The entry level desktop DAC and headphone amp category is not short on competition, and iFi Audio knows it. With established options from Schiit Audio, FiiO, and Topping setting a high bar under $200, iFi’s new $129 ZEN Air DAC 2 arrives as a direct response. It builds on the original Zen Air with a revised DAC stage, higher output power, a balanced 4.4 mm headphone output, and a cleaner midnight blue design, all aimed at listeners who want a simple and affordable desktop upgrade without stepping into mid-tier pricing.

Designed Around A New DAC 

The ZEN Air DAC 2 uses a bit-perfect DAC from Cirrus Logic that iFi has deployed across a range of its portable products. The focus here is on stable, low noise decoding rather than shaping the sound. This is the first time that implementation has been used in one of its entry level desktop units, and any gains in clarity, dynamics, and distortion are likely to be incremental rather than dramatic. Support for high resolution formats includes PCM up to 384 kHz and DSD256, which is standard for this category.

Balanced Headphone Output 

The ZEN Air DAC 2 adds a balanced 4.4 mm headphone output, a feature previously limited to the standard ZEN series. It allows use with compatible balanced headphones, which can help lower noise and crosstalk depending on the setup. For conventional headphones, a 6.3 mm single ended output is also included.

Increased Power Output

With the addition of balanced circuitry, the ZEN Air DAC 2 offers higher output than its predecessor. iFi claims up to three times more headphone drive, which should provide better control with a wider range of headphones, especially when using the balanced output.

Rated output is ≥5.57 V / 484 mW at 64 ohms via the 4.4 mm connection, and ≥3.02 V / 286 mW at 32 ohms through the 6.3 mm single ended output.

XBass+ and PowerMatch

To provide more support for increased power output when needed, the ZEN Air DAC 2 includes two of iFi audio’s favorite analog audio features, which can be instantly toggled via the dedicated buttons on the front panel. 

• XBass+: This feature enhances low frequencies for additional energy and excitement, and is essential for restoring the bass often lost in open-backed headphones.
• PowerMatch: This features provided an additional 6dB of gain to bring hard-to-drive headphones to life.

Refined Design

Alongside the updates and added features, the ZEN Air DAC 2 includes a few practical refinements that improve day to day use, including a new midnight blue finish with a metal front panel that feels more consistent in a desktop setup, and a dedicated power button added in response to user feedback that makes it easier to control without having to disconnect cables or power sources.

Comparison

The Bottom Line 

The iFi ZEN Air DAC 2 sticks to its role as an affordable, no-nonsense entry point into desktop audio, but adds enough to stay relevant in a crowded field. The move to a revised DAC implementation, higher output power, and the addition of a 4.4 mm balanced headphone output are meaningful upgrades at this price, especially for users with harder to drive headphones or balanced cables.

At the same time, the removal of MQA support signals a shift in priorities that not everyone will miss, but some might notice. This is aimed at listeners who want a simple, compact DAC and headphone amp that can also double as a basic preamp for powered speakers, without stretching beyond a modest budget or overcomplicating the setup.

Pricing & Availability 

For more information: ifi-audio.com

Related Reading:

FiiO is pushing performance with the launch of the K17 R2R Pro, a DAC, and headphone amplifier built around a proprietary resistor ladder design and a long list of connectivity options. It follows directly on the heels of the recently reviewed K17 ($989) covered by James Fiorucci, making this the next step in a product line that’s clearly gaining traction.

That timing isn’t accidental. The one box desktop system has become one of the fastest growing segments in personal audio, driven by listeners who want a full featured DAC, and headphone amp in a single chassis without the cost, complexity, or footprint of separates. FiiO is betting that demand isn’t slowing down.

The real question, before digging into the K17 R2R Pro itself, is what you give up when everything is consolidated into one box and what you actually gain in return. Can something like this compete with well-matched separates, or is the appeal more about convenience and system flexibility?

