Security research focused on the systems society depends on.
Cornell Security is the professional portfolio and research platform of Norris Cornell. The site brings together work in cyber defense, identity and access management, industrial control systems (ICS/SCADA), satellite cybersecurity, and technical writing focused on protecting critical infrastructure.
Featured research
Featured Paper
Satellite Cybersecurity: When Cyber Meets the Spectrum
Critical infrastructure increasingly depends on timing and RF signals that many cybersecurity programs do not directly model, validate, or monitor. This paper examines how satellite, signal‑layer, and application‑trust assumptions intersect across cyber‑physical systems.
Latest writing
ICS Taught Me More About Input Validation Than OWASP Ever Did
Before I learned about OWASP or STRIDE, electronics taught me a harsh truth: if a system trusts bad input, it will fail — sometimes violently. ICS and AppSec live in separate worlds, but the problems they face are deeply connected.
The Water Sector's Default Password Problem
November 25, 2023. A remote booster station serving 6,000 people in Pennsylvania was accessed by a hostile actor. The international media followed. Defacement banners appeared on the HMI. Operators we
Logic Follows Lies: How PLCs and RTUs Fail Under Adversarial Conditions
A PLC or RTU accepts whatever value reaches its input buffers and applies deterministic logic to it with absolute confidence. And when those upstream signals are manipulated—whether sensor readings, t
Projects
Practical cybersecurity projects and defensive lab environments.