SURREY CENTRE FOR CYBER SECURITY
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
SURREY CENTRE FOR CYBER SECURITY
We collaborate closely with industry and government,
as well as other academic institutions, to build security
into emerging and future technologies. We have an
excellent track record of winning competitive bids with
our partners, securing funding from bodies such as
EPSRC (Engineering and Physical Sciences Research
Council), EU Horizon 2020, EIT Digital and Innovate UK.
We also offer joint studentships with EPSRC and
organise placements for our masters and undergraduate
students within relevant industrial companies.
The ubiquity of computer technology has revolutionised Our areas of expertise include trusted systems,
the way we do business, organise our lives and interact formal modelling & verification, distributed systems,
socially, but has brought new and ever growing dangers blockchain & distributed ledger technologies,
in terms of security. communication & networks, social media, and applied
cryptography. Using these technologies, we strive to
Surrey Centre for Cyber Security (SCCS) - an Academic
develop solutions that will enable society and industry
Centre of Excellence in Cyber Security Research -
to benefit from advanced technology in a secure way.
focuses on technical foundations of cyber security
and privacy and their applications, to mitigate the Professor Steve Schneider
threats faces by individuals and organisations. Director of SCCS
Surrey Centre Academic Centre of Excellence in
for Cyber Security Cyber Security Research and Education
Surrey Centre for Cyber Security (SCCS) The University of Surrey is one of only five universities
consolidates research activities in cyber security in the UK to be recognised by the government’s National
across the University of Surrey. Based in the Cyber Security Centre (NCSC) as both an Academic
Department of Computer Science, the Centre Centre of Excellence in Cyber Security Research
collaborates with experts from Electrical and (ACE-CSR) and Academic Centre of Excellence in Cyber
Electronic Engineering, Sociology, Psychology, Security Education (ACE-CSE). SCCS has had ACE-CSR
Business, Law and Economics. status since 2015, while the University was given
ACE-CSE recognition in 2020.
SCCS also provides a platform to explore the
cyber security challenges being presented by
next-generation mobile communications via joint
research with Surrey’s 5G Innovation Centre (5GIC)
– the UK’s largest academic research centre
dedicated to developing next generation mobile
and wireless communications.
02
SU RREY.AC.U K/ SC C S Surrey Centre for Cyber Security
Trusted
Systems
15
Academic
Members
27
Formal Modelling
Blockchain &
& Verification
Distributed Ledger
Technologies
RESEARCH
EXPERTISE Researchers
£8m
Distributed
Communication
Systems
& Networks
Funding
(since 2016)
Social Applied
Media Cryptography
Cross-sector
40
Technologies Transport
Projects
(since 2016)
1 of 5
UK universities
recognised by NCSC
KEY for both research
SECTORS & education
Government Finance
GCHQ
accredited
Masters course in
Information Security
Communications
03
SU RREY.AC.U K/ SC C S Surrey Centre for Cyber Security
TRU ST E D SYST E M S
WE CAN USE HARDWARE TO MAKE SYSTEMS MORE SECURE; HOWEVER ADDING
EXTRA HARDWARE IS COSTLY AND CAN MAKE THE SYSTEM INFLEXIBLE.
SINCE SECURITY IS AN EVOLVING PROBLEM – WHERE ATTACKERS COMPETE
TO FIND FLAWS AND VULNERABILITIES IN DEFENSIVE MECHANISMS –
INFLEXIBILITY CAN BE A REAL ISSUE. IN SCCS WE ARE WORKING TO DESIGN
SECURITY MECHANISMS THAT PROVIDE SOME FLEXIBILITY AND CAN STILL
BE CHEAPLY IMPLEMENTED IN HARDWARE.
