Zero-Knowledge Risk Architectures & AI Evaluation for Critical Infrastructure

Research Overview

1. Problem Statement

Critical infrastructure organisations face a fundamental dilemma: they must analyse and share information about their vulnerabilities and risks to improve collective security, yet this very information becomes a high-value target for adversaries. Current approaches rely on trusted central authorities (government agencies, sector ISACs) to aggregate and analyse risk data, creating single points of failure.

Simultaneously, AI-based tools are increasingly proposed for security risk assessment, but their reliability, consistency, and potential biases in safety-critical contexts remain poorly understood. There is no systematic empirical foundation comparing human expert judgment with AI capabilities, nor comprehensive benchmarking across different AI models for critical infrastructure scenarios.

"How can a society analyse its greatest risks — without those risks becoming its greatest vulnerability?"

2. Research Gap & Novelty

While prior work has addressed secure multi-party computation and privacy-preserving protocols, and separate research streams have evaluated AI capabilities in various domains, no work to date has formally integrated cryptographic confidentiality guarantees with empirical AI evaluation in the context of adversarially sensitive risk information.

Existing zero-knowledge architectures focus on financial transactions or identity verification, not on collaborative threat intelligence. Similarly, AI benchmarking in security contexts lacks formal analysis of what happens when the assessment process itself becomes an attack vector. This research addresses both gaps simultaneously and explores their intersection.

To the best of our knowledge, no existing work formally combines cryptographically enforced confidentiality architectures with systematic, cross-model AI evaluation for adversarially sensitive risk information in critical infrastructure contexts.

Core Novelty

This work is the first to formally combine zero-knowledge risk architectures with empirical, cross-model AI evaluation for adversarially sensitive critical-infrastructure data.

3. Research Tracks

Track A

Cryptographic Architectures for Confidential Risk Aggregation

This work investigates formal cryptographic models for handling adversarially sensitive risk information without requiring trust in a central authority. The term "zero-knowledge" is used here in the architectural and information-theoretic sense (not limited to formal ZKP constructions): minimizing information disclosure about individual vulnerabilities while enabling aggregate risk assessment. The research employs secure multi-party computation (MPC), functional encryption, and information-theoretic analysis to establish provable security guarantees.

Research Hypotheses:

H1: Zero-knowledge risk aggregation protocols can achieve IND-CCA security while maintaining practical computation overhead (< 10× vs. plaintext)
H2: Information leakage in decentralized architectures is quantifiably lower than in centralized models under realistic adversary capabilities (Dolev-Yao)
H3: Forward secrecy and post-compromise security can be maintained even when a subset of parties is compromised

Cryptographic Primitives & Techniques:

Homomorphic encryption · Attribute-based encryption · Zero-knowledge proofs (zk-SNARKs) · Secure multi-party computation · Differential privacy · Information-theoretic security bounds · STRIDE threat modeling · Dolev-Yao adversary model

The research aims to establish formal security proofs, develop architectural designs with provable confidentiality guarantees, and evaluate breach scenarios through simulation-based analysis comparing centralized versus decentralized information leakage.

Track B

Empirical Evaluation of AI-Based Risk Assessment in Safety-Critical Contexts

This work evaluates whether large language models can provide reliable risk assessment in critical infrastructure contexts through systematic empirical analysis, using controlled experimental designs and statistical hypothesis testing.

Research Hypotheses:

H1: AI models exhibit systematically lower inter-rater reliability (Cohen's κ < 0.6) compared to human experts (κ > 0.75) in complex risk scenarios
H2: Model outputs demonstrate statistically significant bias toward recently-trained threat patterns, failing to generalize to novel attack vectors
H3: Ensemble methods combining multiple AI models achieve higher accuracy and calibration than any single model
H4: Hybrid human-AI evaluation frameworks reduce false negative rates by > 30% compared to pure human or pure AI assessment

Evaluation Framework:

Controlled experimental design · Statistical hypothesis testing · Inter-rater reliability (Fleiss' kappa, Krippendorff's alpha) · Calibration analysis · Adversarial robustness testing · Bias detection (demographic, temporal, domain-specific) · Explainability metrics (SHAP, attention analysis)

The research aims to develop a standardized benchmark dataset of critical infrastructure risk scenarios (n > 100), conduct controlled experiments with human security experts (n > 30) and multiple large language models (ChatGPT, Claude, LLaMA, Gemini, Mistral), and perform statistical analysis to evaluate the stated hypotheses.

4. Methodology & Scientific Rigor

Track A — Formal Methods:

Formal cryptographic modeling using provable security framework (game-based security definitions)
Design and correctness proofs for zero-knowledge protocols with IND-CCA and forward secrecy guarantees
Simulation-based security evaluation under Dolev-Yao adversary model
Information-theoretic leakage quantification using entropy-based metrics
Computational complexity analysis and performance benchmarking (asymptotic bounds, concrete measurements)

Track B — Empirical Methods:

Development of standardized risk assessment scenarios derived from real-world critical infrastructure incidents
Controlled experimental design with human security experts (n > 30, stratified by domain expertise)
Systematic evaluation protocol for large language models (standardized prompting, temperature control, multiple runs)
Quantitative metrics: classification accuracy, precision, recall, F1-score, inter-rater reliability (Fleiss' κ, Krippendorff's α)
Statistical hypothesis testing (t-tests, ANOVA, non-parametric alternatives) with Bonferroni correction for multiple comparisons
Qualitative failure analysis using thematic coding and grounded theory approaches

Reproducibility & Scientific Rigor:

Pre-registration of hypotheses and experimental protocols prior to data collection
Open evaluation protocols with detailed documentation of all experimental parameters
Public release of benchmark datasets with reproducibility packages (code, prompts, analysis scripts)
Independent replication explicitly encouraged; all materials designed for third-party validation

5. Integration & Convergence

The two research tracks converge in investigating an integrated evaluation framework for secure, AI-assisted risk assessment systems. Track A establishes the cryptographic foundation ensuring that sensitive risk data can be processed collaboratively without centralized trust assumptions. Track B provides empirical evidence determining which AI capabilities can be reliably integrated and where human oversight remains necessary.

