Sahiti Bommareddy's Award-Winning Research Fortifies Critical Infrastructure Against Compound Threats

0 5 13 minutes read

sahiti-bommareddy's-award-winning-research-fortifies-critical-infrastructure-against-compound-threats — Sahiti Bommareddy's Award-Winning Research Fortifies Critical Infrastructure Against Compound Threats

The systems underpinning modern society – power grids, water treatment facilities, and transportation networks – are increasingly reliant on complex, interconnected digital controls. This integration, while offering efficiency, also exposes critical infrastructure to a growing array of sophisticated cyber-physical threats.

Ensuring the dependable operation of these vital services in the face of both malicious attacks and unpredictable system failures presents a formidable challenge. Addressing these issues requires cutting-edge research into system reliability and security, work often highlighted at specialized academic forums like the International Symposium on Reliable Distributed Systems (SRDS), a premier venue known for its focus on dependability, security, and fault tolerance in distributed computing.

At the forefront of tackling these complex challenges is Sahiti Bommareddy, a Ph.D. Graduated with a Computer Science from Johns Hopkins University. Working within the university’s renowned Distributed Systems and Networks Lab under the guidance of Dr. Yair Amir, her research delves into the dependability, resiliency, and security of distributed systems, with a particular focus on critical infrastructure protection.

Bommareddy specializes in designing systems capable of withstanding Byzantine failures – scenarios where system components may fail or act maliciously due to compromise, ensuring operational continuity even during cyberattacks. Her work also incorporates advanced machine learning techniques to enhance intrusion detection and system reliability.

This dedication to advancing the field was recently recognized with a Best Paper Award at the 43rd SRDS, honoring her innovative work on a particularly advanced and sophisticated category of threats known as compound threats; these are evolving cyberattacks strategically launched during or in the aftermath of natural disasters. Natural disasters already degrade or disable parts of the system, creating inherent vulnerabilities. Adversaries exploit this weakened state to launch targeted cyberattacks, which can lead to compounded disruptions, system instability, and large-scale failures.

A milestone recognition: The SRDS best paper award experience

Receiving the Best Paper Award at the 43rd International Symposium on Reliable Distributed Systems (SRDS) marked a significant moment for Bommareddy, representing validation from a highly respected community dedicated to the intricacies of system reliability.

SRDS has long been recognized as a competitive and influential conference, bringing together researchers and practitioners focused on the dependability and security aspects of distributed systems design and evaluation.

The award specifically recognized research introducing a novel threat model that captures the complex interplay of malicious cyber activity and system availability disruptions – a concept termed “compound threats.” For Bommareddy, the honor was deeply personal.

“Receiving the Best Paper Award at the 43rd International Symposium on Reliable Distributed Systems (SRDS) was an incredibly meaningful moment in my research journey,” she shared. “Personally, the recognition felt validating. It was the result of many years spent trying to bridge a gap: How do we design systems that don’t just tolerate faults in the abstract but sustain correctness and performance under realistic, adversarial conditions?”

This pursuit aligns closely with the research ethos of the JHU DSN lab, which emphasizes building practical, deployable, and provably correct systems with real-world impact. Beyond personal validation, the award carried significant professional weight, amplifying the visibility of Bommareddy’s research program.

It drew attention to her work on designing systems capable of withstanding sophisticated attacks, particularly within the demanding context of critical infrastructure like the power grid. This includes practical implementations such as Spire, an open-source intrusion-tolerant SCADA system, and related research efforts.

The recognition served as a catalyst, fostering new connections and reinforcing the value of her research direction. “Professionally, it helped elevate visibility for the broader line of work, including Spire, which brings these resilient principles into real-world deployment contexts,” Bommareddy explained.

“The award sparked new conversations and collaborations, and it reaffirmed that pushing the boundaries of what should be modeled in distributed systems can lead to meaningful impact. Ultimately, it reinforced my commitment to developing systems that don’t just fail gracefully – but rarely fail at all.”

This experience underscores how prestigious awards can act as crucial bridges, translating academic excellence into wider recognition and potential real-world application.

Unpacking innovation: Addressing compound threats in distributed systems

The field of reliable distributed systems has long grappled with the challenge of Byzantine faults – scenarios where components of a system may fail arbitrarily or behave maliciously, potentially due to a cyberattack. Byzantine fault tolerance mechanisms aim to enable a system to reach agreement and continue operating correctly despite a limited number of such faulty components, often denoted as “f.”