FutureTPM
(Future proofing the connected world:
a quantum-resistant trusted platform module)
Under the technical lead of the University of Surrey,
a consortium of 15 academic and industry partners Budget: €5m
from across Europe have succeeded in creating a
Funding: EU H2020
Quantum-Resistant (QR) Trusted Platform Module (TPM)
– a hardware chip which is used as a ‘root of trust’ Centre lead: Professor Liqun Chen
for a computing system. The QR crypto algorithms
selected or developed by the consortium can be used Partners: TECHNIKON, UBITECH, IBM Research,
in a new generation of TPM-based solutions to enable Infineon Technologies, Suite5 Data Intelligence
security when quantum computers become reality. Solutions, INESC-ID, Huawei Technologies, VIVA
These algorithms have been successfully demonstrated Payment Services SA, Royal Holloway, University
in sectors where privacy and security are crucial: online of London, University of Birmingham, Universite
banking, activity tracking in healthcare, and device du Luxembourg, University of Piraeus Research
management. Center, Technical University of Denmark
Collaborating with the Trusted Computing Group (TCG), Timeframe: 2018-2021
the consortium will now work on including the QR crypto
algorithms – once standardised – into the next
generation of TPM. Find out more about FutureTPM.
04
SU RREY.AC.U K/ S C C S Trusted Systems
ASSURED
(Future Proofing of ICT Trust Chains:
Sustainable Operational Assurance
and Verification Remote Guards for
Systems-of-Systems Security and Privacy)
In the ASSURED project, SCCS is working with
13 partners from nine countries to help shape the Funding: EU Horizon 2020
future development of secure and trustworthy
Centre lead: Professor Liqun Chen
Cyber-physical System of Systems (CPSoS) and
services that can greatly benefit the lifecycle Partners: Martel Innovate, Mellanox
of various safety-critical application domains. Technologies, Intrasoft International, Uni
The core objective is to leverage and enhance Systems, Ubitech, Suite5, United Technologies
runtime property-based attestation and verification Research Centre, Space, BIBA, DAEM S.A., DTU,
techniques in order to allow intelligent (unverified) Eindhoven University of Technology, Technische
controllers to perform within a predetermined Universitat Darmstadt, TU Delft
envelope of acceptable behaviour. The solution
developed will be demonstrated in four scenarios: Timeframe: 2020-2023
smart manufacturing, smart cities, smart aerospace
and smart satellite.
Find out more about ASSURED.
SECANT
(Security and privacy protection
in Internet of Things devices)
Funding: EU Horizon 2020
The SECANT project aims to deliver a holistic
Centre lead: Professor Liqun Chen
framework for cyber security risk assessment in order
to enhance the digital security, privacy and personal Partners: European partners from industry
data protection in complex Information and and academia, coordinated by Everis Spain SL
Communication Technology (ICT) infrastructures.
Timeframe: 2021-2024
During the project, a toolkit and platform will be
developed, and demonstrated and validated.
05
SU RREY.AC.U K/ SC C S Trusted Systems
TimeTrust
(Robust timing via hardware roots of trust
and non-standard hardware)
Led by SCCS, the TimeTrust project is using hardware
roots of trust, such as tamper-resistant cryptographic Budget: £300,000
chips, to build cyber systems which are better equipped
Funding: EPSRC & NCSC under UK RISE
against vulnerabilities related to distance and timing
measurements. The main use-case of this project Centre lead: Dr Ioana Boureanu
is that of contactless payments, to counter illicit
payments that can be made from a distance even if Partners: Visa, Mastercard, Consult Hyperion,
touch-and-pay is supposed to disallow it. The project HP Labs, University of Birmingham
is looking both at the formal treatment of security
Timeframe: April 2019 to July 2022
(eg. mathematical proofs) and at practical aspects.
TimeTrust has already achieved significant
breakthroughs, including the world’s first
implementation of Mastercard’s 2016 specification
of contactless payment.
