King's College London

King’s computer scientists are collaborating with ControlPlane, a leading UK cloud native and cybersecurity consultancy, to develop next-generation cloud security capabilities.

The new approach aims to better secure Kubernetes, a platform used by up to 70% of organisations around the world to run containerised workloads at scale.

The two-year Knowledge Transfer Project (KTP) aims to translate extensive research from academia into a new automated tool for identifying and assessing Kubernetes misconfigurations, making cloud native security more robust, easier and cost-efficient for businesses.

Professor of Computer Science and expert in cybersecurity, Luca Viganò will lead the project from King’s, partnering with Francesco Beltramini, Head of Technical Solutions at ControlPlane, and Dr Mario Lilli, the Research Associate. Dr Fabio Pierazzi, Associate Professor in Information Security at UCL, and formerly at King’s, also joins the team.

Kubernetes is used by over 70% of Fortune 100 companies and has become the de facto standard for container orchestration across critical national infrastructure sectors globally, including healthcare, energy, and finance.

It is also widely adopted across public sector organisations, with strong uptake in countries like the UK, where the government and NHS leverage it for secure, scalable cloud native services.

Francesco Beltramini, from ControlPlane, said, “with new threats emerging all the time, as we can all attest to from news headlines, it is vital we’re one step ahead in advancing security technologies to protect critical infrastructure built open source platforms like Kubernetes.”

“Collaborating with King’s allows us to innovate to find the next big break through, in a way that’s financially sustainable for the company, thanks to the KTP scheme.”

Existing methods to ensure Kubernetes security depend heavily on human expertise through curated databases of threats, known misconfigurations, and attack patterns. This manual, reactive approach is inherently limited: it struggles to keep pace with the rapid evolution of threats and a widening attack surface, increasing the risk of oversight and leaving critical cloud native infrastructure vulnerable to exploitation.

The partnership enables the development of a new approach based on “formal methods”, which provide rigorous mathematical models to build and analyse the security of software and hardware systems. Formal methods are widely used in academia but only rarely deployed in industry, and not at this scale.

Professor Luca Viganò, Department of Informatics at King’s, said, “At the moment, when it comes to cybersecurity, companies typically only consider known threat paths or attacks – and this is largely down to the experience of the consultant.”

“Developing and implementing an approach based on formal methods will enable us to automate threat assessment. Built into the cloud stack itself, this embedded solution will continuously scan for vulnerabilities and weak configurations, enumerating established and new risks.

“This automation reduces the burden on human effort and potentially marks a huge step forward for Control Plane, and the cybersecurity sector as a whole.”

The KTP scheme enables R&D for businesses, thanks to co-funding from the UK government. Aimed at encouraging collaboration between businesses and universities, the partnership also provides research and industry experience to a suitably qualified graduate – the ‘KTP Associate’ - who project manages the venture.

Francesco said: “our project has the potential to significantly transform how organisations secure their critical cloud infrastructure. The KTP scheme uniquely enables us to apply cutting-edge, research-backed methods from academia in developing this new tool, while allowing us to maintain our independence as a company, without relying on venture capital funding.”

“At the end of this KTP, ControlPlane will possess unique security-assessment methodologies and tooling, strengthening our reputation as differentiators and innovators.”