Academic Centre of Excellence in Cyber Security Research - University of Surrey
Lead Research Organisation:
University of Surrey
Department Name: Computing Science
Abstract
The University of Surrey has established the Surrey Centre for Cyber Security to consolidate, organise and promote our Cyber Security activities across the University. The Centre builds on the existing capability and resources across the University of Surrey, which has been investing in Cyber Security research as a high-priority research area since 2004. The Centre focuses on three main research directions - Privacy and Data Protection, Secure Communications, and Human-Centred Security - building on the University's strength and the background of members of the Centre. Recognition of the Centre as an Academic Centre of Excellence in Cyber Security Research will help in consolidating research activities that are currently carried out across three faculties, and in creating new synergies for long-term collaborative research projects on the emerging interdisciplinary challenges of Cyber Security. It will also foster the international visibility and positioning of the Centre and expand its linkage with businesses, industry research institutions, and governmental bodies.
The initial composition of the Centre consists of 8 Core Members from Computing and Electronic Engineering (Institute for Communication Systems), with established track records in selected key areas of Cyber Security. Within the University there are also a further 19 Associate Members, who hold strong research expertise in areas that are strategically important in addressing interdisciplinary cyber security challenges and where existing mutual interests and potentials are likely to lead to the establishment of joint research initiatives within the proposed Centre.
In the short-term the Surrey Centre for Security will:
- consolidate and promote its research activities,
- establish an efficient organisation and management structure (including an Advisory Board),
- identify new directions and bid for interdisciplinary and technology-focused cyber-security research projects,
- establish a regular seminar series,
- expand on its postgraduate teaching and PhD programmes,
- refine its strategy upon the consultations with its liaison officer from GCHQ (and other governmental stakeholders).
In the medium-term the Centre will
- actively bid for new research projects and increase its research output in high-quality publication venues,
- engage in collaborative projects with other ACE-CSRs and our partners.
The initial composition of the Centre consists of 8 Core Members from Computing and Electronic Engineering (Institute for Communication Systems), with established track records in selected key areas of Cyber Security. Within the University there are also a further 19 Associate Members, who hold strong research expertise in areas that are strategically important in addressing interdisciplinary cyber security challenges and where existing mutual interests and potentials are likely to lead to the establishment of joint research initiatives within the proposed Centre.
In the short-term the Surrey Centre for Security will:
- consolidate and promote its research activities,
- establish an efficient organisation and management structure (including an Advisory Board),
- identify new directions and bid for interdisciplinary and technology-focused cyber-security research projects,
- establish a regular seminar series,
- expand on its postgraduate teaching and PhD programmes,
- refine its strategy upon the consultations with its liaison officer from GCHQ (and other governmental stakeholders).
In the medium-term the Centre will
- actively bid for new research projects and increase its research output in high-quality publication venues,
- engage in collaborative projects with other ACE-CSRs and our partners.
Planned Impact
This proposal is essentially concerned with impact: the funding requested is to support activities which are intended to achieve the maximum impact for our existing and future research work. Our planned activities are specifically aimed at strong engagement with industry, government, and the general public.
Our engagement with industry will be enhanced by our Advisory Board. We have a strong network of industrial partners to draw on, and the Advisory Board will provide broad coverage across practitioners and beneficiaries. The Board will inform our planned engagement activities, and will be used to provide informed advice on the opportunities that will be most effective in achieving impact, and on our plans for specific events.
The Surrey Centre for Cyber Security has created an Applied Security Lab, to support both teaching and research, with the infrastructure being provided by the University. The Centre coordinates the use of this lab to conduct applied security research, and showcase our Cyber Security work, in the form of demonstrators, projects and prototypes. This will provide a new "one-stop-shop" environment in which to host industrial visits. It will enable focused and detailed discussions, and will support our activities in developing new collaborative links with industry and engaging in meaningful dialogue with beneficiaries of our work.
Our engagement with industry will be enhanced by our Advisory Board. We have a strong network of industrial partners to draw on, and the Advisory Board will provide broad coverage across practitioners and beneficiaries. The Board will inform our planned engagement activities, and will be used to provide informed advice on the opportunities that will be most effective in achieving impact, and on our plans for specific events.
The Surrey Centre for Cyber Security has created an Applied Security Lab, to support both teaching and research, with the infrastructure being provided by the University. The Centre coordinates the use of this lab to conduct applied security research, and showcase our Cyber Security work, in the form of demonstrators, projects and prototypes. This will provide a new "one-stop-shop" environment in which to host industrial visits. It will enable focused and detailed discussions, and will support our activities in developing new collaborative links with industry and engaging in meaningful dialogue with beneficiaries of our work.
