Homepage - 2026 - SYSTEMS AND CONTROL METHODS FOR CYBER-PHYSICAL SECURITY

Homepage

Systems and Control Methods for Cyberphysical Security

Logistic and course description

Program

NEWS.

The 2026 edition of the course will start in late February. Exact schedule to be communicated in the next days.
Google Class: A Google class is used for communications and for sharing study materials. Please subscribe at the following link only using your Sapienza student email. Please unsubscribe from the group if you do not plan to take the exam.

2026 EXAM DATES:

See next exam dates at the official link.
06/02/2026, hour 09:00-12:00, Aula T1, Via Regina Elena.
12/06/2026. Time and place to be specified.
03/07/2026. Time and place to be specified.
16/09/2026. Time and place to be specified.

Goal of the course.

At the end of the course the student will be able to understand how well-crafted cyberattacks can lead to the physical disruption of a target system, while remaining undetected to the operator of the system for a sufficiently long time. The student will learn how to model the attack and its physical effect on the system, and in which cases the attack can remain undetected. Several important attack types and defence strategies will be examined, also with the help of simulations. The knowledge gained proves useful in practice also for vulnerability assessment and for improving the design of the systems, to make them more resilient to attacks.

Logistic and course description

Lectures:

TBD exact schedule
Each lesson will be recorded and the recording made available in the section Lecture Summary below. This is to facilitate students who cannot always attend in presence due to overlaps.

Office hours: Thursday at 10:00-12:00 in room A213, DIAG department, or online (Google Meet link). Please send me an email in advance. We can agree on a different day/hour.

Contact: liberati@diag.uniroma1.it. Write me for any question.

Google Class: A Google class is used for communications and for sharing study materials. Please subscribe at the following link only using your Sapienza student email. Please unsubscribe from the group if you do not plan to take the exam.

Description: The goal of the course it to provide an in-depth introduction to cyber-physical systems modelling, analysis, and protection against cyber-physical attacks. The course starts with an overview of practical examples of cyber-physical systems, and the study of known recent cyber-physical attacks, to familiarize with the important concepts. The key concepts and standards in risk management are presented, as risk management is the correct framework to systematically organize and manage all the activities related with cyber-physical security of a system. The practical concepts introduced are then abstracted and formalized by relying methodologies from system theory. This allows to model a cyber-physical system, the attack, and the perturbation that the attack causes in the system. Conditions are then developed to check whether it is possible or not to attack a system in an undetectable way. The most common and important types of attacks are modelled and analysed (bias injection attacks, replay attacks, false data injection attacks, switching attacks, zero dynamics attacks, covert attacks, etc.). Finally, methods are presented to build attack detectors, and to optimally protect a system againts attacks. During the entire course, most of the concepts introduced will be demonstrated through simulations (of attacks and detectors/defence schemes) in Matlab and Julia. In this latest edition of the course we will also cover new topics such as encrypted control and control allocation.

Prerequisites: Fundamentals of mathematical analysis (derivatives, integrals, differential equations), geometry (linear systems, matrices, determinant, rank), physics (elementary physical systems: circuits, mechanical systems, etc.). These propaedeutic concepts will be recalled where useful during the course, so to make the course accessible for everyone.

Study materials: For each lesson of the course, the specific study references (book sections, papers, etc.) will be indicated in the lesson summary (see section "Lecture summaries"). Link to the lecture slides, the blackboard notes and the zoom recordings of the lessons will be available. You can also take advantage of the slides, notes and zoom recordings of the previous version of the course, see website at this link.

Program

(Subject to minor variations before the course starts)

- Introduction to cyber-physical systems. What is a cyber-physical system. Examples from the critical infrastructures domain. Overview of known past and recent cyber-physical attaks to power systems and other critical infrastructures. Goal of the attackers and goal of the defender. Introduction to the protection of cyber-physical systems. Introduction to risk management and to a quantitative risk-based approach for securing cyber-physcal systems. Overview of main risk management standards and regulations;

- Modelling of cyber-physical systems: Modelling of an attack (the attack space, model knowledge, disclosure resources, disruption resources). First general detectability and identifiability conditions. Introduction to the design of attack detectors. The consistency property of detectors;

- Modelling and analysis of the main cyber-physical attack types, from static to more complex dynamical ones: false data injection attacks (FDIAs) against state estimation, denial of service attacks, replay attacks, switching attacks, covert attacks, zero dynamics attacks, etc.;

- Detection and mitigation techniques: Detectability of cyber-physical attacks in presence of side initial state information. Detectors and observers. Watermarking. Secure control allocation. Encrypted control. Resilient control.

- Experiments: during the course, many of the theoretical concepts will be implemented through simulations in Matlab and Julia, presenting design and simulations of attacks and detection/defence strategies.

Exams and Grading

ALL STUDENTS MUST BOOK THE EXAM ON INFOSTUD.

EXAM DATES

See next exam dates at the official link.
06/02/2026, hour 09:00-12:00, Aula T1, Via Regina Elena.
12/06/2026. Time and place to be specified.
03/07/2026. Time and place to be specified.
16/09/2026. Time and place to be specified.

EXAM MODALITIES

The student has two alternative options (you have to book the exam in Infostud in any case):

Written exam plus optional oral exam. The date of the written exam is the one listed below and specified in infostud. After the correction of the written exam, the student can decide to have the oral exam to try to improve the grade. The date of the oral exam will be fixed later, few days after the written exam. The written test lasts 2 to 3 hours, and includes one or two exercises, and one or two open-ended questions. No materials (notes, books, etc.) may be consulted. Students may ask for an additional oral exam after the written exam. Past exams are available at the bottom of the website. The exam dates for the written exam are listed below.
Project assignement plus mandatory oral exam. Towards the end of the course, the interested students (groups of 1 or 2 students max per project) can ask for a project, which will be typically on the study of one or two papers in the cyber-physical security field, and in the replication of their simulations. The students might also propose to me a topic of their interest for the project - I will evaluate if it is suitable for the development of a project. The project must be discussed in a period that goes from the written exam date to max 10 days after (because I have to close the exams in infostud). The students must send me the completed project at least 2 days before the day of discussion of the project. We will agree on a discussion date via email, once you have finished the project.

Lecture Summaries

This section will be populated during the course. After each lesson, the specific study references (book sections, papers, etc.) will be indicated in the lesson summary. Link to the lecture slides, the blackboard notes and the zoom recordings of the lessons will be available. You can also take advantage of the slides, notes and zoom recordings of the previous version of the course, see website at this link.To have an idea of the detailed, you can have a look at the past year website - link (as explained above, this year we will not have the initial lessons with the recap of system theory concept. These concept will be introduced only when needed during the explanation of the attack and defence schemes. This will make the course much more accessible for students from cybersecurity.

Lesson 1 - Introduction to the Course

Introduction to the logistics of the course. Tour of the website of the course - check it carefully. We discussed the logistic, the exam modalities, the teaching materials, etc. Then we presented an overview of all the technical content of the course, which then we will study in details in each lesson.

Lesson 2 - Introduction to Cyber-physical Systems

Introduction to cyber-physical systems (CPS). We discussed an important example of a CPS: the power grid. It will be the subject of some cyber-physical attacks discussed in the course.

Past Exams

Link to folder with past exams.

Some Readings

The Real Story of StuxnetHow Kaspersky Lab tracked down the malware that stymied Iran’s nuclear-fuel enrichment program

How 30 Lines of Code Blew Up a 27-Ton GeneratorA secret experiment in 2007 proved that hackers could devastate power grid equipment beyond repair—with a file no bigger than a GIF.

ENISA

Report abuse