06
SU RREY.AC.U K/ SC C S Trusted Systems
FO RMAL M O D E L L I NG
& VERI FI CAT I O N
SECURITY VERIFICATION – OBTAINING MATHEMATICAL PROOF OF THE
BEHAVIOUR OF SYSTEMS AND PIECES OF HARDWARE – IS EMBEDDED INTO
MANY OF OUR PROJECTS, ENSURING THAT FORMAL GUARANTEES ARE BUILT
INTO EMERGING TECHNOLOGIES. AT SCCS OUR RESEARCHERS ARE EXPERTS IN
‘CORRECTNESS’, ‘LIVENESS’ (ENSURING THAT THE TECHNOLOGY IS ALWAYS
READY TO TAKE THE NEXT STEP) AND VERIFICATION OF SECURITY PROPERTIES
(ENSURING THAT THE SYSTEM IS NOT BEHAVING IN AN INSECURE WAY).
AutoPaSS
(Automatic verification of complex
privacy requirements in unbounded-
size secure systems)
With the advent of 5G and the Internet of Things, This project is complemented by a foundational
today’s secure systems span an arbitrary number research project being undertaken by SCCS in
of executions and raise new privacy concerns. collaboration with the Institute of Mathematical Sciences
We therefore need new verification techniques in Chennai, India, funded by the Royal Society.
that can capture these systems’ unbounded sizes
and ensure their privacy. To deliver the step-
change needed in privacy analysis, the AutoPaSS Budget: £300,000
project will create new algorithms and tools
for privacy verification using AI-inspired Funding: EPSRC
formalisations. These formalisations express
Centre lead: Dr Ioana Boureanu
what we believe and what we know over the
course of a given timeline, and this information Partners: Thales Ltd, Vector
can be used to model privacy (or lack of it) as well
Timeframe: July 2019 to November 2022
as formally verifying its presence or absence
in an IT system.
07
SU RREY.AC.U K/ SC C S Formal Modelling & Verification
Verifiably correct
transactional memory
Multi-core computing architectures have become
ubiquitous over the last decade. To ensure correctness, Budget: £397,680
concurrent programs on multicore systems must be
Funding: EPSRC
properly synchronised, but synchronisation invariably
introduces sequential bottlenecks, causing performance Centre lead: Dr Brijesh Dongol
to suffer. This project addresses programmability of
concurrent programs through the use of transactional Partners: University of Sheffield,
memory (TM), focusing on some of the main challenges University of Kent
surrounding TM, and taking the key steps necessary
Associate Partners: ARM Ltd, Mozilla Limited,
to facilitate wide-scale adoption.
De Paul University, University of Augsburg,
The project team has developed theoretical University of Paderborn, University of
advances in our understanding of TM correctness, Queensland, Victoria University of Wellington
methodological advances in verification techniques
Timeframe: 2018-2021
for TM, and pragmatic advances via the development
of application-aware TM designs. A key focus has
been the integration of TM and weak memory models,
in particular C/C++. Verification tools have been
developed in Isabelle/HOL to support each of these
steps. The results have formed the basis for further
projects addressing new technologies such as
non-volatile memory and the security aspects of TM.
08
SU RREY.AC.U K/ SC C S Formal Modelling & Verification
D IST RIB U T E D SYST E M S
IN DISTRIBUTED SYSTEMS, WHERE MULTIPLE AGENTS NEED TO TALK TO EACH OTHER
TO ACCOMPLISH A TASK, ENSURING RESILIENCE TO FAILURE IS KEY TO PROVIDING
AN UNINTERRUPTED SERVICE. BLOCKCHAIN HAS INTENSIFIED THIS CHALLENGE, WITH
MALICIOUS BEHAVIOUR POTENTIALLY HAVING DEVASTATING EFFECTS – SUCH AS
INVALIDATING THOUSANDS OF PAYMENT TRANSACTIONS. SCCS IS WORKING TO
DEVELOP ALGORITHMS AND PROTOCOLS WHICH CAN PROVIDE CONTINUOUS
SEPA RATION AND ENABLE SYSTEMS WHICH ARE SCALABLE AND SECURE.