Organisations
- University of Surrey (Lead Research Organisation)
- University College London (Collaboration)
- LOUGHBOROUGH UNIVERSITY (Collaboration)
- Clearswift Ltd (Collaboration)
- Rail Delivery Group (Collaboration)
- Singapore Management University (SMU) (Collaboration)
- Thales Group (Collaboration)
- Royal Holloway, University of London (Collaboration)
- NCC Group (Collaboration)
- University of Warwick (Collaboration)
- LoRa Alliance (Collaboration)
- University of Clermont Auvergne (Collaboration)
- Neighbourhood and Home Watch Network (Collaboration)
- Commonwealth Scientific and Industrial Research Organisation (Collaboration)
- Crossword Cybersecurity (Collaboration)
- University of Split (Collaboration)
- Transport Research Laboratory Ltd (TRL) (Collaboration)
- TEES, ESK AND WEAR VALLEYS NHS FOUNDATION TRUST (Collaboration)
- School of Information Systems (SIS) (Collaboration)
- UNIVERSITY OF SOUTHAMPTON (Collaboration)
Publications
K. Bhargavan
(2018)
A Formal Treatment of Accountable Proxying over TLS
K. Bhargavan
(2017)
Content delivery over TLS: a cryptographic analysis of Keyless SSL
Kamel G
(2015)
CAINE: a context-aware information-centric network ecosystem
in IEEE Communications Magazine
Kiefer F
(2016)
Information Security
Kiefer F
(2016)
Information Security
Kiefer F
(2016)
Blind Password Registration for Verifier-based PAKE
Kuchta V
(2015)
Trusted Systems
Kuchta V
(2016)
Trusted Systems
| Description | This award has supported the growth of the Surrey Centre for Cyber Security and its engagement and advocacy activity. Members of the Centre work with a variety of industrial sectors including transportation, election systems, transactions, autonomous systems, robotics, communications and future internet, and our research has been applied in these sectors in conjunction with industrial partners. Members of the Centre engage with industry to influence major cyber security related standardization activities through involvement in working groups in ISO, Trusted Computing Group, ETSI, IETF, FIDO Alliance, and LoRa Alliance |
| Exploitation Route | The Centre of Excellence provides a focus and driver for the University's research activity in Cyber Security, and enables engagement for applying our research outputs. |
| Sectors | Digital/Communication/Information Technologies (including Software),Financial Services, and Management Consultancy,Government, Democracy and Justice,Security and Diplomacy,Transport |
| Description | Researchers within the Academic Centre of Excellence interact with a number of industrial sectors including automotive, rail, digital transactions, elections, autonomous systems, robotics, future communications and internet. The Centre has established regular cyber-industry facing briefings on topics of current interest, such as GDPR, Distributed Ledger Technologies, and AI and Security, and is providing the focus for growing a network of industrial collaborations and partnerships through joint projects, studentships, CyberInvest activities, and presentation at industry events. Members of the Centre engage with industry to influence major cyber security related standardization activities through involvement in working groups in ISO, Trusted Computing Group, ETSI, IETF, FIDO Alliance, and LoRa Alliance |
| First Year Of Impact | 2015 |
| Sector | Digital/Communication/Information Technologies (including Software),Financial Services, and Management Consultancy,Government, Democracy and Justice,Security and Diplomacy,Transport |
| Impact Types | Societal,Economic,Policy & public services |
| Description | Contribution to APPG session on Government, Democracy and Voting |
| Geographic Reach | National |
| Policy Influence Type | Contribution to a national consultation/review |
| URL | https://lordchrisholmes.com/blockchain-appg-evidence-meeting-government-democracy-and-voting/ |
| Description | Publication of the IET Report "Internet Voting in the UK", as Chair of the IET E-Voting Working Group, The rep[ort considers the opportunities challenges around the prospect of evoting in the UK. |
| Geographic Reach | National |
| Policy Influence Type | Membership of a guideline committee |
| URL | https://www.theiet.org/media/7025/internet-voting-in-the-uk.pdf |
| Description | Academic Centre of Excellence in Cyber Security Research |
| Amount | £80,001 (GBP) |
| Funding ID | EP/R006938/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 07/2017 |
| End | 06/2022 |
| Description | Applications of Distributed Ledger Technologies |
| Amount | £614,484 (GBP) |
| Funding ID | EP/P031811/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 06/2017 |
| End | 05/2019 |
| Description | Commitment to Privacy and Trust in Internet of Things Security (ComPaTrIoTS) Research Hub |
| Amount | £252,967 (GBP) |
| Funding ID | EP/N023358/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 01/2016 |
| End | 01/2019 |
| Description | Eyes Can Tell: Applications of Eye-tracking Devices in Cyber Security Research |
| Amount | £19,392 (GBP) |
| Organisation | Government Communications Headquarters (GCHQ) |
| Sector | Public |
| Country | United Kingdom |
| Start | 10/2016 |
| End | 03/2017 |
| Description | GCHQ PhD studentships for Academic Centres of Excellence |
| Amount | £115,000 (GBP) |
| Organisation | Government Communications Headquarters (GCHQ) |
| Sector | Public |
| Country | United Kingdom |
| Start | 10/2017 |
| End | 03/2021 |
| Description | GCHQ PhD studentships for Academic Centres of Excellence |
| Amount | £115,000 (GBP) |
| Organisation | Government Communications Headquarters (GCHQ) |
| Sector | Public |
| Country | United Kingdom |
| Start | 10/2017 |
| End | 03/2021 |
| Description | H-DLP: Human-assisted machine learning for bootstrapping DLP (data loss prevention) systems |
| Amount | £192,003 (GBP) |
| Funding ID | KTP010417 |
| Organisation | Innovate UK |
| Sector | Public |
| Country | United Kingdom |
| Start | 01/2017 |
| End | 12/2020 |
| Description | Human Dimensions of Cyber Security |
| Amount | £880,980 (GBP) |
| Funding ID | EP/P011896/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 01/2017 |
| End | 12/2018 |
| Description | Joint Singapore-UK Research in Cyber Security |
| Amount | £208,100 (GBP) |
| Funding ID | EP/N020111/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 04/2016 |
| End | 04/2018 |
| Description | Microsoft Research PhD Scholarship |
| Amount | £112,000 (GBP) |
| Organisation | Microsoft Research |
| Department | Microsoft Research Cambridge |
| Sector | Private |
| Country | United Kingdom |
| Start | 04/2018 |
| End | 04/2022 |
| Description | Pass8 (PassInfinity) |