FiiO K17 as the Reference Point

Before getting into the new K17 R2R Pro, the standard K17 matters because it already sets a serious baseline. The $989 model, which uses AKM’s AK4191 digital modulator with dual AK4499EX DACs, a fully discrete amplifier stage with ON Semiconductor MJE243 and MJE253 transistors, and up to 4 watts of balanced output power.

Specifications look impressive. Crosstalk over 119 dB, THD+N below 0.00049% at 32 ohms, and SNR above 123 dB. FiiO also uses a 35W linear power supply with five 4700µF capacitors, which is not something you see in every sub $1,000 desktop DAC and headphone amplifier.

The K17 also brings a 3.93-inch touchscreen, ESP32 S3 SoC, X2000 multi core processor, and a front panel with 1/4-inch, 4 pin XLR, 4.4mm balanced, and USB-C connectivity. At nearly 3 kg, it also feels like a proper desktop component rather than another lightweight box pretending to be one.

That matters because the K17 R2R Pro is not arriving in a vacuum. The regular K17 already made the argument for a serious desktop audio system. The new model now has to show what FiiO can improve with a resistor ladder DAC architecture, and whether that change makes the Pro feel like a real step forward instead of just another badge on the same chassis.

FiiO K17 R2R Pro: What’s Actually New?

The FiiO K17 R2R Pro moves beyond the AKM-based K17 with a proprietary 5 + 24-bit R2R PRO resistor array, giving the new model a very different DAC architecture and a more analog-leaning design brief.

Users can switch between NOS and OS modes, allowing the K17 R2R Pro to run without oversampling or with oversampling engaged, depending on the source material and listening preference.

The headphone section uses a discrete Class AB transistor current-boosting amplifier circuit rated at 4000mW + 4000mW. That gives it enough output for a wide range of headphones, from sensitive IEMs to more demanding planar designs.

FiiO is also positioning this as a complete desktop audio solution or hi-fi system hub. The K17 R2R Pro supports local playback, wi-fi connectivity, and QPlay, with dual-band 2.4GHz/5GHz Wi-Fi and Gigabit Ethernet for more stable network use.

What’s missing from FiiO at this point is information about native support for any of the major streaming platforms. Outside of support for QPlay which is confirmed, we still don’t know if Spotify Connect, TIDAL Connect, and Qobuz Connect are part of the package.

For system tuning, it includes a 31-band high-precision parametric EQ with Auto EQ support. Users can adjust PEQ settings through the FiiO Control app or a web browser and save those settings directly to the unit.

Other key features include a USB ground-loop isolator, a 35W low-noise linear power supply, a 3.93-inch touchscreen with VU meter and clock display options, and an aluminum-alloy infrared remote control.

FiiO K17 R2R Pro Connectivity

A look at the rear panel of the FiiO K17 R2R Pro makes it clear that this is designed to function as the hub of a desktop or even small two channel system.

On the digital side, you get optical in and out, coaxial in and out, USB-C, and a standard USB-A port for storage or external devices. There is also an Ethernet LAN connection for network streaming, alongside trigger in and RS232 for system integration.

Analog connectivity is just as complete. There are RCA line inputs and outputs, along with balanced XLR outputs for connecting to a power amplifier or active speakers. A 4.4mm balanced line input is also included, which is less common at this level and gives additional flexibility for portable or balanced source devices.

FiiO has also included a ground lift switch to help deal with system noise issues, which is a practical addition for desktop setups connected to multiple components.

The Bottom Line

The FiiO K17 R2R Pro stands out by replacing the standard DAC approach with a proprietary R2R ladder while keeping the all in one concept intact with streaming, DAC, and a 4W per channel Class A/B headphone amplifier. That combination of R2R architecture and full system control in a single chassis is still relatively uncommon.

The R2R design will offer a different tonality than the AKM based K17, but that does not automatically make it better. It is simply a different presentation that some listeners may prefer.

What is missing is any clear indication that it can outperform well matched separates, and pricing has not been confirmed, though it is unlikely to come in below the $989 K17.

