This internship has been made possible thanks to my university program and the Cardiff University.
On April 7th of 2025, I started working at the Cyber Innovation Hub. My goal there was to learn as much as possible on Cyber security in Operational Technologies, as this was the whole subject of the internship. On my first day there, I met with the whole tech team: Vijay, Surabhi, Ashish, Vignesh, Tanay and Ben, but also with the other teams of the company: operations, partnerships & talent.
My first missions were to understand how the company was organized, what technologies were used, how the team works and what my job will be for the next 10 weeks. So I watched and learned from them, how the ProxMox Ludus was setup, who was specialized on what part, how the testbeds were made, etc and, as it was my first work experience, I really discovered everything there for the first time. It probably took me a week to go through everything I will have to handle, from the simulations in the ProxMox to the small arduinos controlling the screen in the presentation room.
My Missions
Then, I had my first mission: working on the GRFICS implementation. You can get more information reading the blog post, but a quick summary would be that the GRFICS is a simulation of a factory that has vulnerabilities. The goal of the simulation is to act like an attacker, find the vulnerabilities, and make the factory explodes. The idea is that you learn how to spot the vulnerabilities in a cyber environment, and find a way to correct them so that the next time someone is trying to exploit them, they hit a wall. Wall you've set up because you've already gone there when trying to penetrate your own network.
Once that was done, I had already learn a lot about cybersecurity: PLCs, modbus commands, man-in-the-middle attacks, how to use WireShark on Kali OS, etc but also on virtualisation. Once I understood how the GRFICS worked, I was assigned to set it up on a ProxMox Ludus server we had. The goal of this installation is for when the CIH host courses on response to cyber incident, where they can train teams to learn how an incident is going, how they can react and finally how they can learn from it.
After that, I worked on a small project multi-vlc, and then I tackled the next big project: the Cardiff Metro Railway Emulator. This project emulates a metro railway, and how it can be attacked from an outside attacker. As I won't dive in more deeply here, you can read more about the project itself in the blog post associated. Finally, I worked on a bottle filling simulator project, that could be attacked as the other ones, but this project was smaller and less significant than the 2 above so I didn't write about it on my website.
The benefits
This internship helped me understand how company works, how I can integrate a team, find my place and get ready to work as fast as possible. I obviously learned a lot of hands on skills there, that I wouldn't have learn in any studies. My English improved a lot too, I became more confident and improved my understanding a lot, because welsh people do have an accent. It also made me realized how much I would like to live in the UK: I loved the mood of the city, the people there were wonderful, the fact that you are in a foreign country, everything was amazing !
If you want to learn more in details what I did during this internship, you can find the slides of my presentation right here.