DiScriBe: Digital Security by Design Social Science Hub+

Lead Research Organisation: University of Bath
Department Name: School of Management

Abstract

Technological advances have done, and will do, much to improve cybersecurity. But, a technological approach is only part of the solution - achieving digital security is inherently a socio-technical endeavour. By combining world-leading research with challenge fellows from across the social sciences, expert working groups, innovative approaches to networking and agile, industry-facing commissioning, the DiScriBe Hub+ will not only address the challenges faced by the ISCF Digital Security by Design (DSbD) initiative, but will fundamentally reshape the ways in which social sciences and STEM disciplines work together to address the challenges of digital security by design in the 21st Century.

The core missions of the DiScriBe Hub+ are to provide interdisciplinary leadership to realise digital security by design by connecting social science to a hardware layer that rarely receives support or engagement from social science. This social science input will help to unleash the transformational potential that the hardware innovations within Digital Security by Design makes possible. The Hub+ has five main ways of doing this: 1) Running a series of deep engagements with DSbD stakeholders using techniques from the arts and humanities in order to elicit a shared view of 'Digital Security by Design Futures' 2) Conducting an innovative programme of interdisciplinary research to improve our understanding of the barriers and incentives around adoption of new secure architectures, business readiness levels and adoption, regulatory opportunities and challenges, and ways these are experienced and understood across diverse sectors; 3) Commissioning a range of agile, responsive, industry-facing projects and 'connecting capabilities' grants to address specific DSbD challenges; 4) Establishing a network of 'challenge fellows' tasked with synthesising research outcomes (core and commissioned), connecting insights to the wider Digital Security by Design initiative, and ensuring impact, alongside expert working groups comprising industry and researchers to tackle specific problems in a sharp, focussed way; and, 5) Building a community of social scientists, hardware engineers, software developers, industry and policy makers who are deeply engaged in applying a socio-technical lens to digital security by design.

DiScriBe is unique in its focus on the benefits of connecting security architecture innovation with leading social science - and will provide a step change in how cybersecurity is treated as an inter-disciplinary, social as well as technical, problem. Many of the lessons on cross disciplinary working will be tested and embedded through close working with the Bristol Digital Futures Institute - a £70m investment in how our ways of working will need to change in the digital future. We have expert challenge fellows who are leading social scientists applying their work to cybersecurity for the first time. These fellows will also lead working groups on specific topics connecting industry, policy and academia, which in turn will lead to a range of open calls for commissioned industry-facing research. This research will be both theoretically rigorous within social science, while also remaining responsive and agile enough to meet the needs of the wider DSbD programme. As a consequence, a major outcome of DiScriBE will not only be a vibrant, new community, but novel insights that can be applied to the development and implementation of new security-related developments.

Publications

10 25 50

publication icon
Coles-Kemp, L (2022) Designing Through The Stack: The Case for a Participatory Digital Security By Design in Association for Computing Machinery

publication icon
Fernandez De Arroyabe J (2023) Cybersecurity Resilience in SMEs. A Machine Learning Approach in Journal of Computer Information Systems

publication icon
Genevieve Liveley (2022) AI Futures Literacy in IEEE Technology and Society Magazine

publication icon
Lam W (2023) Regulating Data Privacy and Cybersecurity in The Journal of Industrial Economics

publication icon
Prof Genevieve Lively (2022) Futures Report

publication icon
Prof Juan Carlos Fernandez De Arroyabe (2023) Cybersecurity Resilience in SMEs. A Machine Learning Approach in Journal of Computer Information Systems

publication icon
Prof. Vladlena Benson (2021) Regulation, Policy & Cybersecurity

 
Description Early results (the project is ongoing) have found that a technical solution to our digital security is necessary - but not sufficient - to ensure that it is widely adopted. At the same time, much of our work has found a high degree of scepticism that market forces will encourage companies to adopt more secure technologies - especially if it is more expensive than current solutions. As such, it is looking likely that regulation or compliance with standards will be needed to drive adoption at scale. At the same time, a number of benefits and opportunities of adoption have been identified - including the ability to harness the advantages from new technologies safely, and the possibility of using increased security as a way to differentiate in a crowded marketplace.
Exploitation Route Once completed, the results of the project will be helpful for others who are looking at ways to encourage the widespread adoption of more secure technologies (or indeed any product where the return on investment is difficult to quantify). We have a number of methods for exploring decision making in organisations (including games), as well as approaches (such as game theoretic) that will help future researchers. We have also explored future scenarios / worlds (such as the impact of future technologies on healthcare and creative industries, and the role of security).
Sectors Creative Economy