As noted, details around the streaming platform are still limited, which is unusual for a product being positioned as a streamer. FiiO has not outlined supported services or ecosystem integration, so for now it is reasonable to assume the Wi-Fi implementation is intended for network streaming, even without Bluetooth support. We will update when we learn more.

Price & Availability

Global pricing will be announced in June 2026. However, visitors will be able to hear the K17 R2R Pro at Vienna High End starting June 4th at World of Headphones, H X4, N01.

Related Reading:

NASA released Artemis II images from Orion’s Moon-bound leg, and this interactive timeline organizing them shows how an iPhone 17 Pro Max and other onboard cameras were used throughout the mission.

Astronauts aboard Orion captured images throughout the Artemis II mission, including selfies, eclipse shots, and views of Earth through the spacecraft’s forward windows, with some images taken on an iPhone 17 Pro Max. One image titled “Thinking of You, Earth” shows a crew member silhouetted against the planet as Orion moved deeper into cislunar space.

The timeline, recently published, shows life inside the cabin, including floating group shots, strapped-in seating positions, and handheld images in microgravity. It spans multiple points in the flight alongside imagery from dedicated cameras, including Nikon systems and GoPros mounted on Orion.

Victor Glover, Jeremy Hansen, Reid Wiseman, and Christina Koch take a selfie inside Orion during Artemis II. Credit: NASA

The approach reflects how NASA approved personal devices for Artemis II. The iPhone flew as personal crew tools with wireless radios disabled and no direct connection to flight systems, secured with Velcro or stored in suit pockets during critical phases.

Photos and video routed through Orion’s onboard communication system for downlink to Earth rather than transmitting from the phones themselves. Inside the cabin, astronauts used the devices to capture what they saw during the flight.

Shuttle-era experiments briefly placed Macintosh systems close to crew workflows, where engineers studied how astronauts used software in microgravity. Later missions pushed consumer hardware out of operational contexts as certification standards tightened.

Sleeping bags inside Orion ahead of Artemis II’s lunar flyby on April 6, 2026. Credit: NASA

Artemis II brought those devices back under tightly controlled boundaries. iPhones operated alongside mission systems as crew-held devices used throughout the flight, giving astronauts a modern version of the personal logs seen in “Star Trek.”

The timeline shows how the devices were used in practice. One phone captured a view of Earth through Orion’s window, followed by a floating group selfie and a dimly lit interior shot taken during a quieter period of the flight.

Apple’s current role in spaceflight centers on documenting the mission from inside the cabin. The hardware returned with a smaller and more controlled purpose, recording daily life inside Orion during a crewed mission beyond low Earth orbit, with the timeline making that usage visible across the flight.

Save on every new M5 MacBook Air today, with a 32GB RAM spec dropping to $1,399.

Apple Premier Partner Expercom is running a sale on every M5 MacBook Air, with this 13-inch configuration with 32GB of RAM and 512GB of storage marked down to $1,399 after a $100 discount.

Save on every M5 MacBook Air

This price drop delivers the lowest price available, according to our 13-inch MacBook Air Price Guide.

If you don’t need as much RAM, you can also score deals on the standard M5 model with 16GB of unified memory, with prices as low as $949.99 ($150 off) at Apple resellers.

Here’s a rundown of today’s top deals:

13-inch MacBook Air M5 discounts

• 13″ MacBook Air M5 (16GB RAM, 512GB SSD): $949.99 ($150 off) at Amazon
• 13″ MacBook Air M5 (16GB RAM, 1TB SSD): $1,149 ($150 off) at Amazon
• 13″ MacBook Air M5 (24GB RAM, 1TB SSD): $1,349.99 ($150 off) at Amazon
• 13″ MacBook Air M5 (24GB RAM, 512GB SSD): $1,199 ($100 off) at Expercom
• 13″ MacBook Air M5 (24GB RAM, 1TB SSD): $1,399 ($100 off) at Expercom
• 13″ MacBook Air M5 (32GB RAM, 512GB SSD): $1,399 ($100 off) at Expercom
• 13″ MacBook Air M5 (32GB RAM, 1TB SSD): $1,589 ($110 off) at Expercom
• 13″ MacBook Air M5 (32GB RAM, 2TB SSD): $1,969 ($130 off) at Expercom

