Academic Centre of Excellence in Cyber Security Research - University of Surrey

Lead Research Organisation: University of Surrey
Department Name: Computing Science

Abstract

Research within the Surrey Centre for Cyber Security falls into the following principal themes:

- Security through Hardware: design and use of secure hardware such as Trusted Platform Modules (TPMs) as the basis of security mechanisms and designs

- Trusted Systems: applied cryptography, modelling and security analysis of systems, verification

- Privacy and Authentication: privacy-preserving computing, passwords, multi-factor authentication, personal data privacy

- Secure Communications: Internet of Things, 5G, connected vehicles, communications protocols, ultra-high-speed mobile and wireless connectivity

- Multimedia Security and Forensics: cybercrime and law enforcement

- Human Factors: cognitive modelling of human behaviour, human-assisted data loss/leakage prevention, reduction of human-related risks in the cyber-physical world.

Within each theme there is a foundational element developing understanding, theory and new technologies, together with applications to specific problem domains and to building practical solutions. Application areas cover a wide range across the cyber-security spectrum, include new cryptographic schemes, security protocols, hardware-enhanced security, network security issues at different layers, formal security modeling and verification, human factors, secure electronic voting, key management, digital rights management and watermarking, image and video forensics, security economics, and biometrics.

The application domains we work in include transportation (automotive, rail), democracy (e-voting), telecommunications, digital economy, health, and law enforcement.

The technical core of the centre includes academics from the Departments of Computer Science, and the 5G Innovation Centre,. The centre also has a number of associates from a wide range of disciplines across the University whose research overlaps with security, and who are involved in interdisciplinary security research. These areas include Artificial and Machine Intelligence, Communication Systems, Vision, Speech and Signal Processing, as well as Surrey Business School, Sociology, Psychology, Law and Economics.

The Centre maintains strong collaborative links with its internationally renowned research partners, participates in technology transfer from academic to small and large businesses, shares knowledge and offers consultancy to government agencies, and is active in cyber-security education and security awareness raising campaigns for the industrial and public sectors.

Planned Impact

The aim of this grant is to securely establish the Surrey Centre for Cyber Security, the proposed Surrey ACE-CSR, by providing support for the planned activities and developing an appropriate infrastructure. These activities are aimed at achieving impact by engaging with the key stakeholders in Cyber Security through high-profile events and trade fairs aimed at practitioners and researchers at the more technical level, with a focus on promoting exchange and collaboration among all ACE-CSR Centres and engaging with industry. These activities will contribute to the vitality of the Cyber Security community, and disseminate relevant and up-to-date information to organisations and people who will benefit from the research produced by the Surrey Centre for Cyber Security and other ACE-CSR Centres.

We also aim to foster direct focused interactions with organisations. The Applied Security Lab will be used to conduct applied security research, and showcase research results to students, collaborators and industrial visitors. The Centre's website and other publicity materials will showcase our expertise and provide a first port of call for external contacts.

We have an Advisory Board of experts from our network of senior contacts in the Cyber Security community. This Board consists of industrialists, policy makers, and leaders in the academic community, to advise on our strategy, and also to provide active involvement and support for our activities, leveraging our impact. This will provide another source of expertise on the most effective ways to achieve impact. Furthermore, Advisory Board members will themselves be from our target community, and their direct involvement with the ACE will provide another route for impact.
Our involvement with the University of Surrey 5G Innovation Centre provides a unique opportunity for the Surrey Centre for Cyber Security to have a direct impact, at an early stage, on security aspects within the development of 5G technology.

The University of Surrey provides a first-class environment in which to achieve impact. The University's mission statement from 1998 states that

"As a University of real international standing, our vision is to work in partnership with industry, commerce and the professions, as well as with other institutions, for the benefit of the world. We will achieve this by providing scholarship attuned to the particular needs of our technological society, by developing leading-edge research and by creating a rich and varied learning environment for our students."

The University has a strong record of exploiting and applying research and has a vibrant commercial activity, with a number of spin-out companies, and substantial contract and consulting work. The culture of the University is very much attuned to "engaging with the world", and there is strong corporate experience and knowledge, and administrative support for achieving impact.
 
Description Researchers within the Academic Centre of Excellence interact with a number of industrial sectors as detailed below. The Centre has established regular cyber-industry facing briefings on topics of current interest, such as GDPR, and is providing the focus for growing a network of industrial collaborations and partnerships through joint projects, studentships, CyberInvest activities, and presentation at industry events.
First Year Of Impact 2017
Sector Digital/Communication/Information Technologies (including Software),Government, Democracy and Justice,Security and Diplomacy,Transport
Impact Types Economic

 
Description EPSRC Impact Acceleration Account
Amount £39,922 (GBP)
Organisation Engineering and Physical Sciences Research Council (EPSRC) 
Sector Academic/University
Country United Kingdom
Start 11/2018 
End 10/2019
 
Description EU H2020
Amount € 2,932,297 (EUR)
Organisation European Commission H2020 
Sector Public
Country Belgium
Start 09/2018 
End 08/2021
 
Description EU H2020
Amount € 4,868,890 (EUR)
Funding ID 779391 - FutureTPM 
Organisation European Commission H2020 
Sector Public
Country Belgium
Start 01/2018 
End 12/2020
 
Description GCHQ PhD studentship
Amount £115,000 (GBP)
Organisation Government Communications Headquarters (GCHQ) 
Sector Public
Country United Kingdom
Start 10/2018 
End 03/2022
 