Digital/Communication/Information Technologies (including Software)

Healthcare

Government

Democracy and Justice

Manufacturing

including Industrial Biotechology

Security and Diplomacy

URL https://www.discribehub.org/research-resources-and-reports
 
Description Adam Joinson is a member of the Digital Security by Design Advisory Group
Geographic Reach National 
Policy Influence Type Membership of a guideline committee
 
Description UK Parliament Committee - Cyber resilience of the UK's critical national infrastructure - Oral evidence
Geographic Reach National 
Policy Influence Type Participation in a guidance/advisory committee
URL https://committees.parliament.uk/writtenevidence/126490/pdf/
 
Description Discribe Commissioned Funding - Aston & Nottingham Universities 
Organisation Aston University
Country United Kingdom 
Sector Academic/University 
PI Contribution Organisation: Aston University Grant Holder: Professor Vladlena Benson Grant Title: Analysis of the regulatory landscape within the UK digital security sector Starts: 01 February 2021 Ends: 31 July 2021 Duration: 6 Months This grant has been funded under the ESRC Digital Security by Design Social Science Hub+ ("Discribe") commissioning scheme for scoping reviews. The ESRC Discribe Hub+ is offering a grant towards the cost of the above project. One of the Discribe Hub+ Executive Team was allocated to support this project and met monthly with them to receive feedback on research and offer guidance going forward.
Collaborator Contribution Delivering specific Commissioned research papers to work towards Discribe Work Packages: Focus Carry out research on the regulatory landscape within the UK digital sector, which is focused on the design and use of hardware security as part of digital products and services. Goals: Outline the regulatory frameworks for the development and adoption of hardware security in the UK and discuss related regulatory challenges and opportunities (around equality, expectations, investments) as well as barriers and enablers of their adoption in both the inter-organisational (e.g. supply-chain) and intra-organisational contexts. Review academic research on regulatory frameworks related to hardware security within the UK and internationally. Examine whether there are different regulatory frameworks and approaches in different organisations taking account of different sectors (e.g. public vs private), size (e.g. large vs SME) and extent of digitalisation (e.g. born digital vs pre-digital). Conduct three key stakeholders workshops exploring how the Digital Security by Design might impact digital security's regulatory landscape.
Impact Project Final Report - published September 2021
Start Year 2021
 
Description Discribe Commissioned Funding - Birkbeck & Sheffield Universities (2022 - 2023) 
Organisation Birkbeck, University of London
Country United Kingdom 
Sector Academic/University 
PI Contribution Discribe Hub+ is offering a grant towards the cost of the project "The Elicitation of Cybersecurity Narratives: Bricoleur Story Completion, Decision Making and Security Design"
Collaborator Contribution The overall aim of the research study will be to understand the process of security technology adoption within one of the UK's largest commercial and retail banks. The study will be guided by the following research questions: a. What are the perceived benefits and risks of adopting new security technologies? b. What are the organizational conditions and consequences of adopting new security technologies? c. What cognitive decision making processes are utilised and shared by individuals involved in adoption discussions, policy or process ? d. What regulatory, governance, and other incentives are required/ in place to facilitate or negate the adoption process? e. How do decision-makers and users make sense of the security adoption process? What models of the process, its components, and relationships are implicit in these stories?
Impact Proposed outcomes i) Rapid evidence review. A rapid evidence review of themes relevant to the adoption of security hardware technologies including decision-making, institutionalization, and interaction (August 2022). ii) Thematic analysis. A thematic/narrative analysis of interviews conducted with a range of relevant stakeholders on the topic of security technology adoption e.g. cybersecurity specialists, technology risk managers, governance and compliance officers, IT architects and developers, and customers, using the story completion method (questionnaire and interviews) (January 2023). We will submit one academic peer reviewed article to a high-quality journal in business & management/information systems. iii) Critical Decision Method Analysis. A knowledge representation, e.g. of decision requirements, relevant to the adoption of new secure hardware technologies (April 2023). We will submit one academic peer reviewed article in a high-quality journal in applied psychology. iv) Case study. A user case of issues pertinent to the adoption of new secure hardware technologies e.g. initiation, decision-making, implementation and institutionalisation inc. incentives, interaction modification and use.
Start Year 2022
 