However, traditional BFT models often focus primarily on adversarial actions, sometimes overlooking other types of system stress. The core innovation of Bommareddy’s award-winning paper lies in formally defining and addressing “compound threats,” a more complex and realistic threat landscape for critical infrastructure.

“The awarded work focused on a new threat model of compound threats, capturing that the nuanced and realistic overlap between Byzantine behavior and system availability issues is novel, has never been formalized or researched in prior literature,” Bommareddy stated. This model explicitly considers scenarios where Byzantine faults, such as those resulting from a sophisticated cyberattack, occur concurrently with or in the aftermath of events causing widespread availability disruptions, like natural disasters.

The research demonstrated the applicability of these concepts by assessing their impact on real power infrastructure topologies in Hawaii and Florida. The paper’s contribution extends beyond just defining the threat model.

It introduced a formal framework capturing the consequences of these overlapping threats on system correctness and performance, presented theoretical results including impossibility findings and lower bounds that illuminate fundamental trade-offs, and proposed a protocol designed to tolerate both Byzantine faults and availability issues simultaneously while providing safety and liveness guarantees within bounded resources.

“This work contributes to distributed systems by expanding the design space for fault-tolerant protocols to be more realistic and applicable,” Bommareddy noted. “In the cybersecurity domain, it helps system designers’ reason more precisely about what kinds of attacks their systems are vulnerable to – and how to defend against combinations of faults that were previously treated in isolation.”

“It’s particularly valuable for infrastructure domains like the power grid, where adversaries don’t limit themselves to a single mode of attack – and where system behavior under stress needs to be both predictable and resilient.” This resonates with the growing focus by agencies like CISA (Cybersecurity & Infrastructure Security Agency), arising from the convergence of cyber and physical threats to critical infrastructure.

The development of tools like the Compound Threat Analyzer alongside this research further signifies a move towards more rigorous, data-centric methods for assessing resilience against these multifaceted threats.

Distinguishing research in a highly competitive arena

The International Symposium on Reliable Distributed Systems (SRDS) is known for its selectivity and rigorous peer-review process. Acceptance rates at premier computer science conferences, including those in distributed systems, are often low, reflecting the high volume of submissions and the demanding quality standards.

Earning a Best Paper Award in such a competitive environment signifies exceptional quality and contribution. Bommareddy attributes the distinction of her research to a potent combination of realism, theoretical rigor, and practical relevance.

The work tackled a critical, real-world gap often overlooked in system design: the simultaneous occurrence of Byzantine faults and availability disruptions, formalized as compound threats. “First, we addressed a gap that many systems overlook: the coexistence of Byzantine faults and availability issues, which we formalized as compound threats,” she explained.

“This more nuanced model reflects the reality in high-stakes systems like the power grid, where faults don’t happen in isolation, and attackers often exploit that overlap.” Crucially, the novel threat model was supported by robust theoretical foundations, including proofs of impossibility bounds and trade-offs, lending depth and credibility to the proposed solutions.

This theoretical strength was complemented by a clear focus on practical applicability, shaped significantly by Bommareddy’s hands-on experience developing and evaluating real-world systems like Spire, an intrusion-tolerant SCADA system designed for the demanding environment of power grids. “Second, we backed the model with tight theoretical results, showing not just protocol design, but also impossibility bounds and trade-offs.

This balance of foundational theory and practical implications made the work broadly relevant, not just to distributed systems researchers but also to those focused on cybersecurity and real-world dependability,” Bommareddy reflected.

“Having worked on systems like Spire, I brought a perspective shaped by what it takes to build something that survives real-world faults, not just lab conditions. I think that focus on applicability and system behavior under real adversarial stress helped the paper resonate.”

This effective blend of addressing a timely, under-formalized problem with both theoretical depth and practical grounding likely positioned the research favorably within the competitive landscape of SRDS, aligning with qualities often associated with impactful and award-winning work.

Elevating visibility: Impact on academic and professional standing

Recognition through her research opened doors to new opportunities and collaborations. For Bommareddy, the SRDS award served precisely this function, boosting her standing within both academic circles and relevant professional communities.

Within academia, the award focused attention not only on the specific concept of compound threats but also illuminated her broader research trajectory concerning Byzantine-resilient systems, particularly their application to critical infrastructure protection. “In academia, it helped draw attention not just to the compound threat model itself, but to the broader line of research I’ve been pursuing on Byzantine-resilient systems – especially in the context of critical infrastructure like the power grid,” she noted.

“It sparked invitations to give talks, serve on program committees, and collaborate with researchers who are thinking about fault tolerance from adjacent angles – whether in cloud systems, control centers, or cybersecurity.” The award’s impact extended beyond academia, lending significant credibility to the practical potential of the techniques Bommareddy has been developing.