Description GCHQ PhD studentship
Amount £115,000 (GBP)
Organisation Government Communications Headquarters (GCHQ) 
Sector Public
Country United Kingdom
Start 10/2018 
End 03/2022
 
Description GCHQ Small Grants
Amount £12,870 (GBP)
Organisation Government Communications Headquarters (GCHQ) 
Sector Public
Country United Kingdom
Start 11/2017 
End 02/2018
 
Description GCHQ small grant
Amount £10,580 (GBP)
Organisation Government Communications Headquarters (GCHQ) 
Sector Public
Country United Kingdom
Start 01/2018 
End 02/2018
 
Description Blockchain and Distributed Ledger Technology (Industry Networking Event) 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach Regional
Primary Audience Industry/Business
Results and Impact The Surrey Centre for Cyber Security (SCCS) are hosting Industry Networking Event, showcasing our activities in the rapidly developing field of Blockchain and Distributed Ledger Technologies and will feature a number of invited talks from academia and industry.

The event will take place on Thursday 24 January 2019, 16:00 - 19:00, in the Lecture Theatre F (LTF), Lecture Theatre Building, University of Surrey, and will include light refreshments.

The agenda will include presentations by:

Welcome from Mark Manulis, Deputy Director, SCCS

Steve Pannifer, Director, Chief Operations Office, Consult Hyperion

Rob Learney, Lead Technologist, Digital Catapult

David Michael, CEO / Co-Founder at Streeva

John Collomosse, Professor in Computer Vision, Centre for Vision Speech & Signal Processing

This event will also be an opportunity for you to network with the Digital Catapult and local businesses as well as University of Surrey academics. If you are a business interested in collaborating with the University of Surrey or an academic keen to work with industry in the domain of Blockchain and Distributed Ledger Technologies, please join us to find out more.
Year(s) Of Engagement Activity 2019
 
Description Cyber Crime and Fraud Awareness seminar 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact A seminar organised by Surrey Centre for Cyber Security jointly with Lloyds Bank, aimed at their client base and also aimed at the SCCS network of business and indistry
Year(s) Of Engagement Activity 2017
 
Description Cyber Security in Space workshop 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Industry/Business
Results and Impact 10:30 - 10:45 Welcome remarks by Mark Manulis, SCCS and Chris Bridges, SSC

10:45 - 11:20 Toby Harris, UK Space Agency: "UK Space and Cyber Security''
11:20 - 11:55 Ian Poyner, SSTL: "Threats throughout the life-cycle"

12:20 - 12:55 Andy Davis, NCC Group: "The cyber attack surface of the Space industry"
12:55 - 13:30 Francis Kinsella, Airbus: "Protecting and Defending Sovereign Space Assets"

14:30 - 15:05 Mark Bowyer, Airbus: "Securing Future NanoSats at Physical Layer"
15:05 - 15:40 Tomer Ashur, KU Leuven: "Broadcast Authentication for Europe's Global Navigation Satellite System"
15:40 - 16:00 Panel discussion: "Directions for Research in Space Cyber Security"
Year(s) Of Engagement Activity 2019
 
Description International Cybersecurity Forum, Lille 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact Attendance at the International Cybersecurity Forum, Lille, January 2018, on the UK Science and Innovation Stand, representing the ACEs network
Year(s) Of Engagement Activity 2018
URL https://www.forum-fic.com/site/GB,I59984.htm
 
Description Panel discussion at TEISS 2017 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact Participated as panellist in the discussion on the topic of "Segregating third party access in the cloud" with the "Identity & Acess Management" stream of The European Information Security Summit (TEISS) 2017.
Year(s) Of Engagement Activity 2017
URL https://biztechevents.co.uk/teiss/cth_speaker_cat/speaker-2017/page/2/
 
Description Presentation at the HMG Distroibuted Ledger Technoloigy Communit of Interest event 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach Regional
Primary Audience Professional Practitioners
Results and Impact Presentation about verifiable voting and about he VOLT project at the "Community of Interest on DLT's" event.
Year(s) Of Engagement Activity 2018
 
Description Presentation on the VOLT project to the DLT Community of Interest 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Industry/Business
Results and Impact Presented on the VOLT project at the DLT Community of Interest event in Whitehall to an audience of approx 100 DLT enthusiasts and practitioners. The talk generated a substantial number of questions.
Year(s) Of Engagement Activity 2018
 
Description Seminar at Royal Holloway University of London 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach Local
Primary Audience Postgraduate students
Results and Impact Seminar on the development of the Web Bulletin Board, presented at Royal Holloway, to approx 30 strong audience.
Year(s) Of Engagement Activity 2017
 
Description Seminar at University of Southampton 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach Local
Primary Audience Postgraduate students
Results and Impact Seminar at Southampton to talk about the formal development underpinning the web bulletin board used in electronic voting
Year(s) Of Engagement Activity 2017
 
Description Workshop on Cyber Security @ British Ambassador's Residence in Paris 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact On invitation from the British Embassy in Paris, a team member participated in a workshop aimed at fostering cross-channel collaborations between French and Bristish businesses, academics and policy-makers surrounding issues of cyber security. The SCCS member led a panel discussion on coming threats and challenges in cyber security. Participation in the event was an excellent opportunity to advertise our research capacity and expertise to both UK and French businesses, and to establish strong contacts in cyber-related policy-making circles in both countries. This has already led to some external visits to SCCS, and is expected to lead to further collaborations in research, but also in relation to our teaching and further outreach activities.
Year(s) Of Engagement Activity 2017