| Amount | £34,000 (GBP) |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 01/2017 |
| End | 03/2017 |
| Description | PassInfinity: An "All in One" user authentication framework |
| Amount | £28,968 (GBP) |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 04/2017 |
| End | 09/2017 |
| Description | Trust, Identity, Privacy and Security in the Digital Economy |
| Amount | £364,323 (GBP) |
| Funding ID | EP/N028295/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 06/2016 |
| End | 05/2019 |
| Description | Trust, Identity, Privacy and Security in the Digital Economy |
| Amount | £852,825 (GBP) |
| Funding ID | EP/N02799X/1 |
| Organisation | Engineering and Physical Sciences Research Council (EPSRC) |
| Sector | Public |
| Country | United Kingdom |
| Start | 10/2016 |
| End | 09/2019 |
| Title | Tamarin models of different 5G protocols |
| Description | These are used to formally verify the security of 5G protocols in different trust models. You can now find these here https://bit.ly/3w4qgQt |
| Type Of Material | Computer model/algorithm |
| Year Produced | 2021 |
| Provided To Others? | No |
| Impact | It will become available to the wider public soon. |
| URL | https://fmsec.github.io/5gtechsec.github.io/ |
| Title | Tamarin models of the privacy of IoT LoRa protocols |
| Description | These models are used to formally verify the privacy of LoRa protocols |
| Type Of Material | Computer model/algorithm |
| Year Produced | 2021 |
| Provided To Others? | No |
| Impact | These are discussed at the LoRa Alliance Technical Committe and Security Working Group meetings and will/may impact future specifications |
| URL | https://bit.ly/3w5MNN0 |
| Title | Tamarin models of the security of IoT LoRa protocols |
| Description | These models have been used for the formal analysis of security and privacy of LoRa protocols. |
| Type Of Material | Computer model/algorithm |
| Year Produced | 2020 |
| Provided To Others? | Yes |
| Impact | These models have lead to improvement in the LoRa specifications. |
| URL | http://people.itcarlson.com/ioana |
| Description | Collaboration with Clearswift Ltd |
| Organisation | Clearswift Ltd |
| Country | United Kingdom |
| Sector | Private |
| PI Contribution | The University of Surrey's Dr Shujun Li initialised the conversation with Clearswift Ltd in 2014 which led to an Innovate UK KTP application. The KTP application was successful in 2016 and the project officially started in 2017. Dr Shujun Li provided a potential technology to solve a problem facing Clearswift and other DLP (data loss prevention) vendors. Dr Shujun Li and Dr Ben Shenoy of University of Surrey play the roles of academic supervisors in the KTP project. The University of Surrey is in charge of managing HR matters around a KTP associate, and provided needed training. |
| Collaborator Contribution | Clearswift Ltd provided the problem for the KTP project to attack, participated in the project proposal writing, provided match funding per KTP rules, and is hosting the KTP associate to work full-time at its main office in Theale, Reading. |
| Impact | The project was terminated earlier in 2018 after the key academic Shujun Li left the University of Surrey to join the University of Kent. A major outcome of the collaboration is that the Associate of the project developed himself into the next stage of his career and joined a Chinese university as an Associate Professor. |
| Start Year | 2014 |
| Description | Collaboration with Crossword Cybersecurity plc |
| Organisation | Crossword Cybersecurity |
| Country | United Kingdom |
| Sector | Private |
| PI Contribution | The University of Surrey resercher Dr Shujun Li initialised collaboration with Crossword Cybersecurity plc on tech transfer of two new inventions from his research project. |
| Collaborator Contribution | Crossword Cybersecurity plc has been a partner of an ongoing project on Pass8 (PassInfinity) and will be the partner of another forthcoming project. They provided and will provide in-kind support for both project. The figure reported above is for the forthcoming project only. |
| Impact | The collaboration allowed a commercialisation idea being exploited, but did not materialise. It is currently being developed further before a new commercialisation effort will be re-started. |
| Start Year | 2014 |
| Description | Collaboration with Data61, CISRO, Australia |
| Organisation | Commonwealth Scientific and Industrial Research Organisation |
| Country | Australia |
| Sector | Public |
| PI Contribution | This was continuation of our previous collaboration with NICTA, Australia after its merger into CISRO's Data61 department. CISRO supported this project proposal as an unfunded partner and participated in all WPs. |
| Collaborator Contribution | Two researchers and some interns from CISRO have contributed to this project by conrtributing to all WPs, attending meetings to discuss research plan and to provide data on a new user authentication system for timing attack analysis. A joint user study on eye-tracking for the user authentication system CISRO developed is being designed and to be conducted. |
| Impact | The collaboration ended in 2018 when the project COMMANDO-HUMANS ended. A number of joint research publications were produced. |
| Start Year | 2016 |
| Description | Collaboration with NCC Group on PassInfinity |
| Organisation | NCC Group |
| Country | United Kingdom |
| Sector | Private |
| PI Contribution | We developed a new user authentication system called PassInfinity since late 2016 and got an EPSRC IAA grant to develop a prototype and conduct a usability and security test. |
| Collaborator Contribution | The company has been providing in-kind support on software development and will provide paid services on security evaluation. |
| Impact | The work led to an initial security testing report of the PassInfinity prototype. |
| Start Year | 2017 |
| Description | Collaboration with Singapore Management University |
| Organisation | Singapore Management University (SMU) |
| Country | Singapore |
| Sector | Academic/University |
| PI Contribution | The project allowed researchers at the University of Surrey to collaborate with five researchers at the Singapore Management University. The work proposed in the project is split between the two research teams and both sides helped each other. |
| Collaborator Contribution | The Singapore Management University is in charged of WP3 and contributed to WP2. They contributed to management of the project as well. |
| Impact | The collaboration ended in 2018 when the project COMMANDO-HUMANS ended. A joint publication on timing attack against PIN entries was prodcued. A joint software CogTool+ was co-developed. |
