Matthias Eckhart is a Ph.D. candidate at the Vienna University of Technology (TU Wien), advised by Prof. Edgar Weippl. He works as a researcher at the University of Vienna and SBA Research. His research focuses on risk identification, quantitative risk analysis, and intrusion detection to improve the security of cyber-physical systems. His works have been published in several top journals, such as IEEE TII, IEEE TDSC, and Computers & Security. In 2023, he participated in a research visit to the National Institute of Informatics (NII), Tokyo, Japan, as part of the NII international internship program. He has served on the program committee of several international conferences and workshops, including CCS and EDCC. His academic contributions have been acknowledged with the Critical Infrastructure Award from the Austrian Academy of Sciences (OeAW). Additionally, he won the Technology Transfer Competition, organized by the European Space Agency (ESA), twice (2022 and 2023).
Modern society heavily depends on the reliable and efficient supply of food, drinking water, energy, and other essential goods and services provided by critical infrastructure. Cyber-physical systems (CPSs), or, more specifically, industrial control systems (ICSs), are an integral part of critical infrastructure and, therefore, need to operate as safely and securely as possible. However, as ICSs become increasingly connected and more software-intensive, their attack surface expands, making them more susceptible to cyber-physical attacks. This issue is exacerbated if security aspects are neglected during engineering since flaws in the design and architecture of ICSs could lead to inherent security weaknesses. At the same time, the threat landscape continues to evolve in sophistication and aggressiveness, as regularly demonstrated through the emergence of new ICS-tailored malware (e.g., TRISIS/TRITON/HatMan, Industroyer2, and PIPEDREAM/INCONTROLLER). Managing cyber-physical risks from end to end is vital to protect ICSs against current and future security threats. However, systems integrators and asset owners often lack adequate methods to establish such a holistic security approach. Motivated by this need, my research aims to provide ICS security solutions that address the engineering and operation phases. As a first step to fostering security-by-design practices, I have developed automated methods to identify security risks based on existing engineering artifacts. These methods incorporate security and engineering domain knowledge, thereby supporting the adoption of security standards (e.g., the IEC 62443 series) while strongly considering the operational aspects of industrial processes (e.g., safety, product quality, and performance). Complementary to my research targeting the engineering phase, I have also proposed methods to improve the security of ICSs during operation. In particular, I have explored how (full) system emulation, simulation, modeling, and data-driven techniques can be combined to virtually replicate multiple CPS layers, including the control logic, communication networks, and physical dynamics. These virtual replicas, often called digital twins, can then be used for various security-enhancing applications. For example, if the digital twin is built from a legitimate specification and mirrors the benign runtime behavior of its counterpart, any state mismatches could reveal attacks or faults affecting the actual ICS. Overall, these methods help engineers and operators adopt a security-first approach that can be implemented consistently along the entire ICS lifecycle.