Description Discribe Commissioned Funding - Bristol University (2022 - 2023) 
Organisation University of Bristol
Country United Kingdom 
Sector Academic/University 
PI Contribution Discribe Hub+ is offering a grant towards the cost of the project " USING DSBD IN PRACTICE: IS IT A PIECE OF CHERI-CAKE?"
Collaborator Contribution To assess the usability of the CHERI-toolchain we will conduct a study with 5-10 developers. Each will be given a simple C application, with tests and will be asked to port it to CHERI BSD and harden it, using the CHERI capability model. We will record the compilation errors as they develop, alongside a narration of their development process.
Impact • Preliminary report documenting the outcomes of the study. This will be written up later for publication in a conference or journal, and which could be presented at an all hands event to connect researchers around usability work, and validate initial findings. • Open access dataset documenting our analysis and the programming issues developers faced when porting an application to CHERI BSD.
Start Year 2022
 
Description Discribe Commissioned Funding - Coventry & TU Delft Universities 
Organisation Coventry University
Country United Kingdom 
Sector Academic/University 
PI Contribution Organisation: University of Coventry Grant Holder: Professor Siraj Shaikh Grant Title: Economic and Consumer Chain Analysis of Secure Hardware Adoption Starts: 01 February 2021 Ends: 31 July 2021 Duration: 6 Months This grant has been funded under the ESRC Digital Security by Design Social Science Hub+ ("Discribe") commissioning scheme for scoping reviews. The ESRC Discribe Hub+ is offering a grant towards the cost of the above project. One of the Discribe Hub+ Executive Team was allocated to support this project and met monthly with them to receive feedback on research and offer guidance going forward.
Collaborator Contribution Focus: The economics and consumer-chain practices of secure hardware adoption. Goals: Understand the benefits of secure hardware adoption, and how such benefits are measured and perceived. Identify the costs of security failures arising out of the lack of such practices. Assess what value gains are expected from software add-ons and developer platforms on top of enhanced security at hardware. Identify what practices offset such value through various stages of the use case lifecycle.
Impact Commissioned Final Report - published in Dec 2021
Start Year 2021
 
Description Discribe Commissioned Funding - Essex & Warwick Universities (2022 - 2023) 
Organisation University of Essex
Department University of Essex EssexLab
Country United Kingdom 
Sector Academic/University 
PI Contribution Discribe Hub+ is offering a grant towards the cost of the project "The impact of cyber security on the adoption of new digital technologies in UK's SMEs"
Collaborator Contribution This project will investigate the impact of cyber security on the decision-making process behind the adoption of new digital technologies in UK small and medium enterprises (SMEs), contributing to the topic area of "Economics and Decision Making in Security" of the Discribe Hub+ commissioning call. This project will focus on understanding (1) the impact of previous cyber security incidents on SMEs' decision to invest in new digital technologies, and (2) the impact of SMEs' current cyber security practices on the readiness to invest in new digital technologies.
Impact The project is expected to lead to several outputs. First, they will create a policy guide targeted at policymakers outlining our main results and recommendations in plain language that will be published in the form of an online monograph. The second output will consist of a good-practice guide for the adoption of digital technologies in SMEs, targeted at managers and institutions. Third, the analysis and results will be published in two peer-reviewed articles, with the target journals being Computer & Security, Journal of Information Privacy and Security, or the Journal of Information Security and Applications. Finally, this project will generate an original dataset from a survey instrument, which after the completion of the project, will be deposited in the UK Data Archive at the University of Essex.
Start Year 2022
 
Description Discribe Commissioned Funding - Leicester & UEA Universities 
Organisation University of Leicester
Country United Kingdom 
Sector Academic/University 
PI Contribution Organisation: University of Leicester Grant Holder: Dr. Jacob Seifert Grant Title: Regulatory Interactions and the Design of Optimal Cybersecurity Policies Starts: 01 February 2021 Ends: 31 July 2021 Duration: 6 Months This grant has been funded under the ESRC Digital Security by Design Social Science Hub+ ("Discribe") commissioning scheme for scoping reviews. The ESRC Discribe Hub+ is offering a grant towards the cost of the above project. One of the Discribe Hub+ Executive Team was allocated to support this project and met monthly with them to receive feedback on research and offer guidance going forward.
Collaborator Contribution Focus The design of policy measures incentivising cybersecurity investment and the economic interactions underlying the joint regulation of cybersecurity, data privacy and competition. Goals Describe the current UK regulatory landscape affecting cybersecurity Understand the economic interactions with data privacy and competition that affect the design of cybersecurity policies, with input from industry stakeholders Explore the need for regulatory co-ordination between data privacy and cybersecurity, and between competition and cybersecurity
Impact Commissioned Final Report - published September 2021
Start Year 2021
 