| Start Year | 2016 |
| Description | Collaboration with University of Split, Croatia |
| Organisation | University of Split |
| Country | Croatia |
| Sector | Academic/University |
| PI Contribution | This is a continuation of collaboration between Dr Shujun Li and two researchers of the University of Split since 2010. The collaboration was broadened to cover all memebrs of of the COMMANDO-HUMANS project. |
| Collaborator Contribution | Two researchrs from the University of Split contributed to all WPs and attended all quarterly meetings of the COMMANDO-HUMANS project. They have been working with other partners espcially CISRO in an enhanced timing attack. |
| Impact | This collaboration ended after the project COMMANDO-HUMANS ended. During the collaboration phase, a number of joint research publications were produced. |
| Start Year | 2011 |
| Description | Consortium for COMMANDO-HUMANS project |
| Organisation | Commonwealth Scientific and Industrial Research Organisation |
| Country | Australia |
| Sector | Public |
| PI Contribution | Surrey University team will (co-)lead several work packages of the joint project COMMANDO-HUMANS, and be the consortium coordinator. The team will also host two annual project meetings one in 2016 and the other in 2018. |
| Collaborator Contribution | Singapore Management University team will (co-)lead several work packages, and coordinating research activities from Singapore side. The team will also host an annual project meeting in 2017. |
| Impact | The collaboration led to a joint research project COMMANDO-HUMANS funded by EPSRC and Singapore's NRF jointly. The project ended in 2018, with a number of research outcomes produced (see their separate researchfish entries). |
| Start Year | 2015 |
| Description | Consortium for COMMANDO-HUMANS project |
| Organisation | School of Information Systems (SIS) |
| Country | Singapore |
| Sector | Academic/University |
| PI Contribution | Surrey University team will (co-)lead several work packages of the joint project COMMANDO-HUMANS, and be the consortium coordinator. The team will also host two annual project meetings one in 2016 and the other in 2018. |
| Collaborator Contribution | Singapore Management University team will (co-)lead several work packages, and coordinating research activities from Singapore side. The team will also host an annual project meeting in 2017. |
| Impact | The collaboration led to a joint research project COMMANDO-HUMANS funded by EPSRC and Singapore's NRF jointly. The project ended in 2018, with a number of research outcomes produced (see their separate researchfish entries). |
| Start Year | 2015 |
| Description | Consortium for project ACCEPT |
| Organisation | Neighbourhood and Home Watch Network |
| Country | United Kingdom |
| Sector | Charity/Non Profit |
| PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
| Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
| Impact | The project ended in 12/2020. The collaboration allowed a new major research area for the PI Shujun Li, which led to more other projects. The collaboration is multi-disciplinary, and involved computer science, crime science and criminology, psychology, engineering, and business. |
| Start Year | 2016 |
| Description | Consortium for project ACCEPT |
| Organisation | Transport Research Laboratory Ltd (TRL) |
| Country | United Kingdom |
| Sector | Private |
| PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
| Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
| Impact | The project ended in 12/2020. The collaboration allowed a new major research area for the PI Shujun Li, which led to more other projects. The collaboration is multi-disciplinary, and involved computer science, crime science and criminology, psychology, engineering, and business. |
| Start Year | 2016 |
| Description | Consortium for project ACCEPT |
| Organisation | University College London |
| Department | Genetics Institute |
| Country | United Kingdom |
| Sector | Academic/University |
| PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
| Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
| Impact | The project ended in 12/2020. The collaboration allowed a new major research area for the PI Shujun Li, which led to more other projects. The collaboration is multi-disciplinary, and involved computer science, crime science and criminology, psychology, engineering, and business. |
| Start Year | 2016 |
| Description | Consortium for project ACCEPT |
| Organisation | University of Warwick |
| Department | WMG |
| Country | United Kingdom |
| Sector | Academic/University |
| PI Contribution | The University of Surrey led the formation of the consortium and won a research bid for EPSRC's Human Dimensions of Cyber Security call, which led to the project ACCEPT to start in April 2017. |
| Collaborator Contribution | Other partners helped form the consortium by bringing their expertise into the project proposal. |
| Impact | The project ended in 12/2020. The collaboration allowed a new major research area for the PI Shujun Li, which led to more other projects. The collaboration is multi-disciplinary, and involved computer science, crime science and criminology, psychology, engineering, and business. |
| Start Year | 2016 |
| Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
| Organisation | Association of Train Operating Companies |
| Country | United Kingdom |
| Sector | Learned Society |
| PI Contribution | Surrey has brought together the consortium and is leading this project |
| Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
| Impact | Not yet applicable |
| Start Year | 2015 |
| Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
| Organisation | Loughborough University |
| Country | United Kingdom |
| Sector | Academic/University |
| PI Contribution | Surrey has brought together the consortium and is leading this project |
| Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
| Impact | Not yet applicable |
| Start Year | 2015 |
| Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
| Organisation | Royal Holloway, University of London |
| Country | United Kingdom |
| Sector | Academic/University |
| PI Contribution | Surrey has brought together the consortium and is leading this project |
| Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
| Impact | Not yet applicable |
| Start Year | 2015 |
| Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
| Organisation | Tees, Esk and Wear Valleys NHS Foundation Trust |
| Department | Roseberry Park Hospital |
| Country | United Kingdom |