Joint research activities include: (1) development of shared evaluation scenarios with controlled information disclosure levels, (2) formal analysis of security-usability trade-offs in human-AI-crypto systems, (3) architectural framework design demonstrating provable security properties while incorporating empirically validated AI assessment capabilities, and (4) evaluation of the combined system under realistic threat scenarios.

Joint PhD Candidates

Andreas Bernhard

Security Architect, Swiss Armed Forces (Cyber Command)

Former OT/ICS Security Architect at SBB and Siemens (railway & infrastructure)
Lead architect for FRMCS/5G security, network segmentation, secure remote access, and intrusion detection systems
Expert in IEC 62443, TS 50701, Zero-Trust architectures, and post-quantum cryptography readiness
ETH Zürich DAS in Cyber Security, MSc Computer Science (focus: end-to-end encryption, trusted computing)
CISSP, CISM, CISA, CCSP, CEH (Master), ISA/IEC 62443 Cybersecurity Expert, ISO 27001 & 42001 Lead Auditor

Mathias Pfister

Deputy Information Security Officer, SBB Infrastructure Division

Leads cyber risk assessments for safety-critical OT systems (IEC 62443, TS 50701)
25+ years of experience in critical infrastructure, safety, and security engineering
Extensive background in international safety, risk management, and OT security projects
MSc in Advanced Computer Science (University of Liverpool)
CISSP, CISA, CCSP, CEH (Master), ISA/IEC 62443 Cybersecurity Expert, ISO 27001 & 42001 Lead Auditor, PMP, PSPO I

Both researchers focus on the intersection of cryptography, critical infrastructure protection, and AI-assisted risk analysis.

Role Distribution

Researcher A — Zero-Knowledge & Cryptography

Main Focus Areas

Formal cryptographic model for risk data confidentiality
Design of zero-knowledge / end-to-end encrypted architectures
Multi-party key management and cryptographic access control
Definition of information leakage functions
Formal threat modelling (STRIDE, Dolev-Yao, etc.)

Research Domain

Applied Cryptography • Systems Security • Zero-Trust Systems • Secure Multi-Party Data Models

Key Outputs

Formalized Zero-Knowledge model for risk data
Cryptographic architecture for collaborative risk management
Information leakage comparison models
1–2 academic papers (crypto/systems focus)

Researcher B — AI & Risk Assessment

Main Focus Areas

Human vs. AI comparison in critical infrastructure risk assessment
AI vs. AI benchmarking (ChatGPT, Claude, LLaMA, Gemini, Mistral, etc.)
Evaluation of accuracy, consistency, explainability
Bias, variance and robustness analysis
Design of controlled experimental environments

Research Domain

AI for Security Analysis • Decision Science • LLM Evaluation • Cyber Risk Assessment

Key Outputs

Benchmark dataset for CI risk scenarios
Human vs AI empirical study
AI vs AI comparative analysis
1–2 academic papers (AI & risk focus)

Joint Responsibilities

Both researchers will collaborate on:

• Design of shared critical infrastructure scenarios

• Definition of evaluation methodology and metrics

• Integration of cryptographic and AI pipelines

• Ethical review and governance framework

• Co-authorship of joint publications

• Conference presentations and workshops

PhD Research Timeline

48 Months · Two parallel dissertations · Joint publications

Year 1

Months 1–12

Problem Formalization & Foundations

Literature review · Coursework · Formal model development · Pilot studies · Initial framework design · Hypothesis formulation

Year 2

Months 13–24

Prototyping & Data Collection

Cryptographic architecture design · Security proofs · Controlled experiments · Dataset development · First publications (conferences)

Year 3

Months 25–36

Formal Verification & Model Comparison

Correctness proofs · AI model benchmarking · Statistical hypothesis testing · Integration of both tracks · Additional publications (journals)

Year 4

Months 37–48

Consolidation, Publications & Thesis

Comprehensive system evaluation · Final statistical analysis · Dissertation writing · Final publications · Defense preparation

Expected Research Output

3–4 peer-reviewed publications (top-tier conferences: IEEE S&P, USENIX Security, CCS; journals: TDSC, TIFS)
2 PhD dissertations with distinct but complementary contributions
Open benchmark dataset for critical infrastructure risk assessment (published with reproducibility package)
Formal cryptographic architecture specification with security proofs

Expected Scientific Contributions

A new cryptographic model for handling adversarially sensitive information
Formalised confidentiality framework for risk and vulnerability data
Large-scale empirical comparison of AI vs human risk assessment
Benchmark for AI models in safety-critical decision contexts
Foundations for secure AI-augmented risk management systems

Long-Term Impact

The combined results aim to inform:

Policy & Strategy

Next-generation critical infrastructure protection strategies
National cybersecurity frameworks

Security & Intelligence

Secure information-sharing in defence and intelligence contexts
Design of future zero-trust, AI-augmented systems

Central Research Question

"How can a society analyse its greatest risks — without those risks becoming its greatest vulnerability?"