Stellar Payment
Network
SCCS is working with Stellar Development Foundation
to improve its open-source payment system. Running Budget: $140,000
on blockchain, Stellar enables individuals and companies
Funding: Initially one year, subject to extension
to create, send and trade digital representations of all
forms of money (dollars, pesos, bitcoin etc), with the aim Centre lead: Professor Gregory Chockler
of allowing the world’s financial systems to work together
on a single network. In this project, SCCS will redesign Partners: IMDEA Software Institute (Madrid,
several parts of the Stellar Consensus protocol, helping Spain), Galois Inc (USA)
to solve potential problems with correctness and Timeframe: 1 May 2021 – 1 May 2022
enabling the Stellar payment network to scale up
to thousands of servers.
Find out more about Stellar Payment Network.
L E AD I NG I NVEN TO R O F DI ST R I BUT E D
SYST E M S T E C HN O LO GY
Before moving into academia, Professor Gregory Chockler spent seven years as a researcher at IBM
Research where he co-invented a new event-monitoring technology which boosted scalability of IBM’s
WebSphere Virtual Enterprise (among other products) by several orders of magnitude. He also co-invented
Speculative Paxos, an award-winning reconfigurable replication protocol used in IBM cloud offerings
to improve their availability and failure resilience.
Professor Chockler’s current research focuses on blockchain and scalable information diffusion,
with ongoing and recent projects funded by IBM and Facebook.
09
SU RREY.AC.U K/ SC C S Distributed Systems
BLO C KCH A I N &
D IST RIB U T E D L E D GE R
TECH NO LO GI E S
BLOCKCHAIN ENABLES US TO KEEP TAMPER-PROOF DATA WITHOUT RELYING
ON A CENTRALISED AUTHORITY. TOGETHER WITH SURREY’S CENTRE FOR
VISION, SPEECH AND SIGNAL PROCESSING AND THE CENTRE OF DIGITAL
ECONOMY, SCCS IS LEADING THE WAY IN DISTRIBUTED LEDGER TECHNOLOGY
(DLT) RESEARCH FOR THE PUBLIC GOOD, WITH A BROAD PORTFOLIO OF
PROJECTS TO ENABLE GREATER TRUST ONLINE.
VOLT
(Voting On Ledger Technologies)
The fact that many elections are still run using
paper ballots demonstrates that, despite the Budget: £615,000
convenience and efficiency of electronic elections,
Funding: EPSRC
there are unresolved security challenges around
voting systems that could be vulnerable to Centre lead: Professor Steve Schneider
malicious attack. The VOLT project explores the
use of DLTs to enhance trust in electronic voting Partners: Kings College London, Civica Election
by providing transparency and an agreed Services, Crowdcube, Monax Industries
tamperproof record of the election. The project
Timeframe: 2017-2021
is developing and piloting end-to-end verifiability
into online voting, and also applying smart
contracts to the management of voting rights
for shareholders in the corporate environment – Find out more about VOLT.
particularly for crowdfunded businesses.
10
SU RREY.AC.U K/ SC C S Blockchain & Distributed Ledger TechnologiesDECaDE
(Centre for the decentralised digital economy)
In our increasingly decentralised digital economy,
everyone has the opportunity to be both a producer Budget: £4m, plus over £6m contribution
and consumer of goods and services but, because from industry
these peer-to-peer markets are underpinned by
Funding: UKRI/EPSRC
centralised digital platforms, users rarely have
a say in their governance decisions. Centre lead: Professor Steve Schneider
DECaDE is a national hub which aims to use distributed Partners: Centre for Vision, Speech and Signal
ledger technology and artificial intelligence technologies
processing, Centre of Digital Economy, University
to transform this emerging economy into one that has
of Edinburgh, Digital Catapult
fair governance and maximises opportunities for
everyone to create value. Initial areas of research Timeframe: 2020-2025
include fake news around Covid-19 vaccination and
supply chain visibility. In January 2021 DECaDE also held
its first workshop with industry partners, focusing on the
creative sector, to kickstart co-created research projects. Find out more about DECaDE.
