coda 0903 Ansley","extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"102851","name":"Phd proposal"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}