{"id":185089,"date":"2026-02-06T09:40:00","date_gmt":"2026-02-06T14:40:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/06\/uah-news-the-university-of-alabama-in-huntsville\/"},"modified":"2026-02-06T10:00:13","modified_gmt":"2026-02-06T15:00:13","slug":"uah-news-the-university-of-alabama-in-huntsville","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/06\/uah-news-the-university-of-alabama-in-huntsville\/","title":{"rendered":"UAH | News | The University of Alabama in Huntsville"},"content":{"rendered":"<p><a href=\"https:\/\/www.uah.edu\/news\/items\/two-uah-ccre-doctoral-researchers-secure-patents-defend-against-sophisticated-cyber-attacks\">UAH | News | The University of Alabama in Huntsville<\/a><\/p>\n<p><a href=\"https:\/\/www.uah.edu\/news\/items\/two-uah-ccre-doctoral-researchers-secure-patents-defend-against-sophisticated-cyber-attacks\">https:\/\/www.uah.edu\/news\/items\/two-uah-ccre-doctoral-researchers-secure-patents-defend-against-sophisticated-cyber-attacks<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-06 09:40:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.uah.edu\">www.uah.edu<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>(L-R) Dr. Tommy Morris, CCRE director, congratulates Dr. Rishabh Das on earning his doctorate.<\/p>\n<p>Courtesy Rishabh Das<\/p>\n<p>Transforming doctoral research into patented technology is a challenging achievement, particularly while completing a Ph.D. Dr. Aaron Werth and Dr. Rishabh Das, former doctoral students at The University of Alabama in Huntsville (UAH), a part of The University of Alabama System, successfully navigated this process, earning U.S. patents for innovative cybersecurity technologies developed through their dissertation research at UAH\u2019s Center for Cybersecurity Research and Education (CCRE).<br \/>\nBased on his dissertation, Werth\u2019s patent, titled \u201cEmbedded intrusion prevention system for industrial controllers,\u201d detects and protects programming logic controllers, or PLCs, from commands or ladder logic uploads that would harm the physical process that the PLC manages. A PLC is a specialized \u201chardened\u201d industrial computer that automates, controls and monitors critical infrastructure, such as manufacturing or power grids. Due to increased networking, PLCs are high-value targets; breaches can cause significant production shutdowns, equipment damage or public safety hazards.<br \/>\nWerth developed the project as a Ph.D. student and subsequently a Ph.D. candidate, spending over three years evolving the concept.<\/p>\n<p>Dr. Aaron Werth displays his patent at the UAH Center for Cybersecurity Research and Education.<\/p>\n<p>Courtesy Aaron Werth<\/p>\n<p>\u201cOther graduate students were focusing more on anomaly-based detection methods, and they developed comprehensive approaches for anomaly detection which were very good,\u201d the researcher explains. \u201cI wanted to focus on a different threat \u2013 one that appears very normal and not anomalous in its behavior.\u201d<br \/>\nWerth reports the biggest challenge proved to be developing \u201can effective mechanism to detect harmful packets and ladder logic, which appear normal,\u201d adding it was \u201cnot completely apparent how to create such a mechanism.\u201d Malicious ladder logic is code inserted into PLCs to manipulate processes, cause physical damage or hide unauthorized activity, while harmful packets are network data packets used to deliver this malicious logic, manipulate data or disrupt communication between controllers, often exploiting insecure protocols.<br \/>\nWerth recalls a \u201ceureka\u201d moment he and Dr. Tommy Morris, director of the CCRE, shared during a demo of the prototype. \u201cThis demo illustrated the concept of the PLC hardware housing a rapid simulation of a model of the PLC interacting with the physical system,\u201d Werth says. \u201cEssentially, the PLC had a digital twin of itself within itself so that it could very quickly simulate and determine what would happen if the actual PLC were to process an incoming packet.\u201d<br \/>\nDigital twins protect against cyberattacks by creating real-time, virtual replicas of physical systems, allowing organizations to proactively simulate, detect and mitigate threats without risking operational downtime. The advance led to Dr. Morris encouraging Werth to pursue a patent, who filed the invention disclosure just days after successfully defending his dissertation and later filed the patent application.<br \/>\nBuzzing with innovation<br \/>\nDas\u2019 patent, titled \u201cEmbedded intrusion detection system for industrial controllers,\u201d develops and tests a multilayer intrusion detection approach that operates within industrial controllers, serving as the final line of defense against cyber attacks. Das compares the notion to a \u201chive full of bees\u201d as an easier way to understand this concept.<br \/>\n\u201cEach \u2018bee\u2019 (controller) performs local sensing, collecting process measurements,\u201d the researcher says. \u201cThe \u2018bees\u2019 simultaneously \u2018signal\u2019 one another by sharing compact summaries of their security state. When a threat is confirmed, the \u2018hive\u2019 responds by escalating alerts to operators. In this way, the system leverages swarm-like behavior.