Scalable and resilient data replication
for distributed ledgers and blockchains
Every party participating in a blockchain network has
its own copy (or ‘replica’) of the chain, which enables Budget: £22,300
them to independently verify the legitimacy of the
Centre lead: Professor Gregory Chockler
transactions, enforcing the key blockchain promise
of ‘decentralised trust’. This creates a challenge when Partner: IBM
it comes to large-scale distributed block replication
at a large scale involving complex distributed protocols, Timeframe: 2017-2024
as these must be both secure and able to scale
to potentially tens of thousands of participants.
In this project, SCCS is collaborating with IBM to
design these protocols in the specific context of
HyperLedger Fabric – the key blockchain technology
being developed by IBM. The project has generated
a number of high profile breakthroughs, with research
published at ACM Systor 2017, the International
Symposium on Distributed Computing (DISC) in
2018 (winning the best paper award) and 2020,
and Springer Distributed Computing journal 2021.
11
SU RREY.AC.U K/ SC C S Blockchain & Distributed Ledger TechnologiesC O M M U NI CAT I O N
AN D N E T WO R K S
WITH THE EMERGENCE OF THE INTERNET OF THINGS AND ULTRA-HIGH SPEED
MOBILE AND WIRELESS CONNECTIVITY ON THE HORIZON, FUTURE
COMMUNICATIONS AND NETWORKS NEED TO INCORPORATE NOVEL
PROTECTION MECHANISMS TO ENSURE SECURITY, RELIABILITY, AND ADEQUATE
FAULT TOLERANCE. SCCS COLLABORATES CLOSELY WITH SURREY’S 5G
INNOVATION CENTRE TO BUILD SECURE COMMUNICATION SYSTEMS IN
SECTORS SUCH AS CONNECTED VEHICLES AND DIGITAL HEALTHCARE.
SAFRON
(Safe operational radio network for
mixed-priority communications to trains
using a shared architecture)
Budget: £120,000
The SAFRON project demonstrated how public radio Funding: Innovate UK
networks could be used for train-track communications
for mixed applications including mission-critical and Centre lead: Professor Helen Treharne
safety-related. SCCS collaborated with Surrey’s 5G
Partners: TeleRail Networks,
Innovation Centre and TeleRail Networks to oversee
Network Rail Telecoms
the security analysis and design of the communication
between the train systems and the rail route control Timeframe: 2018-2019
centre, using secure communication techniques.
12
SU RREY.AC.U K/ SC C S Communication and NetworksEnabling WebAuthn
to fulfil its potential
Already adopted by major IT companies, WebAuthn The project team has demonstrated that ARKG prevents
solves many of the problems associated with web attackers from impersonating users or forging their
authentication, including phishing, but studies show that WebAuthn backup credentials, and also stops hackers
the potential loss of these authenticators is one of the from determining whether credentials can be linked to
biggest barriers to its adoption. the same user, preserving user privacy. This research
was presented at the leading cybersecurity conference
SCCS has worked with Yubico – the leading provider of
ACM CCS 2020.
hardware authentication security keys (YubiKeys) – to
propose a new web protocol which will enable an
easy-to-use and secure online experience. The aim was Centre lead: Dr Mark Manulis
to develop a new solution for backing up WebAuthn
credentials and analysing its cryptographic core, Partner: Yubico
Asynchronous Remote Key Generation (ARKG).
Find out more about Yubico.
We believe that providing secure and easy-to-use recovery
methods, which don’t compromise the security or privacy
aspects of the core protocol, will be key to the continued
adoption of WebAuthn.
Dain Nilsson, Director of Engineering at Yubico.
13
SU RREY.AC.U K/ SC C S Communication and NetworksSO CI AL M E D I A
PROBLEMS ASSOCIATED WITH SOCIAL MEDIA USE HIT THE HEADLINES EVERY
DAY – FROM TEENAGE BULLYING TO TROLLING AND HATE SPEECH – BUT
PUTTI NG IN PLACE MEASURES WHICH EFFECTIVELY REMOVE FREE SPEECH
NEEDS CAREFUL CONSIDERATION. WE APPLY DATA ANALYSIS TO UNDERSTAND
ONLINE HARM IN SOCIAL NETWORKS IN ORDER TO DEVELOP BETTER SYSTEMS
AND ARCHITECTURES, AND DRIVE SOCIAL AND PUBLIC POLICY IMPACT.