| Sector | Hospitals |
| PI Contribution | Surrey has brought together the consortium and is leading this project |
| Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
| Impact | Not yet applicable |
| Start Year | 2015 |
| Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
| Organisation | Thales Group |
| Department | Thales Research & Technology (Uk) Ltd |
| Country | United Kingdom |
| Sector | Private |
| PI Contribution | Surrey has brought together the consortium and is leading this project |
| Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
| Impact | Not yet applicable |
| Start Year | 2015 |
| Description | Consortium for project: Improving customer experience while ensuring data privacy for intelligent mobility |
| Organisation | University of Southampton |
| Country | United Kingdom |
| Sector | Academic/University |
| PI Contribution | Surrey has brought together the consortium and is leading this project |
| Collaborator Contribution | The consortium assembled for this project brings together the three academic disciplines required to solve this challenge: computer science, to develop the framework and technical solutions (University of Surrey and Royal Holloway, University of London); human factors, to develop the use cases, evaluate passenger perceptions and ensure usable solutions (Loughborough University) and transport systems to bring understanding of the data streams to be integrated (University of Southampton). To ensure the solutions are co-created with the industry and have a direct pathway to impact, ATOC and RSSB have a key role as stakeholders and on the project's External Advisory board, and ThalesUK bring expertise on rail technology. |
| Impact | Not yet applicable |
| Start Year | 2015 |
| Description | Partnership with Thales |
| Organisation | Thales Group |
| Department | Thales UK Limited |
| Country | United Kingdom |
| Sector | Private |
| PI Contribution | We are having meetings to align our research to a need they have and have a use-case linked to what they do. |
| Collaborator Contribution | We are having meetings to align our research to a need they have and have a use-case linked to what they do. |
| Impact | No outputs to disclose yet. I would need to double-check with Thales |
| Start Year | 2019 |
| Description | Partnership with the LoRaAlliance |
| Organisation | LoRa Alliance |
| Country | United States |
| Sector | Charity/Non Profit |
| PI Contribution | We work part of the LoRa Alliance Technical committee (TC) and Security Working Group (SWG) on the privacy and security of LoRa devices |
| Collaborator Contribution | They discuss with us our findings in regular TC and SWG meetings and these findings are taken into account in their specs. |
| Impact | one of the work-in-progress input in here (the one where the lead authors is Budykho K.) + the EuroS&P 2020 paper mentioned in the award has already been input into this collaboration |
| Start Year | 2020 |
| Description | Visiting position in Univ Clermont-Auvergne |
| Organisation | University of Clermont Auvergne |
| Country | France |
| Sector | Academic/University |
| PI Contribution | The PI is a visiting academic there working on aspects related to the project. |
| Collaborator Contribution | PI applied for this position and got it and we are working on these project together as well |
| Impact | none yet, but to follow |
| Start Year | 2020 |
| Title | HIDING INFORMATION IN A DIGITAL ENVIRONMENT |
| Description | Information is hidden in a digital environment by translating the information into one or more activities according to an encoding scheme in which the manner in which the one or more activities are performed conveys information to an intended recipient. The encoded information is then sent by controlling one or more entities to perform the encoded one or more activities. In some embodiments, a marker can be included to signal a start point of the concealed information. The recipient can continuously monitor the activities performed by one or more entities known to be controlled by the sender, to detect the marker that signals the start of hidden information. |
| IP Reference | WO2016075459 |
| Protection | Patent application published |
| Year Protection Granted | 2016 |
| Licensed | No |
| Impact | It is being commercialised by a tech transfer company Crossword Cybersecurity plc. Commercial impact has not been produced yet. |
| Title | Improved Authentication |
| Description | This is a patent applicaiton filed by the University of Surrey to protect Pass8 (PassInfinity), a new user authentication technology developed in the context of the COMMANDO-HUMANS project as a byproduct. It was filed in January 2017 and is currently evaluated by UK IPO. It was also the result of the broader work funded by the EPSRC funded ACE-CSR at the University of Surrey. |
| IP Reference | GB1700649.5 |
| Protection | Patent application published |
| Year Protection Granted | 2017 |
| Licensed | No |
| Impact | Not yet. |
| Title | CogTool+ |
| Description | It is an extended tool based on CogTool (https://github.com/cogtool) supporting meta-modelling and automated simulation of a large number of models of the same meta-model. It is still being developed and the first beta version is expected to be released in summer 2017. |
| Type Of Technology | Software |
| Year Produced | 2019 |
| Open Source License? | Yes |
| Impact | The development of the tool started from the beginning of the project and the first complete prototype was done in 2018. It has not been released publicly because we are waiting for a related paper to be published. |
| Description | 5G Security architecture overview and its support for services such as Internet of Vehicles and multicasting/broadcasting, seminar to IET ESSEX branch |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | Here is the talk abstract: Security and privacy provisioning have evolved considerably in mobile networks from GSM to 5G. However, 5G aims to provide connectivity for challenging applications such as ultra-reliable low latency (uRLLC) , one example here is the Internet of Vehicles (IoV) application, also the enhanced mobile broadband (eMBB): Defined as an extension to existing 4G broadband services, one example is live streaming (multicasting and broadcasting). The talk presented the current security practices in all the protocols stack layer. The 4G and 5G security architecture were presented and show an approach to better support the uRLLC and eMBB services. The security feature for IoV and live streaming also presented in more details to highlight the links with 4G/5G security. Finally the talk finished with final thoughts and looking into the future (6G) such as using Machine Learning to automate security and physical layer security |