\u201d<br \/>\nDas was a Ph.D. candidate when he started working on his \u201chivemind\u201d idea, and, including the research and evaluation process, he estimates the entire process took about two years to complete. He received approval for his patent in fall 2025.<br \/>\nDas recounts the clock as being the biggest challenge during the development process. \u201cTo realize the hivemind concept, I had to ensure that each controller was precisely time-synchronized so that, whenever a controller received a message from a neighboring controller, it knew exactly when that message was sent, making reliable and consistent time synchronization significantly more difficult.\u201d<br \/>\nAnother major challenge was the detection algorithm, requiring the researcher to make aggressive changes to improve detection performance, which \u201crequired re-architecting and rewriting thousands of lines of code in a highly efficient manner, ensuring the algorithms could run in real time on constrained hardware without impacting controller performance.\u201d<br \/>\nDas says the greatest satisfaction during the entire process was the moment his concept finally worked. \u201cI still remember executing a network attack on my simulated oil terminal testbed and carefully watching the pressure readings creep toward the safety limit. They identified the issue and shared their alerts, exactly as I had envisioned.\u201d<br \/>\nSeeing the forest as well as the trees<br \/>\nBoth researchers cite the impact Morris had on their respective projects. \u201cDr. Morris guided me overall through his knowledge of cybersecurity and SCADA systems and provided input based on his knowledge,\u201d Werth says. \u201cHe was instrumental in the process of reviewing and editing. We had several research papers based on the dissertation, some submitted before and after I graduated. He helped me to consider many scenarios in which the technology could be applied and various edge cases and coached me on how to formulate hypotheses about the technology. I then had to test these hypotheses through experimentation.\u201d<br \/>\nDas cites Dr. Morris\u2019s guidance as pivotal as well. \u201cHe is both a mentor and a motivator. Having a mentor who can simultaneously see the 30,000-foot view of a research project and also dive into the granular theoretical and developmental details is a true privilege.\u201d<br \/>\nThe researcher recalls in particular a meeting with Dr. Morris from 2017. \u201cI had just completed a foundational project on industrial control system virtualization and was starting to explore ideas related to intrusion detection. He picked up an orange marker and began filling a whiteboard with potential research questions and directions. Little did I know that many of those questions would eventually shape the core trajectory of my Ph.D. journey. One of those discussions led directly to the conceptualization of the interdependent controller defense. I took a snapshot of that whiteboard, and I still have that picture with me to this day.\u201d<br \/>\nThe patents awarded to Werth and Das underscore the strength of UAH\u2019s doctoral programs and CCRE\u2019s mission to advance cybersecurity research while preparing the next generation of technical leaders.<br \/>\n\u201cI have two research roles at UAH,\u201d Morris says. \u201cI lead the Center for Cybersecurity Research and Education and I work with Ph.D. students from the Electrical and Computer Engineering department. CCRE researchers tend to work on applied research. Often, we work to take proven ideas and apply them to specific systems such as Industrial Control Systems or weapon systems. The Ph.D. level research is more basic in nature. There, we try to look ahead and explore new ideas and technologies. Working in both areas allows me to help transition the work of Ph.D. graduates into applications useful to industry and government. That is a great place to be.\u201d<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>UAH | News | The University of Alabama in Huntsville https:\/\/www.uah.edu\/news\/items\/two-uah-ccre-doctoral-researchers-secure-patents-defend-against-sophisticated-cyber-attacks Publish Date: 2026-02-06 09:40:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":185090,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.uah.edu\/socialImages\/UAH_white-blue-og.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-185089","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185089"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=185089"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185089\/revisions"}],"predecessor-version":[{"id":185091,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185089\/revisions\/185091"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/185090"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=185089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=185089"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=185089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}