Detecting and understanding
harmful content online
SCCS is funded by the Alan Turing Institute to take
a systematic approach to research online harms such Budget: £200,000
as hate speech. Using real world datasets of abusive
Funding: EPSRC, Alan Turing Institute
language, anti-social behaviour and comments from
different contexts, the team aims to develop a deeper Centre lead: Professor Nishanth Sastry
understanding of how different tools for detecting and
understanding online harms (such as hate speech Partners: Alan Turing Institute, Queen Mary,
classifiers) work. One of the outputs will be a meta tool UCL, University of Cambridge, Oxford Institute
for practitioners (such as government bodies and
Timeframe: November 2019 to March 2021
industry) wanting to choose between different tools.
Find out more about Detecting and understanding
harmful content online.
14
SU RREY.AC.U K/ SC C S Social MediaCharacterising hate speech in
MPs’ and citizens’ conversations
With 650 MPs now on Twitter, interpreting how citizens whether this is across party political divides, or due
engage with them online has become fundamental to ideological differences within a party. As part of the
to understanding modern democracy in the UK. project, hate speech meta tools developed by SCCS
and the Alan Turing Institute will be applied to this
In collaboration with the House of Commons Library
nationally important dataset.
Research team, SCCS is examining how MPs and
citizens engage online in order to understand whether
the negative emotions being expressed in these Centre lead: Professor Nishanth Sastry
conversations have elements of hate speech and, if so,
15
SU RREY.AC.U K/ SC C S Social MediaAP P L I E D
C RY P TO GR AP H Y
WITH OUTSTANDING EXPERTISE IN THIS FIELD, WE FOCUS ON ADVANCED
CRYPTOGRAPHIC TECHNIQUES AS AN INTEGRAL PART OF MANY OF OUR
PROJECTS – AS CAN BE SEEN THROUGHOUT THE PROJECT PAGES OF THIS
BROCHURE. THE TECHNIQUES WE USE INCLUDE HIGH FUNCTION ENCRYPTION
SCHEMES AND DIGITAL SIGNATURES, AUTHENTICATION AND KEY EXCHANGE
PROTOCOLS, AND CRYPTOGRAPHIC SOLUTIONS FOR PRIVACY-PRESERVING
IDENTITY MANAGEMENT, SECURE DATA SHARING AND INFORMATION EXCHANGE.
G LO B AL AUT HO R I T I E S
O N CRYPTO G R APHY
Core members of SCCS, Professor Liqun Chen and Dr Robert Granger are two of the academics
leading the Centre’s research into hardware security and cryptography.
Professor Chen has invented or coinvented cryptographic solutions
which have been incorporated into international standards and used in
applications millions of people use every day. As principal research
scientist in the Security and Manageability Laboratory at Hewlett Packard
Labs, she was instrumental in developing the Trusted Platform Module
(TPM), a hardware chip that ensures security by integrating
cryptographic keys and algorithms in devices. She has since led
development of a Quantum-Resistant TPM (see page 4).
Dr Granger is a world-renowned computational number theorist who has
made important breakthroughs in foundational cryptographic security
assumptions. He has designed highly original discrete logarithm
algorithms for various algebraic groups and has set several world
records for discrete logarithm computations. In 2019, he was part of
a team of researchers to hail the end of a variant of a cryptosystem that
is widely used to protect online transactions, by solving a 30750-bit
discrete logarithm problem using a quasi-polynomial time algorithm;
this beat the previous record of 9234 bits set in 2014.