15-inch MacBook Air M5 savings

• 15″ MacBook Air M5, 16GB RAM, 1TB, Midnight: $1,299 ($200 off) at B&H
• 15″ MacBook Air M5, 24GB RAM, 512GB, Midnight: $1,299 ($200 off) at B&H
• 15″ MacBook Air M5, 24GB RAM, 1TB, Midnight, 70W USB-C Power Adapter: $1,499 ($200 off) at B&H
• 15″ MacBook Air M5, 24GB RAM, 1TB, Midnight, 35W Dual USB-C Port Power Adapter: $1,499 ($200 off) at B&H
• 15″ MacBook Air M5 (32GB RAM, 1TB SSD): $1,779 ($120 off) at Expercom
• 15″ MacBook Air M5 (32GB RAM, 2TB SSD): $2,149 ($150 off) at Expercom

Artificial intelligence has already embedded itself into the rhythms of modern life, shaping decisions in ways that often go unnoticed. Amy Trahey, founder of Great Lakes Engineering Group, believes that integration is exactly what makes it powerful and, in many cases, risky. From her perspective in engineering, she sees AI as something that directly influences outcomes tied to public safety, funding, and long-term trust. 

Her understanding of AI began outside formal systems. It revealed itself through daily interactions with technology, from predictive recommendations to voice-enabled tools that respond almost instinctively, which paved the way for a sudden epiphany.

Amy Trahey, P.E.

She says, “I realized how AI is integrated into everything. Whether I watch something on streaming platforms, whether I’m talking on the phone, and suddenly I’m seeing ads for what I spoke about, it’s already part of how we live, and it’s moving faster than any of us can keep up with.” That speed, in her view, creates a leadership gap. Organizations are adopting AI at scale, and Trahey believes many leaders underestimate how quickly their teams are already relying on it. 

She points to studies showing that nearly three out of four companies now use AI in some capacity, interpreting that as proof that passive oversight is no longer viable. “You have to realize your team is going to use it. It’s not a question anymore. So if that’s the case, then it becomes your responsibility to understand it and make sure it’s being used the right way,” Trahey explains. 

Education became her first step toward that responsibility. She enrolled in a five-week intensive program focused on AI prompting, approaching it with the same discipline she applies to engineering work. What she found reshaped her perspective. “It truly is transformational technology. This is on the level of the World Wide Web, but it’s evolving even faster,” Trahey shares. “It has great power to make positive changes, and naturally, it has the potential to be used the wrong way. It all comes down to intent and whether you’re doing things with integrity.”

At Great Lakes Engineering Group, Trahey finds it imperative to establish that duality to ensure that efficiency gains are measurable. She highlights using AI to translate complex engineering briefs and updates into concise and coherent communication for clients, to generate structured meeting documentation in minutes instead of hours. The value, she posits, lies in augmenting human capability, not replacing it. 

Oversight, however, remains fundamental to her process. She insists that no AI-generated output should move forward without human review, particularly in high-stakes environments. Within her work, which revolves around overseeing bridge and transportation infrastructure projects, due diligence finds greater relevance. 

“It acts as an assistant for me, and sometimes as an advisor,” Trahey explains. “But everything still comes back to me. I review it before it goes anywhere. It’s known to hallucinate, and it can try to please you by giving you what it thinks you want to hear. That’s where human responsibility comes in. You cannot take your hands off the wheel.”

