Security and privacy in intelligent transport systems
The project aims to increase the safety and efficiency of transporting people and goods by utilizing advances in ICT.
Funding will provide an annual tax-free stipend of approximately £16,000 and coverage of the home/EU tuition fees.
Intelligent Mobility aims to increase the safety and efficiency of transporting people and goods by utilizing advances in ICT. It encompasses research and development in connected and autonomous vehicles, end-to-end journeys, enhanced passenger information and travel planning and Mobility-as-a-Service. The estimated global market value is estimated to grow to £900 billion by 2025, as the sector proceeds to develop transport systems to be increasingly user-focused, integrated, efficient and sustainable.
As we develop ever more complex and integrated transport systems that must keep us safe on our journeys, we must ensure that are computer systems and digital infrastructure are trusted to remain secure even in the presence of threat agents wishing to cause harm. Key to realizing the benefits of intelligent transport systems is the standardization of communication and security protocols between ICT components. Whether considering communication between ECUs within a single vehicle, communications from Vehicle to vehicle (V2V), or between vehicles and infrastructure (V2I), countless standards exist to enable integration and interoperability between disparate components.
Formal verification, using a rigorous mathematical approach to confirm that a system satisfies specific requirements, is used to provide strong evidence of the correctness of safety and security critical systems. Security protocols, specified sequences of interactions between communicating processes to achieve certain security related goals, have been a particularly fruitful application area for formal verification; many security flaws and vulnerabilities have been identified using formal methods. While such protocols may be simple to specify, requiring only two or three interactions between initiator and responder, the complexity of the behaviour arising in systems comprising of numerous initiators and responders, that may or may not faithfully follow the protocol, has meant that flaws arising from spurious interactions are easily overlooked where a systematic approach to verification has not been employed.
In this project, the student will, in collaboration with supervisors and a growing team of researchers, investigate formally the correctness, security and privacy of novel communication protocols proposed for the interaction between various system components within intelligent transport systems. The project aims to identify weaknesses as the result of ambiguous, incomplete or inconsistent specifications and propose improvements to ensure the protocols satisfy their specified requirements. This will involve understanding and formalising the security properties of such protocols, understanding and formalizing the behaviour of the protocol participants as specified in academic and industry standards, construction of appropriate threat models and the application of tools and techniques to conduct the subsequent formal verification.
Additional fees required for international applicants who are not UK/EU nationals are not covered by this studentship, but may be obtained via top-up funding by applying for ORS studentships which are competitive.
- Bachelor degree in computer science or similar discipline (UK equivalent of 2:1 classification or above)
- An active interest in security and privacy and/or verification techniques (e.g., formal methods/analysis)
- Some Programming experience (any language)
- An understanding of the foundations of computer science
- A demonstrated ability to think independently
- Strong verbal and written communication skills, both in plain English, and scientific language for publication in relevant journals and presentation at conferences.
- Master’s degree in a STEM discipline (UK equivalent of Merit classification or above)
- Experience in formal verification (model checking, theorem proving or SMT solving)
- Experience working with industry standards and protocol specifications
- An understanding of cryptography and/or information security
- Strong interpersonal skills with experience working in a collaborative research environment
How to apply
Formal applications can be made through our PhD Computer Science course page.
The process requires the submission of:
- Your CV (preferably no longer than 2 pages)
- Copies of degree certificates and transcripts from all universitylevel courses taken/
- References - please provide names of 2 referees, ideally uploading 2 references at the time of application also.
In addition to the above, as part of your application, the candidate is also required to upload the following document: a cover letter, explaining your interests, computer-science and research experience (including examples of previous project work).