With the emergence of the internet of things and ultra-high speed mobile and wireless connectivity on the horizon, future communication systems need to incorporate novel protection mechanisms to ensure security, reliability, and adequate fault tolerance.
We collaborate closely with Surrey's 5G Innovation Centre to build secure communication systems in sectors such as connected vehicles and digital healthcare.
Improving security in the internet of things era
The internet of things has widespread implications in terms of privacy, ethics, trust, reliability, acceptability and security.
Our University is collaborating with eight other leading UK universities to explore these critical issues in the £9.8m PETRAS IoT Research Hub, funded by EPSRC and partner contributions.
In one of the hub’s projects, Lightweight Security and Privacy for Geographic Personal Data and Location Based Services (GEOSEC), conducted in partnership with Ordnance Survey we are looking at the security and privacy weaknesses within location based information delivery services and designing a new lightweight solution with low networking overheads.
Another Petras-Hub project, Blockchain Technology for IoT in Intelligent Transportation Systems (B-IoT), focuses on intelligent transport systems security key and privacy management using permissioned blockchain technology.
SAFRON (Safe Operational Radio Network for mixed-priority communications to trains using a shared architecture)
The SAFRON project aims to create a prototype to demonstrate how wireless networks (WIFI, LTE and 5G) can be used to train the trackside communications for mixed applications including those which are safety related and mission critical.
We are collaborating with Surrey’s 5G Innovation Centre to oversee the security analysis and design of the communication between the train systems and the rail route control centre, using secure tunnelling techniques.
SPEAR (Secure and PrivatE smArt gRid)
Bringing together a consortium of six European universities, two European research centres and eight industry partners, the SPEAR project is focused on the protection of smart grid infrastructures from cyber attacks.
Major electricity companies including Public Power Corporation (Greece’s main electricity provider) and Schneider Electric France SAS, are providing their infrastructure for the assessment of the tools being developed by us and the SPEAR consortium.
Real-time monitoring and big data analytics will be used to pick up any unusual activity, with the overall aim of improving the resilience of smart grid and increasing trust in electricity providers. We will also be developing the SPEAR blockchain to maintain intrusion detection logs facilitating timely attack prevention.
- Budget: €2,965,600
- Funding: EU H2020 – Secure Societies Challenge
- Centre lead: Dr Manos Panaousis
- Co-investigators: Professor Steve Schneider, Dr Kaitai Liang
- Timeframe: 2018-2021.
Over the last decade, cyber-attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted which may leverage zero-day exploits and highly creative interdisciplinary attack methods. As our society is becoming increasingly dependent on Critical INfrastructures (CIN), new technologies are needed to increase our detection and response capabilities.
Detecting and responding to such attacks by a highly motivated, skilled and well-funded attacker has however been proven highly challenging. One of the most vulnerable and high-impact CIN is the Smart Grid. Smart Grid is considered as the next-generation power system, which promises self-healing, resilience, sustainability and efficiency to the energy CIN.
However, securing smart grids against cyber-attacks is of vital importance for national security and public safety, since the collapse of an energy production utility may cause human lives, millions of euros, denial of a very important and common good such as energy and days or even months of recovering. To this end, the SPEAR proposal aims at:
- Detecting and responding to cyber-attacks using new technologies and capabilities
- Detecting threat and anomalies timely
- Developing all-in-one security detection solutions
- Leveraging advanced forensics subject to privacy-preserving
- Confronting Advanced Persistent Threat (APT) and targeted attacks in smart grids
- Increasing the resilience of the smart grid innovation
- Alleviating the lack of trust in smart grid operators
- Empowering EU-wide consensus.
Within SPEAR, four proof-of-concept use cases are planned in order to validate and assess the implemented security and privacy tools.
SECONDO: a Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 netwOrking era
SECONDO addresses the question “How can decisions about cyber security investments and cyber insurance pricing be optimised?” SECONDO will support professionals who seek cyber security investments, developed to support human decision making, and a complete well-founded security strategy. This is a timely research problem, as the rapid growth of cyber-attacks is expected to continue its upwards trajectory. Such growth presents a prominent threat to normal business operations and the EU society itself. On the other hand, an interesting, well-known, finding is that an organisation's computer systems may be less secure than a competitor's, despite having spent more money in securing them.
- Budget: €1,600,800
- Funding body: H2020
- Centre lead: Dr Manos Panaousis
- Co-investigators: Dr Kaitai Liang
- Timeframe: January 2019 - January 2023.
Budget setting, cyber security investment choices and cyber insurance, in the face of uncertainties, are highly challenging tasks with massive business implications. SECONDO aims to make impact on the operation of EU businesses who often: (i) have a limited cyber security budget; and (ii) ignore the importance of cyber insurance.
Cyber insurance can play a critical role to the mitigation of cyber risk. This can be done by imposing a cost on firms' cyber risk through a premium that they have to pay and the potential for paying a smaller premium should they reduce their current cyber security risk. SECONDO has a cross- disciplinary nature, combining mathematical and engineering insights to empower innovative software.
Apart from the novel research results, the project will offer a software platform to narrow the gap between theoretical understanding and practice. To achieve this, the four industrial project partners will i) lead the part of the project where industrial needs will be entered as input to the requirements collection phase, and, ii) provide their innovative software for risk assessment. The three academic partners will work together to i) design and thoroughly describe the proposed methodologies, but also ii) contribute to their software development.