Responsibility extends into organizational culture as well, as Trahey recognized early that AI adoption within her team required structure, not restriction. Observing younger engineers already integrating these tools into their workflows prompted her to formalize guidelines. “We do bridge design. We’re working on things that are technically complex and tied to safety,” she says. “If people are using AI, then I need to understand it so I can create policies around what’s acceptable and what’s not. That’s part of leadership. You don’t ignore it. You define how it’s used.”

Her framework draws a clear line between ethical efficiency and misuse. Automating administrative tasks or organizing large datasets represents what she considers appropriate use. In her view, misrepresenting AI-generated work or exploiting time savings for financial gain reflects a breakdown in professional integrity. She speaks directly to that risk.

 “There are people who will use it and then bill five hours for something that took five minutes. That’s not innovation. That’s a lack of integrity. And when you’re dealing with taxpayer money or public safety, that matters.”

Her concerns also extend to societal implications. Trahey believes the accessibility of AI introduces new risks that require coordinated oversight. “When something this powerful is accessible to every human being across the globe, there has to be some level of legislative involvement. We need guidelines and accountability. This isn’t just for technically savvy people anymore. This is for everybody,” Trahey shares. 

Personal experience adds another layer to her perspective. Watching her son Quinn interact with AI as someone with autism has highlighted its potential and its complexity. She sees value in its ability to support communication, especially for individuals who struggle to express themselves. At the same time, she remains attentive to how that interaction is framed. “He sees it as something he can talk to, and there’s a benefit in that,” she explains. “But it’s my job to help him understand what it is and what it isn’t. It’s a tool, not a person. That distinction matters.”

Trahey’s approach to AI reflects a consistent principle. Innovation should be pursued with intention, supported by education, and governed by clear standards. She believes organizations that engage with AI thoughtfully will be better positioned to harness its benefits without compromising trust, and as the world accelerates into the new era of technological collaboration, that distinction, she says, makes all the difference.

Runpod, the high-performance cloud computing and GPU platform designed specifically for AI development, today launched a new open source, MIT licensed, enterprise-friendly Python programming tool called Runpod Flash — and it is poised to make creation, iteration and deployment of AI systems inside and outside of foundation model labs much faster.

The tool aims to eliminate some of the biggest barriers and hurdles to training and using AI models today, namely, doing away with Docker packages and containerization when developing for serverless GPU infrastructure, which the company believes will speed up development and deployment of new AI models, applications and agentic workflows.

Additionally, the platform is built to serve as a critical substrate for AI agents and coding assistants—such as Claude Code, Cursor, and Cline—enabling them to orchestrate and deploy remote hardware autonomously with minimal friction.

Developers can utilize Flash to accomplish a diverse set of high-performance computing tasks, including cutting-edge deep learning research, model training, and fine-tuning.

“We make it as easy as possible to be able to bring together the cosmos of different AI tooling that’s available in a function call,” said RunPod chief technology officer (CTO) Brennen Smith, in a video call interview with VentureBeat last week.

The tool allows for the creation of sophisticated “polyglot” pipelines, where users can route data preprocessing to cost-effective CPU workers before automatically handing off the workload to high-end GPUs for inference.

Beyond research and development, Flash supports production-grade requirements through features such as low-latency load-balanced HTTP APIs, queue-based batch processing, and persistent multi-datacenter storage.

Eliminating the ‘packaging tax’ of AI development

The core value proposition of Flash GA is the removal of Docker from the serverless development cycle.

In traditional serverless GPU environments, a developer must containerize their code, manage a Dockerfile, build the image, and push it to a registry before a single line of logic can execute on a remote GPU. Runpod Flash treats this entire process as a “packaging tax” that slows down iteration cycles.

Under the hood, Flash utilizes a cross-platform build engine that enables a developer working on an M-series Mac to produce a Linux x86_64 artifact automatically.

This system identifies the local Python version, enforces binary wheels, and bundles dependencies into a deployable artifact that is mounted at runtime on Runpod’s serverless fleet.

This mounting strategy significantly reduces “cold starts”—the delay between a request and the execution of code—by avoiding the overhead of pulling and initializing massive container images for every deployment.