| Year(s) Of Engagement Activity | 2021 |
| URL | https://communities.theiet.org/communities/events/item/253/10/26941 |
| Description | A number of invited talk on "Observer-Resistant Password Systems: How hard to make them both usable and secure?" in Singapore |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Postgraduate students |
| Results and Impact | 3 invited talks at different research institutions in Singapore. |
| Year(s) Of Engagement Activity | 2017 |
| Description | A tutorial on "Human Factors in Cyber Security: User authentication as a use case" |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Postgraduate students |
| Results and Impact | An invited 3-hour tutorial as an invited guest speaker at the 2017 Summer School on "Human Factor in Systems Safety and Security", organized by the Department of Computing and Informatics, Bournemouth University, UK and sponsored by the IEEE Systems, Man and Cybernetics (SMC) Society. |
| Year(s) Of Engagement Activity | 2017 |
| URL | https://www.eventbrite.co.uk/e/human-factors-in-systems-safety-and-security-tickets-33332437217 |
| Description | Academic Visit to India |
| Form Of Engagement Activity | Participation in an open day or visit at my research institution |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Other audiences |
| Results and Impact | As part of the work in Deliverable 1, the PI made a visit to India to collaborate with Prof. Ramanujam from IMSc Chennai. This was not paid under AutoPaSS, but aligned to it. They are now working on a paper together. |
| Year(s) Of Engagement Activity | 2019 |
| Description | An interview with Sussex Police's Cyber Crime Unit |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Professional Practitioners |
| Results and Impact | An interview with two police officers working at Cyber Crime Unit of Sussex Police, for getting input about use cases of cyber crime. |
| Year(s) Of Engagement Activity | 2017 |
| Description | An invited talk on "Human/User-Centric Security" |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Policymakers/politicians |
| Results and Impact | Invited talk at Digital: Definition Unknown, the Fast Stream Conference 2017, organised by UK Government's Civil Service Fast Stream. |
| Year(s) Of Engagement Activity | 2017 |
| Description | Annual taks the annual conferece of UK-RISE |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Public/other audiences |
| Results and Impact | "TimeTrust: Robust Timing via Hardware Roots of Trust and Non-standard Hardware with Application to EMV Contactless Payments", talk at the 3rd Annual Conference of RISE (Research Institute in Hardware Security and Embedded Systems), online Nov. 2020 "TimeTrust: Robust Timing via Hardware Roots of Trust and Non-standard Hardware with Application to EMV Contactless Payments", talk at the 2nd Annual Conference of RISE (Research Institute in Hardware Security and Embedded Systems), London, UK, Nov. 2019 |
| Year(s) Of Engagement Activity | 2019,2020 |
| URL | http://ukrise.org |
| Description | Article in New Statesman |
| Form Of Engagement Activity | A magazine, newsletter or online publication |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Public/other audiences |
| Results and Impact | An article on verifiable voting in the New Statesman Spotlight supplement special issue on Cyber Security. |
| Year(s) Of Engagement Activity | 2019 |
| URL | https://www.eventbrite.co.uk/e/the-volt-project-voting-on-ledger-technologies-tickets-60521857505 |
| Description | Became an active part of WG8 of the ISO now |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Industry/Business |
| Results and Impact | We are standardising under ISO 14443 an outcome from a paper. |
| Year(s) Of Engagement Activity | 2022,2023 |
| URL | https://practical_emv.gitlab.io/ |
| Description | Bi-weekly mtgs with the LoRa Alliance Technical Committee or Security Working group |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Industry/Business |
| Results and Impact | PI active member of the LoRa Alliance technical committee and security working group, on matters linked to the project |
| Year(s) Of Engagement Activity | 2020,2021 |
| Description | Blockchain and Distributed Ledger Technologies event |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Industry/Business |
| Results and Impact | Event designed for the industrial network of SCCS, on Blockchain and Distributed Ledger Technologies. Four talks, as follows:The olive and the anarchist Phil Godsiff, Centre for Digital Economy, University of Surrey Do we have consensus? - Applying 'smart' contracts to govern intangible assets, Paul Galwas, Digital Catapult Digital identity is broken. Is DLT the answer? Steve Pannifer, Consult Hyperion Blockchain technology. Gery Ducatel, BT |
| Year(s) Of Engagement Activity | 2017 |
| Description | Cyber Crime and Fraud Awareness seminar |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | A seminar organised by Surrey Centre for Cyber Security jointly with Lloyds Bank, aimed at their client base and also aimed at the SCCS network of business and indistry |
| Year(s) Of Engagement Activity | 2017 |
| Description | Cyber Security in Space workshop |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | 10:30 - 10:45 Welcome remarks by Mark Manulis, SCCS and Chris Bridges, SSC 10:45 - 11:20 Toby Harris, UK Space Agency: "UK Space and Cyber Security'' 11:20 - 11:55 Ian Poyner, SSTL: "Threats throughout the life-cycle" 12:20 - 12:55 Andy Davis, NCC Group: "The cyber attack surface of the Space industry" 12:55 - 13:30 Francis Kinsella, Airbus: "Protecting and Defending Sovereign Space Assets" 14:30 - 15:05 Mark Bowyer, Airbus: "Securing Future NanoSats at Physical Layer" 15:05 - 15:40 Tomer Ashur, KU Leuven: "Broadcast Authentication for Europe's Global Navigation Satellite System" 15:40 - 16:00 Panel discussion: "Directions for Research in Space Cyber Security" |
| Year(s) Of Engagement Activity | 2019 |
| Description | CyberUK presentation |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | Technical Presentation on Distributed Ledger Technologies at CyberUK 2016 |
| Year(s) Of Engagement Activity | 2016 |
| URL | https://registration.livegroup.co.uk/cesg_cip16/ |
| Description | Distributed Ledger Technologies - SCCS industry engagement and networking event |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Industry/Business |
