Security research focused on the systems society depends on.
Cornell Security is the professional portfolio and research platform of Norris Cornell. The site brings together work in cyber defense, identity and access management, industrial control systems (ICS/SCADA), satellite cybersecurity, and technical writing focused on protecting critical infrastructure.
Featured research
Featured Paper
Satellite Cybersecurity: When Cyber Meets the Spectrum
Critical infrastructure increasingly depends on timing and RF signals that many cybersecurity programs do not directly model, validate, or monitor. This paper examines how satellite, signal‑layer, and application‑trust assumptions intersect across cyber‑physical systems.
Four-Part Series
Inputs Lie
A research series examining how critical infrastructure fails when systems implicitly trust unverifiable inputs — from physical sensors and RF signals through PLC control logic to API endpoints. Each part builds on the last, culminating in a live detection lab.
Latest writing
When Cyber Meets the Spectrum: SIGINT and Security Lessons for ICS Satellite Communications
When Cyber Meets the Spectrum
ICS Taught Me More About Input Validation Than OWASP Ever Did
Before I learned about OWASP or STRIDE, electronics taught me a harsh truth: if a system trusts bad input, it will fail — sometimes violently. ICS and AppSec live in separate worlds, but the problems they face are deeply connected.
The Water Sector's Default Password Problem
November 25, 2023. A remote booster station serving 6,000 people in Pennsylvania was accessed by a hostile actor. The international media followed. Defacement banners appeared on the HMI. Operators we
Projects
Practical cybersecurity projects and defensive lab environments.