Furthermore, the technology infrastructure supporting Flash is built on a proprietary Software Defined Networking (SDN) and Content Delivery Network (CDN) stack.

Smith told VentureBeat that the hardest problems in GPU infrastructure are often not the GPUs themselves, but the networking and storage components that link them together.

“Everyone is talking about agentic AI, but the way I personally see it — and the way the leadership team at RunPod sees it — is that there needs to be a really good substrate and glue for these agents, whatever they might be powered by, to be able to work with,” Smith said.

Flash leverages this low-latency substrate to handle service discovery and routing, enabling cross-endpoint function calls. This allows developers to build “polyglot” pipelines where, for instance, a cheap CPU endpoint handles data preprocessing before routing the clean data to a high-end NVIDIA H100 or B200 GPU for inference.

Four distinct workload architectures supported

While the Flash beta focused on live-test endpoints, the GA release introduces a suite of features designed for production-grade reliability.

The primary interface is the new @Endpoint decorator, which consolidates configuration—such as GPU type, worker scaling, and dependencies—directly into the code. The GA release defines four distinct architectural patterns for serverless workloads:

• Queue-based: Designed for asynchronous batch jobs where functions are decorated and run.

• Load-balanced: Tailored for low-latency HTTP APIs where multiple routes share a pool of workers without queue overhead.

• Custom Docker Images: A fallback for complex environments like vLLM or ComfyUI where a pre-built worker is already available.

• Existing Endpoints: Using Flash as a Python client to interact with previously deployed Runpod resources via their unique IDs.

A critical addition for production environments is the NetworkVolume object, which provides first-class support for persistent storage across multiple datacenters.

Files mounted at /runpod-volume/ allow for model weights and large datasets to be cached once and reused, further mitigating the impact of cold starts during scaling events.

Additionally, Runpod has introduced environment variable management that is excluded from the configuration hash, meaning developers can rotate API keys or toggle feature flags without triggering an entire endpoint rebuild.

To address the rise of AI-assisted development, Runpod has released specific skill packages for coding agents like Claude Code, Cursor, and Cline.

These packages provide agents with deep context regarding the Flash SDK, effectively reducing syntax hallucinations and allowing agents to write functional deployment code autonomously.

This move positions Flash not just as a tool for humans, but as the “substrate and glue” for the next generation of AI agents.

Why open source RunPod Flash?

Runpod has released the Flash SDK under the MIT License, one of the most permissive open-source licenses available.

This choice is a deliberate strategic move to maximize market share and developer adoption. In contrast to more restrictive licenses like the GPL (General Public License), which can impose “copyleft” requirements—potentially forcing companies to open-source their own proprietary code if it links to the library—the MIT license allows for unrestricted commercial use, modification, and distribution.

Smith explained this philosophy as a “motivating construct” for the company: “I prefer to win based on product quality and product innovation rather than legal ease and lawyers,” he told VentureBeat.

By adopting a permissive license, Runpod lowers the barrier for enterprise adoption, as legal teams do not have to navigate the complexities of restrictive open-source compliance.

Furthermore, it invites the community to fork and improve the tool, which Runpod can then integrate back into the official release, fostering a collaborative ecosystem that accelerates the development of the platform.

Timing is everything: RunPod’s growth and market positioning

The launch of Flash GA comes at a time of explosive growth for Runpod, which has surpassed $120 million in Annual Recurring Revenue (ARR) and serves a developer base of over 750,000 since it was founded in 2022.

The company’s growth is driven by two distinct segments: the “P90” enterprises—large-scale operations like Anthropic, OpenAI, and Perplexity—and the “sub-P90” independent researchers and students who represent the vast majority of the user base.

The platform’s agility was recently demonstrated during the release of DeepSeek V4 in preview last week. Within minutes of the model’s debut, developers were utilizing Runpod infrastructure to deploy and test the new architecture.