| Results and Impact | This event was organised by the Surrey Centre for Cyber Security on January 24th, 2019 with a high-level overview given by Dr Mark Manulis. The event focused on distributed ledger technologies and their applications. It featured four invited talks, including the talk on research ativites at the University of Surrey in the area of DLTs and Blockchain. The TAPESTRY project was introduced as part of this talk by Prof. John Collomosse. |
| Year(s) Of Engagement Activity | 2019 |
| URL | https://www.eventbrite.co.uk/e/blockchain-and-distributed-ledger-technology-industry-networking-even... |
| Description | HHMC 2017 (Workshop on Hybrid Human-Machine Computing) |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Professional Practitioners |
| Results and Impact | A workshop co-sponsored by the COMMANDO-HUMANS project and chaired by the project's PI. It covers two related work from the COMMANDO-HUMANS project. |
| Year(s) Of Engagement Activity | 2017 |
| URL | http://hhmc2017.commando-humans.net/ |
| Description | Hosting "breakfast briefing" with Institute of Directors on "The Cyber Security Landscape" |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Industry/Business |
| Results and Impact | 60 members of the Institute of Directors and SCCS academics attended a series of three talks in a Breakfast Briefing hosted at the University of Surrey in conjunction with the Surrey Institute of Directors. The talks were given by Robert May, Chair and Cyber Security Champion for the Surrey IoD; Henry Pearson for NCSC; and Steve Schneider, Director of the Surrey Centre for Cyber Security. Following the talks there was a lively question and answer session with the three speakers, and the feedback after the event and requests for inclusion on the SCCS mailing list indicted an increased interest and awareness of cyber security matters among directors. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Human/User-Centric Security |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | It was an invited talk given at the Fast Stream Conference 2017 (Digital: Definition Unknown), organised by UK Government's Civil Service Fast Stream. The audience was mainly members of the UK Government's Civil Service Fast Stream. The talk was also advertised to general public through LinkedIn and Slideshare.net. |
| Year(s) Of Engagement Activity | 2017 |
| URL | http://www.slideshare.net/hooklee/humanusercentric-security |
| Description | Invited talk on "Pass8 (PassInfinity): A new 'all in one' multi-factor user authentication framework" |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | An invited talk at a quarterly meeting of HESCA (Higher Education Smart Campus Association) in June 2017. |
| Year(s) Of Engagement Activity | 2017 |
| Description | Keynote speech "Observer-Resistant Password Systems: How hard to make them both usable and secure?" |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Local |
| Primary Audience | Postgraduate students |
| Results and Impact | Invited talk at the 2nd Annual Bath PGR Conference on Computer Science (BCCS 2017), University of Bath, UK |
| Year(s) Of Engagement Activity | 2017 |
| URL | http://people.bath.ac.uk/drs32/Conference/conference.htm |
| Description | New Formal Methods for Security Netwrok |
| Form Of Engagement Activity | A formal working group, expert panel or dialogue |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Other audiences |
| Results and Impact | PI set up a network in the UK and abroad on formal methods for security and she is running it. We meet monthly and discuss reasearch and ideas on this topic. We = academia + industry + researchers/enthousiasts of all sorts. |
| Year(s) Of Engagement Activity | 2021 |
| Description | Observer-Resistant Password Systems: How hard to make them both usable and secure? |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Local |
| Primary Audience | Undergraduate students |
| Results and Impact | This was a talk given to a mixed audience of students, researchers and industry, as part of a half-day workshop on Human Factors in Cyber Security, Surrey Centre for Cyber Security and Department of Computer Science, University of Surrey, UK. It was also publicised through a blog article to the general public. |
| Year(s) Of Engagement Activity | 2016 |
| URL | http://blogs.surrey.ac.uk/sccs/2016/03/31/from-shoulder-surfers-and-keyloggers-to-mitm-and-malware-c... |
| Description | PRACTICE 2017 (Workshop on PRactical Applications of CogniTIve Computing in Emerging topics 2017) |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Professional Practitioners |
| Results and Impact | A workshop organised at the IEEE CYBCONF 2017 (3rd IEEE International Conference on Cybernetics), co-sponsored by the COMMANDO-HUMANS project. |
| Year(s) Of Engagement Activity | 2017 |
| URL | http://practice2017.commando-humans.net/ |
| Description | Panel discussion at TEISS 2017 |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Industry/Business |
| Results and Impact | Participated as panellist in the discussion on the topic of "Segregating third party access in the cloud" with the "Identity & Acess Management" stream of The European Information Security Summit (TEISS) 2017. |
| Year(s) Of Engagement Activity | 2017 |
| URL | https://biztechevents.co.uk/teiss/cth_speaker_cat/speaker-2017/page/2/ |
| Description | Participation in Panel on Cybercrime at Surrey and West Sussex Federation of Small Businesses Annual Meeting |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Industry/Business |
| Results and Impact | Participation in Panel on Cybercrime at Surrey and West Sussex Federation of Small Businesses Annual Meeting, at which there was a discussion about online risks to small businesses and how they can address them. The aim was to raise awareness of the risks to their businesses and to encourage them to take action to mitigate them. There was a lot of interest generated, and the session ran over time due to the volume of questions from the audience. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Pass8 (PassInfinity) |
| Form Of Engagement Activity | A broadcast e.g. TV/radio/film/podcast (other than news/press) |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Media (as a channel to the public) |
| Results and Impact | This was an interview broadcast via BBC World Service's Tech Tent programme. Dr Shujun Li was interviewed for his new technology Pass8 (PassInfinity). This interview was triggered by a press release of the University of Surrey and itself generated further media reports on the techonology. |
| Year(s) Of Engagement Activity | 2017 |
| URL | http://mms.tveyes.com/Transcript.asp?StationID=7195&DateTime=2%2F17%2F2017+3%3A24%3A02+PM&Term=Unive... |
