Centre for Secure Information Technologies - Tranche 2 Proposal

The Internet (Cyber space) is a source of infinite knowledge, an evolving artefact unconstrained by national borders, law, regulations or languages and a community with commercial, political and criminal interests. The Internet has 2 billion Internet users, there are 234 million web sites and there are 250 billion emails sent every day.

It is hard to say exactly what the internet will become, but we can see a world where the Internet will be used in assisted living; allowing computers to drive our cars and monitoring and managing our health. The Internet will almost certainly also become a personal assistant; scheduling our day, advising us when we should eat, when we should sleep and what we should do. One thing we can be sure of is that the complexity and capability of the Internet continues to explode exponentially and as it does securing; information, infrastructure and citizen will need equally advanced and intelligent capability.

Even though the Internet is core to a functioning society, Cyber space is not protected and cyber threats have evolved into global criminal enterprises. In February 2011 the UK Cabinet Office announced that cybercrime cost the UK £27Billion per annum.
The risks associated with the Internet extend from individuals to nations. An unprotected PC can be infected by malicious software (malware) within minutes of being connected to the Internet, and last year the Stuxnet virus attack on an Iranian power plant showed that the Internet is being used by nation states for Cyber war. Internet Security is currently however either a privilege for those who are willing to pay for security tools and services, or for those with the engineering skills to understand the technology and threat.

What should be done?

The research at CSIT has a vision that Internet Security should be available for all. As information is travelling through the network, it should be cleansed and filtered of malware, and criminal activity policed. An analogy would lie with the provision of water as a utility. We trust that when we turn on a tap, the water we drink is safe and pure, we do not have filters at the tap. As we turn on the Internet in our homes we should also be confident that the mechanism to deliver the Internet in itself cleanses the content. At the heart of CSIT is the perennial challenge of making all of the IT solutions, of today and tomorrow, secure. CSIT is becoming a world-class Research and Innovation centre, coupling major research breakthroughs in Secure Information Technology with exciting developments in innovation and commercialisation.

When electronic sensor devices and CCTV cameras are networked and combined with computer processing, IT then becomes a power enabling tool in the field of physical infrastructure protection, which includes fire monitoring, asset tracking and intrusion detection. Thus while IT security itself is often a matter of defending against automated attack by viral programs, IT for asset protection is a tool to assist the human operator. The IT systems used for infrastructure systems must themselves be secure not least because personal biometric data is increasingly being rolled out as a part of the solution.

The driving goal for CSIT is to strategically position U.K. industry at the forefront of the field of secure IT because this field is a critical, emerging and rapidly growing sector with its wider benefits for the safety and security of society. Embedded within Queen's University, with its very successful record of industrial collaboration and spin-out company formation, CSIT therefore lends itself well to a strong business and academic partnership, creating a continuous flow of knowledge transfer opportunities, with realizable shorter term milestones for transfer of the research, coupled with exciting opportunities for major breakthroughs and ensuring commercial opportunities for UK industry.

Who will benefit from this research?

Industrial partners will be one of the main beneficiaries of the research through various knowledge transfer processes. These companies come from a variety of sectors and include for example, systems manufacturers, telecoms companies, internet security companies, banks and financial service companies. In addition to industrial partners, a number of stakeholders within government will also benefit from the research. These include government organisations responsible for information and physical security, in addition to law enforcement agencies responsible for detection of e-crime. The wider academic community will also benefit from the new body of knowledge developed by the researchers in CSIT.

How will they benefit from this research?

Society in general will also benefit indirectly from CSIT, partly through improved security of information and data as well as improved physical security. Examples of this include increased security of data on line, lower risk of virus infection or improved security at airports or public transport with reduced crime rates. Also there will be a benefit as a result of the contribution to the wider economy through jobs (up to 80), services etc. The link with the Virtual Task Force in Grand Challenge 3 (financial services) will provide a clear mechanism for commercialisation and provide a strong opportunity for societal benefit e.g. making the banking system more secure and making the UK a safer place to do business.

What will be done to ensure that they have the opportunity to benefit from this research?

The structure and staffing of CSIT will ensure that commercialisation and impact will be a critical element of CSIT operations e.g. extensive range of companies and other government agencies on the industrial advisory board, employment of engineers and business development and commercialisation staff. Since the industrial advisory board has been closely involved in the formulation of the research agenda, this will ensure that commercialisation and knowledge transfer is built into the R&D process. New members have been added to the board and a number of other potential full and associate member are in the pipeline. This engagement will be critical in ensuring knowledge transfer/impact both in the short to medium term but also in the longer term. A wide variety of mechanisms will be employed to maximise impact. These include QUB's high success rate in Knowledge Transfer Partnerships, licensing deals, spin out companies, training courses and the usual dissemination methods to ensure academic impact (e.g. high quality journals and international conferences).

Another example of how CSIT will ensure impact is through high profile events, in Belfast, London and internationally. The recent World Cyber Security Technology Research Summit, held at CSIT in March 2011 was a major success and helped establish CSIT as a leading international research centre, with high profile PR from the event and new collaboration and impact opportunities established.