<?xml version="1.0" encoding="UTF-8"?><ns2:project xmlns:ns1="http://gtr.rcuk.ac.uk/gtr/api" xmlns:ns2="http://gtr.rcuk.ac.uk/gtr/api/project" xmlns:ns3="http://gtr.rcuk.ac.uk/gtr/api/fund" xmlns:ns4="http://gtr.rcuk.ac.uk/gtr/api/person" xmlns:ns5="http://gtr.rcuk.ac.uk/gtr/api/project/outcome" xmlns:ns6="http://gtr.rcuk.ac.uk/gtr/api/organisation" ns1:created="2026-06-22T07:57:45Z" ns1:href="http://gtr.ukri.org/gtr/api/projects/6D14193C-47C6-4664-BEDB-23FD33C4899C" ns1:id="6D14193C-47C6-4664-BEDB-23FD33C4899C"><ns1:links><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/persons/C87B0533-F7A7-4582-A010-9C94EB270633" ns1:rel="PM_PER"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/4B1CFB07-8BD4-4246-8CC3-E97ED78BF079" ns1:rel="LEAD_ORG"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/4B1CFB07-8BD4-4246-8CC3-E97ED78BF079" ns1:rel="PARTICIPANT_ORG"/><ns1:link ns1:end="2025-02-28T00:00:00Z" ns1:href="http://gtr.ukri.org/gtr/api/funds/B179D83F-E2E3-4055-807F-60605F96574E" ns1:rel="FUND" ns1:start="2024-08-31T23:00:00Z"/></ns1:links><ns2:identifiers><ns2:identifier ns2:type="RCUK">10139273</ns2:identifier></ns2:identifiers><ns2:title>CyDRA: Risk and Vulnerability Assessment in Transactions under Security Threats</ns2:title><ns2:status>Closed</ns2:status><ns2:grantCategory>Collaborative R&amp;D</ns2:grantCategory><ns2:leadFunder>Innovate UK</ns2:leadFunder><ns2:abstractText>CyDRA project is dedicated to solving difficult security-by-design issues in transactional systems, processing financial, commercial, and business information. The design of such systems must guarantee the security of their operation by lowering the risk of unauthorized intrusions, malfunctioning, and malicious activities. This is a big concern for banks and insurance companies, in electronic commerce and digital businesses as well as for online service providers. Most existing solutions are based on complex security frameworks, which are expensive, inflexible, and inefficient.

CyDRA software solution addresses the above problems using a methodology for risk assessment and vulnerability analysis based on the use of a powerful model of transactions under stress, known as Partially Observable Markov Decision Process model (POMDP). This model is configurable both in terms of architecture and component parameters. It allows the security professionals to create interactively a model of the security infrastructure, formulate security policies, and by interactive experimentation, create an optimal design with guaranteed lowest level of security risks. This is possible thanks to the graph modeler, which provides a starting point for the analysis and through a set of templates can be easily customized. CyDRA software implements several original methods for the analysis of the vulnerability and assessment of the security risks which combine technological and theoretical innovations and thus, allow very compact and efficient implementation.

The core CyDRA software can be installed as a desktop application or as a service and can be used using a standard Web browser. It is offered free of charge to allow demonstration of the modeling and for testing the computations. The customers can purchase separate packages from the software ecosystem that best suit their needs - either directly from the vendor, or from licensed resellers:

**Bronze Package:** A set of templates helping the manual design by providing drop-down menu options with predefined meaning for network engineers and security architects

**Silver Package:** Additional policy plugins guiding the process of designing the model of the security infrastructure for security architects and security analysts

**Gold Package:** Advanced vulnerability analysis and reinforcement learning modules for optimal tunning, suitable for senior security consultants

**Platinum** **Package:** Training in modelling and expert support decision-making on different levels for all security professionals

In addition, the business customers will be able to assess the resilience and robustness of their existing or design a new security architecture for their business from licensed consultancy companies and certified agencies.</ns2:abstractText></ns2:project>