| Description | Presentation at Future of Distributed Ledger Technology workshop, Newton Institute Cambridge |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Other audiences |
| Results and Impact | Discussions around the future of distributed ledger technologies including policy and practice |
| Year(s) Of Engagement Activity | 2019 |
| URL | https://gateway.newton.ac.uk/event/tgmw71 |
| Description | Presentation at RRUKA 2016 conference |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | Presentation entitled "Integrating data sources to enhance the experience for passengers with special needs and/or disabilities through privacy aware mobile applications" presented by Steve Wesemeyer, University of Surrey and Tracy Ross Loughborough University. Disseminating the results of a feasibility study funded by the Rail Industry. |
| Year(s) Of Engagement Activity | 2016 |
| URL | http://www.rruka.org.uk/wp-content/uploads/2016/05/RRUKA-AC-2016-Draft-Programme-WEBSITE-v2.pdf |
| Description | Presentation on Secure Electronic Voting to the UK PhD Winter School on Cyber Security, Newcastle |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Postgraduate students |
| Results and Impact | Training and education for PhD students in Cyber Security |
| Year(s) Of Engagement Activity | 2020 |
| URL | https://sites.google.com/view/phd-cyber-winterschool2020/home?authuser=0 |
| Description | Presentation on the VOLT project to the DLT Community of Interest |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | Presented on the VOLT project at the DLT Community of Interest event in Whitehall to an audience of approx 100 DLT enthusiasts and practitioners. The talk generated a substantial number of questions. |
| Year(s) Of Engagement Activity | 2018 |
| Description | Reputation and Privacy in Gig Economy |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | Presented research results on privacy-preserving reputation management scheme to participants of NCSC Annual Conference. |
| Year(s) Of Engagement Activity | 2019 |
| Description | SPCPS 2017 (Workshop on Security and Privacy in Cyber-Physical Systems 2017) |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Professional Practitioners |
| Results and Impact | A workshop organised at IEEE CYBCONF 2017 (3rd IEEE International Conference on Cybernetics) |
| Year(s) Of Engagement Activity | 2017 |
| Description | Seminar at University of Swansea |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Local |
| Primary Audience | Postgraduate students |
| Results and Impact | Presentation describing our research outputs on a Secure Electronic Voting Systems and the formal verification of the Web Bulletin Board (DLT) |
| Year(s) Of Engagement Activity | 2016 |
| Description | Strategic Advisory Board Meeting |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Local |
| Primary Audience | Other audiences |
| Results and Impact | This was the first mtg with industrial and academic advisors for AutoPaSS. PhD students of the PI, not funded by this, also took part. |
| Year(s) Of Engagement Activity | 2019 |
| Description | Talk about Verifiable voting and DLT at the Government Digital Service Academy, May 2019 |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Professional Practitioners |
| Results and Impact | Approximately 30 staff from the Government Digital Service attended a talk I was invited to give as part of their Academy termcard. The talk generated questions around verifiable voting and around DLT from a well-informed and engaged audience. |
| Year(s) Of Engagement Activity | 2019 |
| URL | https://www.eventbrite.co.uk/e/the-volt-project-voting-on-ledger-technologies-tickets-60521857505 |
| Description | Talk at the FM-SEC -- formal methods in security network |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Professional Practitioners |
| Results and Impact | I gave two talks in 2021 at the fm-sec network, which I also run |
| Year(s) Of Engagement Activity | 2021 |
| URL | https://fmsec.github.io/fmsec |
| Description | Talk at the UK-SPS international seminar series |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Other audiences |
| Results and Impact | title "Practical and Formal Analysis Security of Contactless Mobile Payments" |
| Year(s) Of Engagement Activity | 2021 |
| URL | https://www.youtube.com/watch?v=3wzkd07A5ZU |
| Description | Talk to GCHQ Blockchains workshop |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | This was a workshop on blockchains organised bu GCHQ and with a mix of academic, business, and government participants. Steve Schneider gave a talk on distributed ledger technologies from the voting perspective |
| Year(s) Of Engagement Activity | 2016 |
| Description | Thames VAlley Cyber Cluster event on GDPR |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Industry/Business |
| Results and Impact | This was the first Thames Valley Cyber Security Cluster meeting to be held at the University of Surrey. The key theme was the various changes in regulation relating to data privacy / protection, particularly GDPR, that will affect businesses across the UK. In addition, we will have an update from the police on the latest cyber crime trends. The event is primarily for those involved in the cyber security sector, although others are welcome to apply to attend. |
| Year(s) Of Engagement Activity | 2017 |
| Description | Thames Valley Cyber Security Cluster Meeting |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Industry/Business |
| Results and Impact | A series of talks on the General Data Protection Regulations and issues around it, hosted by the University of Surrey and organised in conjunction with the Thames Valley Cyber Security Cluster. |
| Year(s) Of Engagement Activity | 2017 |
| URL | http://www.surrey.ac.uk/sccs/news/events/2017/gdpr_the_winds_of_regulatory_change.htm |
| Description | press release on apple-pay and visa mobile-payment attacks |
| Form Of Engagement Activity | A press release, press conference or response to a media enquiry/interview |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Media (as a channel to the public) |
| Results and Impact | The work I lead on the GCHQ-funded TimeTrust project, under EPSRC-GCHQ research institute called UK-RISE (ukrise.org) lead to a serious cyber attack being uncover on ApplePay and Visa payment systens. this made the front pages of the BBC, and of most world-wide media outlets; see, e.g., here: https://www.bbc.co.uk/news/technology-58719891 |
| Year(s) Of Engagement Activity | 2021 |
| URL | https://www.bbc.co.uk/news/technology-58719891 |