Validation by a leading systems community signaled to industry stakeholders that the research was not merely theoretical but grounded in sound engineering principles with potential for real-world application. This was particularly relevant for organizations operating in sectors like energy and industrial control systems, which face escalating cyber threats.

“On the professional side, the recognition gave additional credibility to the practicality of the techniques I’ve developed,” Bommareddy stated. “Companies in the energy and industrial control sectors, for example, were more open to conversations after seeing that the work was not only theoretically sound but peer-validated by a leading systems community.”

“More broadly, the award helped reinforce a reputation for bringing rigorous thinking to high-impact, real-world problems, which is something I care deeply about as both a researcher and a practitioner.” This demonstrates how such accolades function as powerful signaling mechanisms, validating research quality and relevance, and facilitating the crucial dialogue between academic innovation and industry needs, particularly in areas vital to national security and economic stability.

Catalyzing dialogue: Symposium insights and emerging research frontiers

Academic conferences like SRDS serve as vital melting pots for ideas, where formal presentations spark informal discussions that can shape future research directions. For Bommareddy, the interactions following the presentation of her award-winning paper were particularly memorable and affirming.

The work on compound threats resonated with attendees, prompting engagement and highlighting its timeliness in the context of today’s increasingly complex and interconnected systems. “What stood out to me most were the conversations that followed – people reached out with questions, insights, and even complementary directions, especially around how threat models are evolving in today’s complex systems,” she recalled.

This enthusiastic reception underscored that the research addressed a pertinent challenge faced by the community. One particularly prominent theme emerging from these discussions was the intersection of resilience techniques, like those explored in her paper, with the rapidly evolving field of artificial intelligence (AI) and machine learning (ML).

Colleagues and practitioners raised points about both the potential benefits and new challenges presented by AI in the context of system security and reliability. This aligns with Bommareddy’s research interests, which include the application of ML for cybersecurity, and reflects a growing awareness of AI’s dual role in critical systems.

“One particularly exciting thread was around the role of AI in security and resilience. Several colleagues and practitioners brought up how machine learning might help in dynamically detecting or adapting to compound threats – or, conversely, how AI itself introduces new fault surfaces that compound the challenges we modeled,” Bommareddy shared. “That intersection between formal systems research and AI-driven adaptability seems to be gaining traction, and it’s an area I’m interested in exploring further.”

“It was validating to see that the paper not only filled a theoretical gap but also helped open up new questions that are timely and impactful, especially as we think about the future of secure, intelligent, distributed systems.” The research, therefore, acts not just as a solution to a defined problem but as a catalyst, prompting exploration into next-generation challenges where traditional systems’ resilience must coexist and interact with adaptive AI/ML capabilities and their inherent complexities.

Building on success: Fostering collaboration and advancing research

High-profile recognition provides researchers with a valuable platform, but translating that potential into tangible progress requires proactive engagement and collaboration. Bommareddy views such accolades as both a “spotlight and a springboard,” creating opportunities not just for visibility but for deeper interaction with peers and industry experts.

She actively leverages this increased visibility to foster connections and advance the discourse around resilient systems. This involves participating in invited talks and panels, contributing to relevant working groups, and engaging in cross-disciplinary dialogue – essential activities for tackling complex, multifaceted problems like critical infrastructure security, which inherently requires collaboration across different domains.

“After the award, I found that people were more inclined to reach out with shared interests or complementary expertise, which naturally led to new research conversations and potential collaborations,” she explained. “I try to leverage that visibility by being proactive – whether it’s giving invited talks, participating in panels, or contributing to working groups focused on secure and resilient systems.”

“It also helps when reaching across disciplines; for example, the compound threats model resonated not just in distributed systems circles but also with folks in civil engineering, cybersecurity, and AI.” The positive reception of her work on compound threats also served to reaffirm Bommareddy’s commitment to her chosen research path – one that deliberately operates at the challenging intersection of theoretical rigor and practical deployability.

The award reinforced the value of developing solutions that are not only intellectually sound but also relevant and applicable to real-world systems facing tangible threats. This motivates her continued exploration of advanced topics like AI-augmented resilience and fault tolerance suitable for critical infrastructure grade systems.

“Within my research, the recognition reaffirmed the importance of working on problems that sit at the intersection of rigor and relevance. It’s encouraged me to keep pushing on the boundary between theoretical foundations and practical deployment – especially in areas like AI-augmented resilience and infrastructure-grade fault tolerance,” Bommareddy reflected. “Ultimately, awards like this give you a platform – but it’s the conversations and collaborations that follow that truly move the field forward.”