Description Discribe Commissioned Funding - Leicester & UEA Universities (2022 - 2023) 
Organisation University of Leicester
Country United Kingdom 
Sector Academic/University 
PI Contribution Discribe Hub+ is offering a grant towards the cost of the project "Secure Hardware Adoption in the Open Data Context"
Collaborator Contribution This proposal focuses on Topic Area 1 - Economics and Decision Making in Security. Our proposed research will investigate the factors that influence firms' decisions to adopt new technologies and, specifically, hardware that is 'digitally secure by design'. We will study this question in the context of markets that are subject to Open Data (OD) initiatives, which make consumer data more accessible to third-party providers (TPPs) and easier for data subjects to transfer or port between service providers. These markets are relevant for our study of hardware adoption decisions because OD schemes present new security challenges: the innovative framework of hardware infrastructure that underpins OD must be designed to withstand evolving cyber-threats targeting some of the most valuable personal data in existence, such as bank transaction and energy consumption data. The interactions between hardware and software security adoption decisions that arise in the OD context are, moreover, fundamental to the wider Digital Security by Design (DSbD) challenge.
Impact 1) An Initial Project Plan: setting out a detailed timeline of research activities and deadlines throughout the project. 2) Two Briefing Notes: these will be delivered in late August 2022 and December 2022 and will present a summary of the results from their ongoing research in a format that is suitable to be shared with social scientists, computer scientists and the wider DSbD community. 3) A Final Report: this will provide a detailed overview of the outcomes emerging from their review of the existing UK data governance framework, their theoretical modelling work, their connections with industry, as well as policy recommendations.
Start Year 2022
 
Description Discribe Commissioned Funding - Newcastle and Northumbria Universities (2022 - 2023) 
Organisation Newcastle University
Country United Kingdom 
Sector Academic/University 
PI Contribution Discribe Hub+ is offering a grant towards the cost of the project, "'Digital Sovereignty by Design'- Exploring the Impact of European Union's Digital Sovereignty approach on the UK's digital technology landscape"
Collaborator Contribution The 'Digital Sovereignty by Design' project will 1) engage with current law and policy approaches to cybersecurity in the United Kingdom and in the European Union, 2) identify how the EU's current shift towards a digital sovereignty approach may negatively impact upon UK private-sector technology providers, in particular microprocessors, and 3) consider ways in which these negative impacts may be mitigated. Thus, this 12-month long project (Sept. 2022-August 2023) addresses how interaction and competition between stakeholders influence the establishment of regulatory regimes over new technological innovations, or categories of technology, related to digital security and data privacy.
Impact - R1: Mapping of the UK and EU's regulatory frameworks and policy initiatives relevant to cybersecurity in the chosen case-study technology sector; - R2: Analysis of the legal framework for the UK-EU cybersecurity relationship (Trade and Cooperation Agreement, Part 4, Title II) and its policy developments; - R3: Analysis of the EU's rhetoric on digital sovereignty, its proposed priorities, and how it is shaping EU public and private cybersecurity practices; - R4: Identification of points of convergence and divergence in UK and EU cybersecurity frameworks and initiatives; - R5: Raising awareness of the impacts of EU digital sovereignty for the UK's cybersecurity landscape - R6: Recommendations for policy and industry reforms that can help to preserve and enhance cooperation and collaboration between the UK and EU public and private sectors, both in terms of ensuring mutual cybersecurity and cross-border transfers and sales of technology products.
Start Year 2022
 
