Threat Modelling and Cybersecurity Analysis for Home Battery Systems

Project description

This project explores cybersecurity threats, vulnerabilities and mitigation strategies relevant to residential battery systems, especially those participating in VPPs. 

It aims to answer: What are the primary cyber-physical threats affecting home batteries? Which attack vectors are most plausible in a typical Australian home setup(battery, inverter, Wi‑Fi, cloud portal, VPP aggregator)? What mitigation strategies are practical for installers, homeowners, and VPP operators? How can this knowledge be translated into accessible material for microcredentials, installers, or policy audiences?

Project scope

• This project seeks to:
  • Map cybersecurity threats relevant to residential batteries and their communication architectures.
  • Conduct a structured threat model(e.g., attack trees, STRIDE) for a typical home battery + VPP configuration.
  • Identify impacts, likelihoods, and practical mitigations appropriate for households and installers.
  • Produce resources to support microcredential content on battery safety, digital literacy, and cybersecurity.

Deliverables

• A threat model diagram for a typical home BESS + VPP setup.
• A summary of key attack scenarios and mitigation strategies grounded in the literature.
• A short report evaluating vulnerabilities and recommending practical protections.
• One or more learning-ready artefacts (e.g., 1-page “cyber hygiene for home batteries”).
• Material to support curriculum design for cybersecurity-relevant microcredential modules.

Information for applicants

• Desktop research (remote or on campus). Optional stakeholder interviews if scope requires. No lab or hardware testing required, but can be added for advanced students.
• Workload is negotiable to match your course requirements.
• Suitable for School of Engineering research-based courses, such as: ENGN2706, ENGN2707, ENGN3706, ENGN3712, ENGN4350, ENGN4706, ENGN4712, ENGN4718, ENGN8601, and ENGN8602.
• Suitable for both domestic and international students.
• Potential consultation with industry partners or cybersecurity researchers (optional)

Essential requirements

• Completion of core 2nd‑ or 3rd‑year engineering courses (electrical, computer systems, mechatronics, or related).
• Ability to understand basic technical diagrams and system architectures.
• Capacity to read and summarise technical literature.
• Interest in cybersecurity, cyber‑physical systems, or embedded systems.
• Good analytical writing and documentation skills.

Desirable requirements

• Coursework in cybersecurity, networks, embedded systems, or control systems.
• Basic understanding of home energy systems(batteries, inverters, Wi‑Fi/cloud monitoring).
• Experience with tools for modelling or diagramming (e.g., Draw.io, Lucid chart).
• Interest in standards, risk analysis, or safety engineering.
• Familiarity with threat-modelling frameworks (even at an introductory level).

Student takeaways

• Understanding of cyber-physical systems in distributed energy contexts.
• Knowledge of real-world cybersecurity threats, vulnerabilities, and mitigation strategies.
• Experience creating threat models and risk frameworks.
• Exposure to cutting-edge research in battery cybersecurity.
• Opportunities to contribute content for training, installers, and policy staff in a rapidly emerging field.

How to apply

If you are interested, please email a brief Expression of interest, along with a copy of your CV (resume) and academic transcript to the project supervisor.