Cybersecurity, Information...

Cybersecurity, Information Protection, and Hardware Evaluation Research Lab (CIPHER)

GTRI's Cybersecurity, Information Protection, and Hardware Evaluation Research Laboratory (CIPHER Lab) is a leader in developing the technologies that secure, defend, and respond to threats within our country's information, distribution, and network systems. CIPHER Lab provides high-impact solutions to some of today's most challenging cybersecurity problems for both government and industry, while also developing far-reaching high-risk high-payoff cyber technologies to respond to future threats.

CIPHER Lab engineers and scientists develop and apply cutting-edge technologies in computing, network architectures, signal and protocol analysis, network forensics, custom algorithms for cyber defense and attribution, malware analysis, open source information collection and correlation, insider threat detection and mitigation, hardware and software reverse engineering, and advanced analytics.

CIPHER Lab's core competencies include:


Cyber Defense and Threat Intelligence: CIPHER Lab’s Threat Intelligence and Analytics Division (TIA) develops custom algorithms and techniques to enhance cyber defense and threat intelligence for industry, defense, and intelligence communities.  TIA integrates novel applied research in machine learning and human/machine collaborative systems into frameworks to discover, analyze and mitigate cyber threats and vulnerabilities and enhance the capabilities of intelligence analysts.

Advanced Cyberspace Operations and Situational Awareness: CIPHER Lab researchers develop and deploy analytics and monitoring capabilities across layered maps of components on government networks.  Capabilities include cyber intelligence ingest, discovery and search, real-time network forensics, correlations and predictive analytics, and indications of mission readiness. CIPHER Lab can also develop tailored solutions for industry customers and help with the evaluation, integration, and training for Secure Operations Centers as well as provide unique penetration testing services and consultation to help develop and maintain comprehensive information security programs.

Quantum Computing and Quantum Sensors: CIPHER Lab’s Quantum Systems Division (QSD) investigates quantum computing systems based on individual trapped atomic ions and novel quantum sensor devices based on atomic systems. QSD has designed, fabricated, and demonstrated a number of ion traps and state-of-the-art components to support integrated quantum information systems. Current efforts focus on implementing small quantum algorithms in these devices with the goal of better understanding the effects of noise on fidelity of the algorithms.

Information Protection

Secure Software Systems and Collaboration: CIPHER Lab’s Secure Information Systems Division (SIS) concentrates on the design and development of secure real-world, multi-level information sharing applications. Hardware and software design methodologies are combined to deliver information exchange solutions that pass the rigorous testing required to operate on the nation’s most secure networks. SIS solutions are nationally recognized within the government as state-of-the-art, affordable, secure, and scalable.

Resilient Network Systems Engineering: CIPHER Lab's Command and Control Mission Assurance Division (C2MA) concentrates on design and fielding of resilient information management systems. Cutting edge technologies, including secure network enclaves, virtualization, multi-level security, and adaptive quality of service management, are applied to construct Joint command and control systems for combat operations. The Division's solutions have been accredited and tested in multiple DoD operations centers and many of these systems have been deployed around the globe for a variety of operations such as the Haiti humanitarian relief effort.

Hardware Evaluation

Reverse Engineering and Vulnerability Analysis of Embedded Systems: CIPHER Lab’s Network Vulnerability Division (NVD) is skilled in reverse engineering, vulnerability discovery, and forensics analysis of embedded systems. Red team activities focus on vulnerability discovery and the development and demonstration of RF and network-based techniques to gain unauthorized access to and/or exploit information networks. These efforts identify weaknesses and help ensure that mitigations are effective. The division specializes in wireless and embedded devices such as radios, modems, routers and embedded controllers comprising various military and Industrial Control System (ICS) networks.  Research is also focused on developing innovative tools, architectures, and methodologies for software and microelectronic hardware assurance to support needs in trustworthy embedded computing applications, e.g., Internet of Things (IoT).

Resiliency and Assessments of Cyber-Physical Systems: CIPHER Lab leverages extensive expertise in hardware, software, network, and RF communications to evaluate the cyber vulnerabilities in critical military assets, industrial control systems, and other and critical infrastructure systems.  CIPHER Lab has developed novel cyber assessment tools to streamline vulnerability analysis techniques.  In addition, they have developed mechanisms to ensure trust and security for embedded systems and controllers and provide formal assurance of system and mission specifications via root-of-trust hardware.

Education, Outreach, and Collaboration

Georgia Tech Campus Collaboration: CIPHER Lab researchers collaborate extensively with Georgia Tech faculty and students on projects across the range of core competencies and CIPHER Lab employs and trains numerous Georgia Tech students. CIPHER Lab is a critical part of many Georgia Tech campus interdisciplinary centers, most notably the Institute for Information Security & Privacy (IISP) and the Center for Research into Novel Computing Hierarchies (CRNCH). CIPHER Lab faculty teach classes in multiple departments at the undergraduate and graduate levels.

External Collaboration: CIPHER Lab collaborates with outside partners in industry, government, and academia.  CIPHER Lab has hosted academic researchers and government employees for extended periods of time for cybersecurity research and training opportunities. In addition, CIPHER Lab researchers have worked in government facilities to provide expertise across a range of technical areas.

Professional Education, Outreach and Awareness: CIPHER Lab cybersecurity experts provide tailored educational opportunities, hacker competitions (, emerging threat conferences, threat landscape reports, and other outreach activities. Effective information security programs must first be grounded in education and training as threats become increasingly sophisticated.  GTRI offers a range of Cyber Security Professional Education courses.