MASc and PhD Student Openings in the Kundur Research Group at the Interface of Deep Learning, Cybersecurity and Smart Grid

Are you looking for an exciting graduate thesis experience with a vibrant research group? The Kundur Research Group at the University of Toronto has multiple openings for MASc and PhD students starting in the 2023-2024 academic year on the topic of Cyber-Physical Security of the Smart Grid (where deep learning and cybersecurity meets modern critical infrastructure).

Students with strong academic records, good communication skills, and a natural interest in lifelong learning are encouraged to apply. Typically, students should have an undergraduate degree in electrical & computer engineering or equivalent with relevant courses in area(s) of interest.

If interested, please email Prof. Kundur ( a resume/CV along with a copy of your transcripts and a brief statement in the body of your email 1) introducing yourself; 2) articulating why you are interested in pursuing graduate studies in the Kundur research group; 3) anything else you think is relevant.

Project Details:

Background and Motivation: 
The digitalization of power grids over the last decade has afforded undeniable benefits to the power utility sector, but at the expense of increasing the cyberattack surface across this critical infrastructure. The December 2015 cyberattack on the Ukrainian power grid left hundreds of thousands of customers in darkness for several hours after seven 110 kV and twenty-three 35 kV substations were maliciously disconnected from the grid. Chilling echoes were experienced a year later in December 2016 when the Ukrainian grid was the target of another cyber-assault. Postmortem analysis of both incidents revealed initial footholds through a large-scale BlackEnergy 3 spear-phishing campaign, the KillDisk data destruction software and the Carshoverride modular malware compelling the need for effective intrusion detection at power grid substations. Since then, a variety of high-profile industrial control system (ICS)-specific incidents have been reported. Moreover, protective relays, the fastest line of defence against power system disturbances, are a rapidly growing target for cyberattacks. As such, this research addresses the timely and ambitious problem of cyberattack detection in modern smart grid systems with a focus on protection devices.

Smart grid systems are undergoing a transformation through the convergence of information technology (IT) and operational technology (OT), merging enterprise-level knowledge with operational insights. This vital enhancement improves system automation and visibility, but comes at cost of increasing cyberattack surface. Cyberattacks on smart grid systems have become growingly intelligent exhibiting characteristics that are polymorphic, patient and persistent often involving supply chain deployment.
Given the stealth and sophistication of the current cyberthreat landscape, there is a compelling need for early and accurate detection of cyber and coordinated cyber-physical attacks, which is a critical first step for smart grid response and recovery. Moreover, protective relays, the fastest line of defence against power system faults and disturbances, are a rapidly growing target of attacks. This research program addresses the timely and ambitious problem of cyber-physical attack detection in modern smart grid systems with a focus on digital substation protection devices.

Research Objectives:
The resulting data-rich environment arising from IT/OT convergence enables data-driven cyber-physical modelling paradigms and analytics. As such, the proposed research program explores the brave new world of opportunities for data analytics techniques in smart grid attack detection through the following objectives. The objectives of this research are to:

1) To increase the robustness of deep learning-based attack detection through the use of generative adversarial networks and adversarial training techniques;
2) Develop a framework for collaborative intrusion detection that incorporates federated learning to detect coordinated cyber-physical attacks;
3) Construct IT/OT honeypots using reinforcement learning to deceptively lure real-world attack signatures for improved modeling and detection of emerging attacks.

 The proposed approaches have the potential to be transformative to the field of smart grid cyber-physical security. Not only will the results of this research provide the ability to deter cyber-physical attacks before they can be executed, but they will facilitate identification of potential sources of supply chain attacks that is currently considered one of the most compelling problems in smart grid security. Current utility practices that are based on the introduction of security standards and the application of cybersecurity best practices are insufficient, making the proposed research crucial for Canada’s critical energy infrastructure defence strategy. Moreover, it is well known that under-resourced communities are more likely to be the victims of IT-based cyberattacks. This work aims to address the potentially heightened power grid threats on these vulnerable populations facilitated through IT/OT convergence illuminating possible inequities in accessibility to safe and secure power.

More information about Professor Kundur and her group’s work can be found here: and