This “real-time” capability is a direct result of Runpod’s specialized focus on AI developers, offering over 30 GPU SKUs and billing by the millisecond to ensure that every dollar of spend results in maximum throughput.

Runpod’s position as the “most cited AI cloud on GitHub” suggests that it has successfully captured the developer mindshare required to sustain its momentum.

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential orchestration layer for the AI-first cloud.

As development shifts toward “intent-based” coding—where the outcome is prioritized over the execution details—tools that bridge the gap between local ideas and global scale will likely define the next era of computing.

UL’s Dr Muzaffar Rao discusses the professional diploma in OT security programme, and what motivates his research in OT and ICS cybersecurity.

For Dr Muzaffar Rao, University of Limerick (UL) has been a research base for a number of years.

When Rao first joined UL in 2013, he was a PhD student conducting research on reconfigurable hardware for security, specifically field programmable gate array (FPGA)‑based cryptographic systems.

After his PhD, Rao began working at the university as a postdoctoral researcher with the Centre for Robotics and Intelligent Systems, a role that Rao says allowed him to further develop “expertise in hardware‑based cryptographic systems”.

Fast-forward to the current day, and Rao is now an associate professor in the Department of Electronic and Computer Engineering at UL, as well as an associate investigator with Lero, the Research Ireland Centre for Software.

Rao is also the course director of the professional diploma in operational technology (OT) security programme – a specialised Level 9 programme that Rao says is a “unique offering in Ireland”, as it’s dedicated specifically to OT and industrial control systems (ICS) security.

The primary objective of the programme, according to Rao, is to equip professionals with the practical knowledge and specialised skills required to “securely integrate IT and OT systems while effectively managing associated cyber risks”.

“Developed in close collaboration with industry partners, the course focuses on real-world operational challenges, OT-specific threats, relevant legal and regulatory frameworks, and risk mitigation strategies,” he explains.

“A strong emphasis is placed on bridging workforce skills gaps to ensure graduates can protect and secure complex operational environments.”

Rao tells SiliconRepublic.com that recently, the course was provided with the Airbus CyberRange, a simulation and training platform that provides “immersive, hands-on learning through realistic, scenario-based exercises that reflect real-world critical infrastructure and smart manufacturing systems”.

Securing OT and ICS

While his duties have expanded to new duties such as teaching and curriculum development, his cybersecurity research continues to be a major part of his post at UL.

Rao’s current research focuses on strengthening the security and resilience of OT and ICS, particularly in critical infrastructure environments that rely on legacy systems.

“These systems,” he tells us, “are often difficult or impossible to patch, replace or take offline, which makes conventional security approaches impractical.”

He says a “central strand” of his work involves developing lightweight cryptographic mechanisms specifically tailored for ageing industrial hardware with limited processing power, constrained bandwidth and long operational life cycles – with the goal of introducing strong security controls without disrupting industrial operations.

He also researches early‑warning and intrusion‑detection frameworks for “advanced, including nation‑state-level, threats in OT and ICS environments”.

“This includes addressing situations where monitoring is minimal or absent, with particular attention to unmonitored industrial sensors and peripheral devices that create blind spots attackers can exploit.”

But why is this research important?

Rao explains that much of Ireland’s critical infrastructure – including energy, water, healthcare and manufacturing – still depends on “ageing operational technology that cannot be easily upgraded or taken offline”.

“These constraints create significant security gaps and make essential services especially vulnerable to sophisticated cyberthreats, including those from nation‑state actors targeting industrial systems across Europe,” says Rao.

“By developing lightweight cryptographic solutions suitable for legacy devices, improving early‑warning intrusion detection and securing the increasingly interconnected IT/OT environment, this research directly addresses these risks.

“It enhances system visibility, limits lateral movement by attackers, and strengthens Ireland’s ability to prevent and respond to cyber‑physical attacks. Ultimately, this work contributes to national resilience, the continuity of essential services and public safety at a time when cyberattacks are becoming more frequent, targeted and complex.”