Description Discribe Commissioned Funding - Nottingham & QMUL Universities (2022 - 2023) 
Organisation University of Nottingham
Country United Kingdom 
Sector Academic/University 
PI Contribution Discribe Hub+ is offering a grant towards the cost of the project "Assessing Organisational DSbD Awareness and Readiness"
Collaborator Contribution - Establishing a measure of organisational 'DSbD readiness'. This includes the ability to assess the practical (e.g. is current staff capable of implementing it), philosophical (e.g. business culture inertia) and pragmatic (e.g. cost/benefit) barriers that may exist, so that an organisation can ensure that it is positioned to adopt DSbD at the technology level. - A means for organisations to recognise and assess where DSbD is relevant to them, and the extent to which it would be cost-effective (e.g. in comparison to existing approaches and set alongside potential breach costs). Addressing these issues requires related consultation with organisational stakeholders, in order to inform the design and implementation of an approach that enables them to assess DSbD awareness and readiness in their own environments
Impact The key contributions of the project in terms of knowledge and innovation will be: • Insights into the awareness, understanding and perception of DSbD amongst relevant potential adopters and beneficiaries. In particular, the work will seek to identify key factors and linkages that potentially make the difference between organisations/environments that are DSbD-ready and those that are not. In broad terms, this will provide insights around the level of 'security awareness' an organisation needs in order to embrace DSbD. • The design, implementation and initial evaluation of a prototype Self-Assessment Tool that enables organisations to assess their own DSbD readiness. The value here will be in offering them an insight into their own position, including the level of related alignment between different parties, and ultimately helping to address the questions of whether the related investment is needed and will work. It is envisaged that the tool will be a tangible output that is already useful in its own right, but which also provides a likely foundation for further work.
Start Year 2022
 
Description Partners for original Discribe Hub+ - Airbus 
Organisation Airbus Group
Department Airbus Defence and Space UK
Country United Kingdom 
Sector Private 
PI Contribution Co-created the original proposal for the Discribe Hub+
Collaborator Contribution Co-created the original proposal for the Discribe Hub+, as well as contributing to project workshops and offering a member to the Advisory Board
Impact Too early in the project to have made a contribution, this will be listed as the project progress
Start Year 2020
 
Description Partners for original Discribe Hub+ - HSBC 
Organisation HSBC Bank plc
Country United Kingdom 
Sector Public 
PI Contribution Co-created the original proposal for the Discribe Hub+
Collaborator Contribution Co-created the original proposal for the Discribe Hub+, as well as contributing to project workshops and offering a member to the Advisory Board
Impact Too early in the project to have made a contribution, this will be listed as the project progress
Start Year 2020
 
Description Partners for original Discribe Hub+ - Microsoft 
Organisation Microsoft Research
Country Global 
Sector Private 
PI Contribution Co-created the original proposal for the Discribe Hub+
Collaborator Contribution Co-created the original proposal for the Discribe Hub+, as well as contributing to project workshops and offering a member to the Advisory Board
Impact Too early in the project to have made a contribution, this will be listed as the project progress
Start Year 2020
 
Description Partners for original Discribe Hub+ - RSA 
Organisation RSA Secuirty LLC
Country United States 
Sector Private 
PI Contribution Co-created the original proposal for the Discribe Hub+
Collaborator Contribution Co-created the original proposal for the Discribe Hub+, as well as contributing to project workshops and offering a member to the Advisory Board
Impact Too early in the project to have made a contribution, this will be listed as the project progress
Start Year 2020
 
Description SPRITE Network Plus 
Organisation Manchester University
Country United States 
Sector Academic/University 
PI Contribution Ongoing engagement with the EPSRC Sprite + network as a fellow (Joinson), joint events (town hall, expert fellows meetings)
Collaborator Contribution Access to their community, organising events.
Impact none yet
Start Year 2020
 
Description British Academy of Management Conference - presenting a paper 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Presented at the British Academy of Management (September 2023, University of Sussex, UK) - "The Effect of IT Security Issues on the Implementation of Industry 4.0 in SMEs: Barriers or Challenges?"
Year(s) Of Engagement Activity 2023
 
Description Case study presentation of Digital Responsibility and DSbD 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact Presented the results of a Discribe case study and discussed what this meant for digital responsibility.
Year(s) Of Engagement Activity 2023
 
Description Cyber Tuesday - TechSpark event 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach Local
Primary Audience Industry/Business
Results and Impact Discribe hosted a regular Cyber Tuesday networking session for TechSpark, which brings together those working in the Cyber sector within Bath and Bristol together once a month. This sessions was dedicated to introducing the work being carried out by Discribe, as well as the work being carried out by the wider DSbD community, to attendees, followed by a networking session
Year(s) Of Engagement Activity 2022
 
