Security and Reliability

As cyberphysical systems become mainstream, they become attractive targets for criminals and unfriendly nation states a) to attack the system itself, or b) to use the system to attack other assets. Access controls need to be specified and enforced throughout, trust needs to be established between system actors and untrustworthy actors removed as participants, data must be protected and used only according to the consent of its owner, and the overall system should be subject to assurance checks and its risks should be carefully managed. These steps would help the continuing adoption of network business models, from network operator to wearable fitness tracker.

Key areas of expertise:

• Scalable access control in the IoT is a critical requirement for dependable cyberphysical systems. Access control ensures that actions performed by authenticated entities are limited to those permitted by policies. Every action request should be checked – this is problematic near the network edge so sub-optimal procedures are often followed but it is not necessary.

• Trust management in vehicular networks is a difficult challenge, since there is no central authority and vehicles can easily mask their behaviour. Trust needs to be aggregated across all interactions with other vehicles and updated over time. Good models are needed to identify potentially malicious behaviour, and to evict malicious vehicles quickly from vehicular networks.

• Privacy and Data Governance is an essential part of the data economy, as data captured from users is processed and reused, possibly by other entities. Consent needs to be managed and usage controls applied at all stages in the data journey. Standards, user interfaces, blockchain-enabled contracts and policy infrastructure need to be developed.

• Software Risk Assessment is an essential first step for compliance. In both enterprise and cyberphysical networks, attackers target software providing the first line of defence, before exploiting vulnerabilities in software stacks and how they are configured. Risk assessment identifies attack vectors, classifies and prioritises them as a prelude to risk mitigation.