Misconceptions and motivation

Rao says he was drawn to this specific area of research because it lies at “the intersection of fields that have consistently shaped my academic path”.

In fact, he says his PhD research on FPGA‑based cryptographic designs naturally exposed him to the “unique and under‑addressed security challenges” of OT and ICS.

“These environments depend heavily on legacy hardware that underpins critical infrastructure yet lacks the protections expected in modern IT systems.”

One misconception about his research that Rao often encounters is the belief that improving security in OT and ICS environments is “simply a matter of applying traditional IT security controls or waiting for outdated systems to be replaced”.

“In reality, critical infrastructure rarely has the option of downtime, frequent patching or uniform visibility, and many industrial systems were never designed with security in mind,” he explains.

He adds that there’s also a belief that effective security requires heavy monitoring, expensive hardware or “intrusive changes that risk disrupting operations”. Rao says his research directly challenges this assumption by “demonstrating that strong security and early intrusion detection can be achieved using lightweight, domain-aware techniques that respect operational constraints”.

“These methods address blind spots such as unmonitored sensors and can detect sophisticated attacks well before they escalate into physical or safety incidents, without disrupting essential services.”

With a number of years spent in this research area, one has to wonder what keeps bringing Rao back to the OT and ICS domain.

As Rao explains to us, he continues to find motivation in “the combination of intellectual challenge and real‑world impact”.

“Unlike conventional IT systems, OT environments cannot simply be patched, replaced or taken offline, even as they face increasingly sophisticated nation‑state threats and growing IT/OT convergence,” he says.

“Developing lightweight cryptography, early‑stage intrusion detection and secure architectures under strict resource and operational constraints is both technically demanding and societally important.

“The opportunity to produce research that has practical relevance and contributes directly to the resilience of essential services is what keeps this work compelling for me.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

• The Aegis Padlock DT FIPS processes PINs on the device, not on the connected computer
• This drive functions where software-based encryption cannot, including embedded systems
• Epoxy coating and locked firmware prevent physical tampering and BadUSB attacks on the Padlock DT FIPS

Most companies assume that encrypting their sensitive data is enough, but encryption only matters if the keys and authentication methods stay out of attackers’ reach.

Software-based encryption tools leave those secrets exposed on the host computer, where keyloggers, screen scrapers, and remote access trojans can capture them with ease.

Sony has shut down claims that PlayStation games would soon require monthly online license checks, with the company confirming that it is not introducing any such system.

The concern started last week after screenshots circulated on X suggesting a “Valid Period” tied to digital purchases. That sparked worry among players and preservation groups, as they feared games could become unplayable if a console stayed offline for more than 30 days.

Sony has now clarified to Game File that this isn’t the case. Once a digital game is purchased, it receives a perpetual license after a single online verification. After that initial check, there are no ongoing requirements to reconnect or revalidate the license.

“Players can continue to access and play their purchased games as usual,” a Sony representative said. “A one-time online check is required after purchase to confirm the game’s license, after which no further check-ins are needed.”

Advertisement

That statement directly contradicts the interpretation many users had after testing suggested that even setting a PS4 or PS5 as a “primary” console didn’t appear to override the supposed 30-day limit. This helped fuel the belief that Sony was quietly rolling out stricter DRM rules for digital ownership.

Sony hasn’t explained why the “Valid Period” language appeared in the first place. However, one theory links it to its 14-day digital refund window, where temporary validation could help prevent abuse. The company hasn’t confirmed this.

The episode has also revived familiar concerns around game preservation and ownership, especially in a market that is increasingly digital-first. It also inevitably brings back memories of Microsoft’s original Xbox One plans in 2013. Those plans required daily online DRM checks before they were reversed after widespread backlash.

Advertisement

For now, Sony is making one thing clear: buying a digital game on PlayStation still means permanent access, with no recurring online verification needed after the initial purchase check.

Advertisement