Description DCMS & DiScriBe Hub - introduction call 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact DCMS & DiScriBe Hub - introduction call, to introduce the project to DCMS and begin communications with them
Year(s) Of Engagement Activity 2021
 
Description DSbD All Hands event - Oct 2022 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Industry/Business
Results and Impact To bring together all those working on the DSbD initiative, to introduce new partners, hear updates from current studies, and hold workshops to further research.
Year(s) Of Engagement Activity 2022
 
Description DSbD All Hands networking event 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Study participants or study members
Results and Impact DSbD All Hands event - bringing together all projects working towards the DSbD initiative for updates and workshops
Year(s) Of Engagement Activity 2021
 
Description DSbD All Hands networking meeting 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact DSbD All Hands networking meeting - to introduce all projects working towards the DSbD initiative to one another, and update on their research and future work
Year(s) Of Engagement Activity 2021
 
Description DSbD Discribe Hub+ Futures Work - SOIF Workshop 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact Building on the pilot Punchdrunk/StoryFutures workshop we ran last month to help us unpack the future(s) of Digital Security by Design, follow-up workshop with the School of International Futures (SOIF)
Year(s) Of Engagement Activity 2021
 
Description DSbD Hub+ Introduction to ESRC 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact DSbD Hub+ Introduction to ESRC contact
Year(s) Of Engagement Activity 2020
 
Description DSbD Monthly Comms meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Study participants or study members
Results and Impact A chance for those involved in sharing Comms from the DSbD project to meet and discuss upcoming launches
Year(s) Of Engagement Activity 2021
 
Description DSbD Roadshow @ Bletchley 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Study participants or study members
Results and Impact The roadshow will journey across England, Scotland, Wales, and Ireland and will feature talks from multiple speakers highlighting the developments in computing across the decades, the state of computing in the present day, and how we can move towards a safer, more secure future.
Year(s) Of Engagement Activity 2021
 
Description DiScriBe & Digital Catapult - initial discussion 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact DiScriBe & Digital Catapult initial discussion to introduce the project
Year(s) Of Engagement Activity 2020
 
Description Digital Responsibility and Technology 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Engaged with policy makers and researchers at a RISCS annual showcase event on the lessons learned about digital responsibility from Discribe WP3. It raised digital responsibility as an area of discussion with DSIT and with NCSC.
Year(s) Of Engagement Activity 2023
 
Description Discribe Hub & StSG Introduction 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Discribe Hub & StSG Introduction - introduced StSg to the Discribe Hub and looked at synergy between the two.
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ & ARM - monthly meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Monthly DiScriBe Hub+ & ARM meeting - discussed updates on the project as well as updates from ARM
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ & ISCF MMS - Introductory call 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Introduction to ISCF MMS to learn more about their network and begin regular communications between Discribr Hub+ and them.
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ & IoT Horizon - introduction call 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Introduce Discribe Hub+ to IoT Horizon and begin regular communications
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ & UKRI - monthly meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Monthly meeting to update Discribe Hub+ & UKRI on each others activities
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ & UKRI - monthly meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Monthly DiScriBe Hub+ & UKRI meeting - discussed updates on the project as well as updates from the UKRI
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ - Researcher Day 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Study participants or study members
Results and Impact A day to allow the Discribe Hub+ Researchers to meet in person, discuss their current work and future plans - to see where they can support each other.
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ Advisory Board meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Study participants or study members
Results and Impact First Advisory Board for the Discribe Hub + - allowing the WP's to feed in their current work and future aims, to gather advice and comments from the Advisory Board.
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ Challenge Fellows meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Introduce the Challenge Fellows to one another, and discuss their ideas and work towards the project
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ Executive Team meeting with UKRI Leadership team 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Monthly DiScriBe Hub+ Executive Team & UKRI Leadership Team meeting - discussed updates on the project as well as updates from the UKRI
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ Executive Team meeting with UKRI Leadership team 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Monthly DiScriBe Hub+ Executive Team & UKRI Leadership Team meeting - discussed updates on the project as well as updates from the UKRI
Year(s) Of Engagement Activity 2021
 
Description Discribe Hub+ and ESRC spending catch up 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Discribe Hub+ and ESRC spending catch up - Discribe informing the ESRC of the spending for the project
Year(s) Of Engagement Activity 2020
 