This perspective aligns with the collaborative spirit fostered by open-source projects like Spire and Prime, which aim to make advanced security techniques accessible and facilitate community-driven improvement.

The role of accolades in advancing critical infrastructure security

Awards bestowed at leading scientific conferences play a role that extends beyond recognizing individual achievement; they can significantly influence the trajectory and focus of entire research fields. In complex, interdisciplinary areas like critical infrastructure security, where challenges are urgent and solutions often require bridging multiple domains, such accolades serve several vital functions, according to Bommareddy.

“First, they help shine a light on emerging problems that might not yet be mainstream. In our case, the recognition brought visibility to the issue of compound threats – an area that hadn’t received much formal attention despite its real-world relevance,” Bommareddy observed. “That kind of spotlight helps shape research agendas and encourages others to build on the work.”

Secondly, awards serve to validate the importance of tackling practical, high-stakes challenges with scientific rigor. They signal to the broader community – including researchers, funding agencies, industry partners, and students – that addressing real-world problems like sustaining system operation during combined cyber and physical disruptions is not only critical but also intellectually valuable and worthy of recognition.

“Finally, I think these awards help inspire our generation of researchers. When early-career scholars see that deeply technical work with societal impact is being recognized, it reinforces that they can pursue bold, meaningful problems – and that the community values that kind of contribution.”

By highlighting research that directly addresses critical national security and societal needs, such as enhancing infrastructure resilience, these awards can help align academic pursuits with pressing global challenges and foster the talent pipeline needed to address them.

Measuring true impact: From theory to deployed resilience

While awards offer significant validation, Bommareddy measures the ultimate success and impact of her research by a different yardstick: its translation into tangible, real-world improvements in system resilience. The true goal extends beyond academic publications and accolades to seeing the underlying principles and developed systems deployed and proven effective in operational environments, facing genuine adversarial conditions.

This focus on the complete innovation lifecycle, from theoretical conception to practical application and sustained performance, defines her perspective on meaningful contribution. “For me, success looks like systems getting deployed in the field – not just surviving lab demos but sustaining correctness and performance under real, adversarial conditions,” she stated.

“In that sense, some of the most fulfilling moments have been seeing the principles from our work – like Byzantine resilience and compound threat modeling – make their way into testbeds at national labs or utilities or influencing how practitioners think about system design for substations and control centers.” Looking ahead, Bommareddy aims to continue operating at this crucial interface between rigorous systems research and deployable resilience solutions.

She sees a particular need for this focus as AI becomes increasingly embedded within critical infrastructure, introducing both new capabilities and potential vulnerabilities. Her goal is to contribute to the development of intelligent, fault-tolerant systems that are not merely reactive but can anticipate and adapt to failures and attacks proactively.

The development and open-sourcing of tools like Spire and Prime represent concrete steps towards this vision, providing platforms for testing, collaboration, and potential adoption of advanced resilience techniques. “Beyond deployments, I also value creating frameworks and tools that others can build on. If someone designing a next-gen SCADA system uses the compound threat model to evaluate resilience, or adapts our reconfiguration approach in a new domain, that’s impact,” Bommareddy explained.

“Looking forward, my goal is to continue working at the intersection of rigorous systems thinking and deployable resilience, especially as AI becomes more embedded in critical infrastructure. I want to help shape how we build intelligent, fault-tolerant systems that don’t just recover from failure, but anticipate and adapt to it,” Bommareddy added.

“Ultimately, I hope my legacy will be one of bridging theory and practice – bringing robustness and security to the systems that people depend on every day.” This commitment to translating research into practice via accessible tools and frameworks is a strategic approach to achieving the real-world impact she values most highly.

Bommareddy’s work represents a significant advancement in the ongoing effort to secure the critical infrastructure fundamental to modern life. Her award-winning research on compound threats introduces a vital, more realistic perspective on the challenges faced by systems like the power grid, acknowledging the complex interplay between cyberattacks and physical disruptions.

By formalizing this threat model and developing techniques to mitigate it, alongside practical contributions through open-source Byzantine-resilient tools like Spire and Prime, she is actively bridging the gap between theoretical possibility and deployable reality. Her forward-looking focus on integrating resilience with emerging AI capabilities positions her at the cutting edge of research aimed at building dependable, adaptable, and secure distributed systems capable of withstanding the evolving threats of an increasingly interconnected and complex world.