Authors: Valentina Del Rio / PLURIBUS and Cédric Gouy-Pailler / CEA
In this interview, Cedric Gouy-Pailler, Head of Laboratory at CEA, shares insights into his work in signal processing and machine learning, as well as his role as coordinator of the KINAITICS project. He discusses how KINAITICS integrates AI and cybersecurity to combat cyber-kinetic threats through advanced anomaly detection, real-world threat simulations, and human-in-the-loop validation. Gouy-Pailler highlights the project’s innovative approaches, including reinforcement learning for malware defense and secure monitoring of critical sectors like healthcare, nuclear facilities, and railway systems. With a strong focus on automation, adaptability, and collaboration across Europe, KINAITICS is shaping the future of cybersecurity by creating resilient, AI-driven defense mechanisms.
Can you briefly introduce yourself and your role at CEA
Hello, I’m Cedric Gouy-Pailler. I am a senior expert in signal processing and machine learning systems with experience in developing advanced methods for statistical signal processing, including electroencephalography (EEG) signal denoising, dictionary learning, and robust classification. At the Commissariat à l’énergie atomique et aux énergies alternatives (CEA), I serve as Head of Laboratory (Distributed and Embedded Artificial Intelligence for Measurements Systems), where I coordinate projects like the KINAITICS project and the REDEEM Project (funded by ANR in France, within the France 2030 government initiative). In this role, I work with interdisciplinary teams that bridge the physical and cyber domains, integrating artificial intelligence with cybersecurity to build resilient and trustworthy systems for our increasingly interconnected digital landscape.
What are your main responsibilities as the coordinator of KINAITICS?
As the coordinator of the KINAITICS project, my key responsibility is to ensure that our research advances in line with the project’s scientific objectives as defined in the grant agreement. This advanced research project involves a consortium of multiple teams and partners from various European Union countries, and I work with them to integrate their diverse expertise. With the coordinating team, we monitor risks and adapt our strategy in response to new obtained results and emerging challenges, ensuring that our collaborative efforts remain aligned with our goals.
How did you get involved in the KINAITICS project?
I became involved in the KINAITICS project through my work at the intersection of machine learning, and cybersecurity. It all came back to 2021, when we recognized the opportunity to set up a project on this topic following exchanges initiated within the STARLIGHT project. When the call for proposals HORIZON-CL3-2021-CS-01-03 was announced, it aligned perfectly with our ambitions. The chance to work with a diverse consortium of multiple teams and partners from various European Union countries made the opportunity even more compelling.
KINAITICS is described as a cutting-edge project in cybersecurity. Can you give us an overview of its core technology and how it stands out from existing solutions?
KINAITICS integrates artificial intelligence and machine learning with robust cybersecurity protocols to tackle sophisticated cyber‐kinetic threats. At its core, the project creates sandboxed environments that mimic production systems—ranging from railway health monitoring to complex IT infrastructures in healthcare. This enables us to test defensive mechanisms under a variety of challenging scenarios. Our solution employs a multi-layered approach. On one hand, we deploy intelligent anomaly detection tools that continuously monitor data streams for subtle signs of cyber attacks, such as man-in-the-middle interventions or unauthorized data manipulations. On the other, we integrate human oversight to rapidly validate and adjust the system’s responses in real time.
What are the key technological components that power KINAITICS? Are there any breakthroughs in AI, data analysis, or automation that make this project unique?
KINAITICS works at the intersection of machine learning and cybersecurity. For example, one of our work focuses on bridging the gap between conventional feature-space adversarial training and the real-world problem-space in which adversaries operate. In the specific context of attacking malware detection systems, traditional gradient-based approaches often yield perturbations that are mathematically sound but infeasible in practice. In “How to Train your Antivirus: RL-based Hardening through the Problem Space” by Ilias Tsingenopoulos et al. (2024), the authors introduce AutoRobust—a reinforcement learning–based framework that generates adversarial examples directly in the problem-space. By ensuring that every modification to a dynamic analysis report maintains the original functionality of the malware, AutoRobust overcomes the inherent limitations of gradient-based methods. Their experiments demonstrate that, after several adversarial retraining iterations, the attack success rate can drop to nearly 0%, effectively hardening the model against realistic evasion tactics. This is an example of breakthroughs we are seeking in the KINAITICS project.
How does KINAITICS balance automation with human expertise?
KINAITICS balances automation with human expertise by integrating advanced machine learning techniques with human oversight. For example, in one scenario involving the simulation of nuclear facility operations using the URANIE platform, our system automatically monitors the simulation process to detect anomalies that could indicate an attack. When the automated defense tool flags a potential anomaly—such as an unusual alteration in input parameters—it doesn’t act on its own. Instead, the alert is forwarded to an expert operator who reviews the flagged data. The human expert then determines whether the anomaly is a genuine threat or a false positive, and their feedback is used to adjust the system’s thresholds and retrain the model as needed. This combination of real-time automated detection with expert validation ensures that our defenses remain both scalable and contextually accurate, effectively bridging the gap between automation and human judgment.
Which industries or sectors can benefit the most from KINAITICS? Are there any ongoing pilot projects or real-world implementations?
Currently, we’re demonstrating our tools in sectors such as healthcare, where we’re testing defenses against phishing attacks on electronic health records; in nuclear plant simulations, where we monitor simulation inputs to detect potential tampering; and in railway safety monitoring, where we ensure that the systems controlling rail operations remain secure. These pilot projects are helping us fine-tune our approach, and as we move forward, we plan to expand our solutions to additional sectors based on the feedback and results we gather.
If you had to summarize KINAITICS in one sentence, how would you describe its impact on the future of cybersecurity?
KINAITICS is a forward-thinking cybersecurity initiative that harnesses advanced machine learning and realistic threat simulations to build robust, adaptive defense systems for critical infrastructures, paving the way for a safer digital future.