Description Discribe Hub+ monthly meeting with UKRI 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Monthly meeting to update the UKRI on our progress
Year(s) Of Engagement Activity 2021
 
Description Discribe introduction call & EPSRC 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Industry/Business
Results and Impact Discribe introduction call with EPSRC - to discuss ways in which we can collaborate to include EPSRC DSbD research projects
Year(s) Of Engagement Activity 2021
 
Description ESRC & Discribe Hub+ finances & invoicing meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact ESRC & Discribe Hub+ finances & invoicing meeting, to discuss payments of invoices and other project finances
Year(s) Of Engagement Activity 2020
 
Description Futures Work Engagement Activities September 2020-March 2021 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact DSbD Futures Interviews
20 key national and international ISCF DSbD stakeholders with particular expertise and unique insights into this challenge were identified by the project team and invited to take part in an interview, resulting in 11 x one-to-one and small group semi-structured online interviews (lasting 60-90 minutes). We asked participants to share their particular insights into the future possibilities offered by the adoption of new secure technologies (specifically CHERI and Morello boards) and the challenges likely to be faced in an uncertain future. The aim of this activity was to connect with those with expert knowledge of the technology (both the hardware architectures and software) to help generate new insights into the sociotechnical possibilities and challenges likely to be involved in the adoption of DSbD. The conversations were not recorded but a set of anonymized notes were transcribed, shared with interviewees, and illustrated by an animator - producing a data-set consisting of written and visual research notes capturing the key points of interviews and group discussions.

As a result of these engagements/ interviews, the most significant outcome/impact is the understanding that the DSbD community is fragmented in terms of what it sees as the value proposition of the DSbD programme, its scope and feasibility, and how to communicate this.

Overview of stakeholder interviews held to date (anonymized) September 2020-March 2021:

1. Complexity (or, How to drawn an owl)
2. Evolution
3. Selling Stories
4. Transformations
5. Dry-Stone Walling
6. Boxing Gloves
7. Buckets
8. Technical Specs
9. Containers
10. Wildlife Park
11. Use Cases
Year(s) Of Engagement Activity 2020,2021
 
Description Hub overview to EPSRC Round 1 projects 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Hub overview to EPSRC Round 1 projects
DSbD Futures Interviews
20 key national and international ISCF DSbD stakeholders with particular expertise and unique insights into this challenge were identified by the project team and invited to take part in an interview, resulting in 11 x one-to-one and small group semi-structured online interviews (lasting 60-90 minutes). We asked participants to share their particular insights into the future possibilities offered by the adoption of new secure technologies (specifically CHERI and Morello boards) and the challenges likely to be faced in an uncertain future. The aim of this activity was to connect with those with expert knowledge of the technology (both the hardware architectures and software) to help generate new insights into the sociotechnical possibilities and challenges likely to be involved in the adoption of DSbD. The conversations were not recorded but a set of anonymized notes were transcribed, shared with interviewees, and illustrated by an animator - producing a data-set consisting of written and visual research notes capturing the key points of interviews and group discussions.

As a result of these engagements/ interviews, the most significant outcome/impact is the understanding that the DSbD community is fragmented in terms of what it sees as the value proposition of the DSbD programme, its scope and feasibility, and how to communicate this.

Overview of stakeholder interviews held to date (anonymized) September 2020-March 2021:

1. Complexity (or, How to drawn an owl)
2. Evolution
3. Selling Stories
4. Transformations
5. Dry-Stone Walling
6. Boxing Gloves
7. Buckets
8. Technical Specs
9. Containers
10. Wildlife Park
11. Use Cases
Year(s) Of Engagement Activity 2020
 
Description ISCF DSbD Advisory Group 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Director Adam Joinson presented the current update from the Discribe Hub+ and their future work to the DSbD Advisory Group
Year(s) Of Engagement Activity 2021
 
Description Innovate UK & Discribe Hub - catch up call 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Innovate UK & Discribe Hub - catch up call, to introduce new Hub Managers and receive updates on progress from both Discribe and Innovate UK
Year(s) Of Engagement Activity 2021
 
Description Monthly DiScriBe Hub+ & UKRI meeting 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Monthly DiScriBe Hub+ & UKRI meeting - discussed updates on the project as well as updates from the UKRI
Year(s) Of Engagement Activity 2021
 
