Thèse Secure Cyber-Physical Systems With Machine Learning Components Ml-Cps H/F - Doctorat.Gouv.Fr

Établissement : Université Grenoble Alpes École doctorale : MSTII - Mathématiques, Sciences et technologies de l'information, Informatique Laboratoire de recherche : VERIMAG Direction de la thèse : Thao DANG ORCID 0000000236371415 Début de la thèse : 2026-10-01 Date limite de candidature : 2026-06-09T23:59:59 The increasing integration of machine learning components into the control and supervision of cyber-physical systems (CPS)-which interconnect heterogeneous elements such as physical processes, digital computing units, smart sensors, and communication networks-has enabled the achievement of more complex objectives with improved performance. Beyond classical threats affecting CPS, including denial-of-service, replay, and data injection attacks, CPS integrating ML, referred to as ML-CPS, are exposed to additional system-specific vulnerabilities arising at both the training and inference stages.

The objective of the thesis is to develop effective strategies for the reliable detection of such attacks and for mitigating their impact on system performance. From a scientific perspective, the project goes beyond classical resilient and robust control frameworks, as well as traditional attack detection and isolation approaches, to specifically address the novel vulnerabilities introduced by machine learning-based systems. The increasing integration of machine learning components into the control and supervision of cyber-physical systems (CPS)-which interconnect heterogeneous elements such as physical processes, digital computing units, smart sensors, and communication networks-has enabled the achievement of more complex objectives with improved performance. Beyond classical threats affecting CPS, including denial-of-service, replay, and data injection attacks, CPS integrating ML, referred to as ML-CPS, are exposed to additional system-specific vulnerabilities arising at both the training and inference stages. \_ The thesis will follow two major directions:
- Security specification via hyperproperties. We plan to use hyperproperties [2, 3], to formallyspecify security policies. The objective is then to extend the verification and monitoring frameworksfor properties, to support the specification and enforcement of such hyperproperties.

- Attack models and detection. We focus on attacks on the deep learning components of ML-CPS,and develop evasion attacks that can degrade the performance of deep learning based systems or makethem violate a given property.We also consider attacks occurring during both the training and inference phases. For attack detection,we plan to extend our method for uniform sampling of signal spaces constrained by complex timingand symbolic constraints [1].

Solid competences in computer science and applied mathematics; knowledge in formal methods, competences and experience in programming.

Please send us all your university transcripts (grades and ranking).