Academic Centre of Excellence in Cyber Security Research - University of Edinburgh
Lead Research Organisation:
University of Edinburgh
Department Name: Sch of Informatics
Abstract
The University of Edinburgh (UoE) has a uniquely diverse set of academics contributing to research in Cyber Security and Privacy, reflecting the breadth of the field. Our work ranges from theoretical concepts of classical and quantum cryptography, logical foundations and verified implementations, through to applied networking technologies and socio-technical security spanning user behaviour and design, law, policy and governance. Our current themes include:
1. Cryptography and Distributed Ledger
2. Quantum-enhanced Security
3. Protocol and Program Verification
4. Socio-technical Security
5. Secure Future Networks
6. Device Security
7. Data Science Techniques
The aims of our Centre of Excellence in Cyber Security Research are:
- To provide a Edinburgh University-level hub for the horizontal theme of cyber
security and privacy, supporting multidisciplinary investigation
- To encourage outreach to end users and public sector and industry,
and translational research on new solutions.
- To support and disseminate our research among academic channels,
and in particular, by connecting and collaborating with other UK Universities.
1. Cryptography and Distributed Ledger
2. Quantum-enhanced Security
3. Protocol and Program Verification
4. Socio-technical Security
5. Secure Future Networks
6. Device Security
7. Data Science Techniques
The aims of our Centre of Excellence in Cyber Security Research are:
- To provide a Edinburgh University-level hub for the horizontal theme of cyber
security and privacy, supporting multidisciplinary investigation
- To encourage outreach to end users and public sector and industry,
and translational research on new solutions.
- To support and disseminate our research among academic channels,
and in particular, by connecting and collaborating with other UK Universities.
Planned Impact
We plan impact activities to support:
Knowledge: through dissemination to other academics, and to
industrialists and policy makers.
Society: for example, through the possibility for improved security
and provision in sectors such as healthcare, and improved
understanding among citizens for using technology.
People: our research centre will help build strength in support of the
UK initiative to address the skills gap for information security
professionals and related occupation.
Economy: for example, through research advances or enhanced visibility
of ongoing research, which will encourage tecnological innovation in
the cyber security sector, in conjunction with the work of Edinburgh
Research and Innovation Ltd, Informatics Ventures and external funding
and incubation schemes.
Knowledge: through dissemination to other academics, and to
industrialists and policy makers.
Society: for example, through the possibility for improved security
and provision in sectors such as healthcare, and improved
understanding among citizens for using technology.
People: our research centre will help build strength in support of the
UK initiative to address the skills gap for information security
professionals and related occupation.
Economy: for example, through research advances or enhanced visibility
of ongoing research, which will encourage tecnological innovation in
the cyber security sector, in conjunction with the work of Edinburgh
Research and Innovation Ltd, Informatics Ventures and external funding
and incubation schemes.
Organisations
People |
ORCID iD |
| David Aspinall (Principal Investigator) |
| Description | This ACE-CSR award does not directly fund research, it only pays for networking type activities at a very modest level (averages under £1k per ACE-CSR staff member per year). So it is impossible to associate direct impacts from any scientific results or policy studies, for example. But the ACE-CSR recognition has undoubtedly led to University of Edinburgh gaining wider influence and reputation within industry, government and third sectors, as a Centre for Excellence in Cyber Security Research, and it has been an enabler for gaining further investment in research and within and beyond the University, in recruiting students and staff. This has been particularly the case in Scotland, where trade bodies such as ScotlandIS and the government's Cyber Resilience Unit have invited us to collaborate to help develop further economic and societal opportunities and together with other Universities across Scotland, as a key member of the Scottish Government funded SICSA Nexus Cyber project. As one small example, as part of Cyber Scotland Week in February 2019 we led a research showcase; in February 2020 we hosted a large, over-subscribed cyber security competition for hundreds of students across Scotland. The ACE-CSR award has been an enabler for many activities like this, as well as leading to further cases of external expert consultation to our staff. Overall I believe these effects have been beneficial in helping, indirectly, to raise awareness of cyber security in the public, as well as enabling our work to have some indirect influence on certain policy instruments. The main challenge in capitalising on this opportunity to achieve impact has been the lack of support resource for industrial liaison, "pathfinding" type of activities, Proof-of-Concept experiments or public engagement. While some individual research grants fund such activities, many opportunities are not yet associated with particular funding streams so it is very difficult to bootstrap engagements in an agile way. (One example was a possible project in 2018 with HMRC). While academic staff have been recruited to teaching posts, they seldom have enough time (or the right skillsets) to engage in these impactful activities and the business case has been difficult to make for University-level investment with many competing activities that had a larger "push" to begin with (e.g., research hubs that started with multi-million pound funding). The National Cyber Security Centre was able to make additional ad hoc "small grant" awards to ACE-CSR Universities from time-to-time which were very helpful but difficult to manage, limited in duration and nature, and only possible at certain times. These impact activities would have been much better enabled by a larger award and more flexibility in the original ACE-CSR scheme. |
| First Year Of Impact | 2018 |
| Sector | Digital/Communication/Information Technologies (including Software),Education,Government, Democracy and Justice,Security and Diplomacy |
| Impact Types | Societal,Economic,Policy & public services |