Description Panel discussion - The Times and The Sunday Times Cheltenham Literature Festival 2023 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Public/other audiences
Results and Impact Dr Oishee Kundu was a speaker in a panel discussion on technology futures, along with Prof Genevieve Lively and Kelechi Okafor, chaired by Anne-Marie Imafidon MBE.
Year(s) Of Engagement Activity 2023
 
Description Presentation - Security Adoption Decision making: Digital Security by Design, Story Stem Insights. 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Presentation on Security Adoption Decision making: Digital Security by Design, Story Stem Insights at the 2024 Qualitative Methods Symposium.
Year(s) Of Engagement Activity 2024
URL https://www.bath.ac.uk/events/qualitative-research-symposium-2024/
 
Description Presentation - Security Technology Adoption Decision Making: A Critical Decision Method inquiry. 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact Presentation on Security Technology Adoption Decision Making: A Critical Decision Method inquiry at the The 17th International Naturalistic Decision Making (NDM ) Conference
Year(s) Of Engagement Activity 2024
URL https://naturalisticdecisionmaking.org/new-events/conference-2024/
 
Description Presentation to Digital Catapult 10.03.22 - GL & IS 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Study participants or study members
Results and Impact Presentation of Futures Work to Digital Catapult to find synergies and potential connections
Year(s) Of Engagement Activity 2021
 
Description Presented paper at International Conference on Industry Science and Computer Sciences Innovation 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact Presented at International Conference on Industry Science and Computer Sciences Innovation (October 2023, Lisbon, Portugal) - "Digitalization and Cybersecurity in SMEs: A Bibliometric Analysis"
Year(s) Of Engagement Activity 2023
 
Description Q&A at ESRC Festival of Social Science 2023 Reddit AMA series 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Public/other audiences
Results and Impact Dr Oishee Kundu answered questions from the general public as part of Reddit Ask Me Anaything (AMA) series from her position as a technology researcher at University of Bath which lead to 164 engagements and over 167,000 views.
Year(s) Of Engagement Activity 2023
 
Description RISCV/CHERI/DSbD - update meeting 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Study participants or study members
Results and Impact Presentation on RISCV/CHERI/DSbD to give further insight into the Discribe Hub+'s work towards the wider project
Year(s) Of Engagement Activity 2021
 
Description Regular meetings with Eskenzi Agency on DSbD Market Positioning - GL 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Study participants or study members
Results and Impact A number of meetings with the UKRI's new marketing team (Eskenzi) to discuss the DSbD Market positioning and how this can be improved
Year(s) Of Engagement Activity 2021
 
Description SEMI Europe working group 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact Adam Joinson took part in the SEMI Europe working group on behalf of Discribe & DSbD
Year(s) Of Engagement Activity 2024
 
Description SPRITE+ Town Hall 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact Town Hall to introduce the second Commissioned funding call for the Discribe Hub+ - introduced the call to potential applicants
Year(s) Of Engagement Activity 2021
 
Description Secret Life of Data book launch and awards ceremony 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Industry/Business
Results and Impact Futures work within Discribe hosted a short story competition on the 'Secret Life of Data' - and this event was the launch of the book. It included extracts from the 10 finalists who made the publication, as well as the awarding for first, second and third place in the competition.
Year(s) Of Engagement Activity 2022
 
Description UK Government office for Science 'Science and Society" talks 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact UK Government office for Science 'Science and Society" talks - Prof Adam Joinson spoke to UK Gov scientists and civil servants on this subject
Year(s) Of Engagement Activity 2024
 
Description UKRI research announcement 
Form Of Engagement Activity A press release, press conference or response to a media enquiry/interview
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Policymakers/politicians
Results and Impact Discribe Hub+/ UKRI research announcement
Year(s) Of Engagement Activity 2020
 
Description Why Johnny doesn't write secure software, Seminar, TOBB University, Ankara, Turkey, 04 February 2022 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact Seminar to focus is on understanding:
- what typical classes of security vulnerabilities arise from Johnny's mistakes;
- why these mistakes occur; and
- how we may mitigate these issues and promote secure behaviours.
Year(s) Of Engagement Activity 2021
 
Description Why Johnny doesn't write secure software, Seminar, University of Cambridge, UK. 07 December 2021 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact Seminar to focus is on understanding:
- what typical classes of security vulnerabilities arise from Johnny's mistakes;
- why these mistakes occur; and
- how we may mitigate these issues and promote secure behaviours.
Year(s) Of Engagement Activity 2021