Embedded Files
PhD, CISSP, ACIIS, FHEA
Critical infrastructure | Cyberspace
Current Position
Current Position
I am the Lead OT Cyber Security Engineer at Immerive where I focus on strengthening people-centric cyber resilience within Operational Technology (OT) organisations. My role involves developing innovative activities that empower teams to identify, understand, and mitigate cyber threats effectively, ensuring a robust defence against evolving challenges in the OT landscape. Previously I was a Senior Security Engineer at Nexova Group, working for the European Space Agency's Space Cybersecurity Centre of Excellence (SCCoE). I am also involved in some of the cyber security research projects, aiming to further the cyber security of critical infrastructure and deliver novel, research-led training. Additionally, I am a member of the ICS Community of Interest (and its Monitoring and Logging Expert Group), focusing on improving the security of Industrial Control Systems.
My Research Interests
My Research Interests
My research interests mainly lie within network security and digital forensics. These research areas are further underlined by an interest for honeypots, industrial control systems and software-defined-networking. Due to the nature of industrial control systems, a need for specific security measures has emerged, specifically one that has minimal interference with the devices itself. Digital forensics fits perfectly within security, as it supports us to obtain valuable information from (infected) systems.
Further interests lie within the aspect of cyberspace and its relation to national security and international relations as these are of importance to consider within the critical infrastructure environment. The emergence of cyberspace as a new domain of warfare and criminal activity has brought many questions with it and exposes nations to a range of new threats. One of the major threats in this area is CNI, which I want to focus on from both a technical and socio-technical aspect. This calls for further research into the aspects of cyberspace, how they might interfere within these areas, and how we can effectively mitigate them. A final area of interest is situated within the educational sphere and how the teaching of computing has to adapt and grow with the evolution of technology.
Current Research
Current Research
My current research focuses on the adoption of honeypots to effectively secure industrial control systems without interfering with the system itself. This research mainly focuses on network-level security and the IT environment to which the OT systems are attached. Additionally, I am looking into critical infrastructure as a whole with a keen interest in space.
Publications
Publications
Maesschalck, S. (2024). Critical thinking: The code to crack computer science education. Journal of Information Technology Education: Innovations in Practice, 23, Article 13. [DOI]
Staves, A., Gouglidis, A., Maesschalck, S. & Hutchison, D. (2024). Risk-based safety scoping of adversary-centric security testing on Operational Technology. Safety Science, 174, 106481. [DOI]
Maesschalck, S., Fantom, W., Giotsas, V., & Race, N. (2024). These aren’t the PLCs you’re looking for: Obfuscating PLCs to mimic Honeypots. IEEE Transactions on Network and Service Management. [DOI]
Maesschalck, S. (2024). Gentlemen, you can’t fight in here. Or can you?: How cyberspace operations impact international security. World Affairs, 187 (1), 24-36. [DOI]
Derbyshire, R., Maesschalck, S., Staves, A., Green, B., & Hutchison, D. (2023). To me, to you: Towards Secure PLC Programming through a Community-Driven Open-Source Initiative. 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 358–362. IEEE. [DOI]
Staves, A., Maesschalck, S., Derbyshire, R., Green, B., & Hutchison, D. (2023). Learning to Walk: Towards Assessing the Maturity of OT Security Control Standards and Guidelines. 2023 IFIP Networking Conference (IFIP Networking), 1–6. IEEE. [DOI]
Maesschalck, S., Bradbury, M., & Giotsas, V. (2023). Into the Heat of the Debate: Simulating a Program Committee Within Computer Science Education. 2023 IEEE Global Engineering Education Conference (EDUCON), 1–5. IEEE. [DOI]
Maesschalck, S. (2023). Next-Generation Industrial Control System (ICS) Security: Towards ICS Honeypots for Defence-in-Depth Security. Lancaster University. (Doctoral Thesis). [PDF]
Maesschalck, S., Staves, A., Derbyshire, R., Green, B., & Hutchison, D. (2023). Walking under the ladder logic: PLC-VBS: a PLC control logic vulnerability scanning tool. Computers & Security, 127, 103116. [DOI]
Maesschalck, S., Giotsas, V., Green, B., & Race, N. (2022). Don’t get Stung, Cover your ICS in Honey: How do Honeypots fit within Industrial Control System Security. Computers Security, 114, 102598. [DOI]
Miller, T., Staves, A., Maesschalck, S., Sturdee, M., & Green, B. (2021). Looking back to look forward: Lessons learnt from cyber-attacks on industrial control systems. International Journal of Critical Infrastructure Protection, 35, 100464. [DOI]
Maesschalck, S., Giotsas, V., & Race, N. (2021). World Wide ICS Honeypots: A Study into the Deployment of Conpot Honeypots. Seventh Annual Industrial Control System Security (ICSS) Workshop. [PDF]
Maesschalck, S., Giotsas, V., Green, B., & Race, N. (2020). Honeypots for Automatic Network-Level Industrial Control System Security. 14th EuroSys Doctoral Workshop. [PDF]
Maesschalck, S., Giotsas, V., Green, B., & Race, N. (2020). HoneyPlant: A Distributed Hybrid Honeypot System for ICS Security. Fifth Annual UK System Research Challenges Workshop. [PDF]
Activities
Activities
Speaker,
STEELCON 2025
Invited Speaker,
ISA OT Cybersecurity Summit 2025
Speaker,
CISO Inspired Summit UK North 2025
Speaker,
Scot-Secure 2025
Speaker,
Hackademia 2025
Participant,
Hackers in the House 2024
Speaker,
RITICS FEST 2024
Speaker,
ESA Security for Space Systems (3S) 2024
Speaker,
SANS ICS UK Summit 2024
Invited Speaker,
CyberTek 2024
Speaker,
Security Lancaster Seminar Series
on Surveilance (2022-2023)
Speaker,
Behavioural and Social Sciences in Security (BASS) 2022 Conference
Invited Speaker,
ENERGUS Cyber Exercise 2022
Invited Speaker,
What Works: Evidence-Based Policing Conference
(Cumbria Constabulary) 2022
Invited Speaker,
ENERGUS Cyber Excersise 2020
Reviewer Activities
Reviewer Activities
Computers & Security
IEEE Transactions on Network and Service Management
IEEE Communications Magazine
Applied Computing and Informatics
Annual Reviews in Control
International Journal of Information Security
Postgraduate Pedagogies
IEEE Frontiers in Education Conference 2022
IEEE Frontiers in Education Conference 2023
IEEE Frontiers in Education Conference 2024
Cogent Engineering
Page updated
Google Sites
Report abuse