16
SU RREY.AC.U K/ SC C S Applied CryptographySURREY
S ECU RIT Y NE T WO R K
LAUNCHED IN DECEMBER 2020, SURREY SECURITY NETWORK BRINGS TOGETHER
DEPARTMENTS ACROSS THE UNIVERSITY OF SURREY WITH RESEARCH INTERESTS
LINKED TO SECURITY.
Security research activity has become increasingly benefits from knowledge within the 5G/6G Innovation
multidisciplinary over the past decade, with national Centre, Surrey Space Centre, and the Centre for
hubs being established by research bodies to meet Vision, Speech and Signal Processing, among other
security challenges. Reflecting this, the Surrey Security research centres.
Network (SSN) aims to connect security-related
Some of the topics discussed at the launch event –
research across the University, acting as a forum
held virtually at the end of 2020 – included web privacy
for multidisciplinary collaborations and partnerships
and online harm, biometrics and facial recognition,
with national bodies and industry.
online radicalisation, device network security, secure
The Network encompasses the Departments machine learning, satellite security and bomb-proof
of Computer Science, Electrical and Electronic construction. Plans are ongoing for collaborations
Engineering, Politics, Criminology, Mathematics, to explore a number of these areas.
Mechanical Engineering Sciences, Civil and
Find out more about Surrey Security Network.
Environmental Engineering, School of Law, and Surrey
Business School. In addition to SCCS, the Network You can also email us at SSN@surrey.ac.uk.
17
SU RREY.AC.U K/ SC C S Surrey Security NetworkST U DY
AT S U R R E Y
THE UNIVERSITY OF SURREY IS AN ACADEMIC CENTRE OF
EXCELLENCE IN CYBER SECURITY EDUCATION (ACE-CSE) AND
OFFERS A RANGE OF STUDY OPPORTUNITIES WHICH ARE INFORMED
BY OUR GROUND BREAKING RESEARCH ACTIVITIES.
In addition to our MSc in Information MSc in Information Security
Security, which is specifically designed
to train students for a career in cyber Our GCHQ-certified MSc in Information Security is designed
security, specialist cyber security modules to equip students with the theoretical knowledge and hands-on
are embedded in our undergraduate experience necessary to pursue a successful career in cyber
degrees and other masters courses. security. The course covers the foundations of systems and
There are also opportunities to undertake information security such as cryptography, and also advanced
a PhD – often sponsored by industry concepts such as the inner workings of electronic payments
or government – to explore specific and distributed ledgers.
aspects of cyber security. Students also have the option of undertaking a placement year,
Find out more about our drawing on the University’s strong, established links with leading
computer science courses. national and international organisations.
WH AT OUR
P HD STUDENTS
SAY
As more devices are introduced into 5G, there My PhD is funded by VETSS (Verified Trustworthy
are challenges in maintaining security. My PhD is Software Systems) and aims to tackle the challenges
focused on exploring security analysis techniques inherent to persistent memory. Persistent memory is
in the field of 5G mobile communication. With my a new paradigm for memory, preserving its contents
supervisor, Dr Boureanu, I am working with Surrey’s even after power loss. This brings challenges such
5G Innovation Centre and BT to create new formal as maintaining consistency, ensuring that causally
models suited to the analysis of the emerging dependent information persists in the correct order,
hierarchical and re-configurable 5G networks. Now in and guaranteeing that persistent data are not
the second year of my PhD, I have produced a paper available to unauthorised parties (after the recovery
on 4G Handover Security which has a supported from a system failure). My work focuses on formally
code repository with the models constructed to verifying – in other words, logically reasoning the
analyse security. correctness of persistent memory systems.
Rhys Miller Eleni Valfiadi Bila
18
SU RREY.AC.U K/ SC C S Study at SurreyS CCS T E AM
Professor Steve Schneider Dr David Gerault
Director of SCCS, Professor in Secure Systems Lecturer in Secure Systems
Research interests: e-voting, verification, Research interests: Optimisation and AI for
security protocols, distributed ledger cryptanalysis, provable security, protocols.
technology, trust, privacy, formal modelling.
Dr Lee Gillam
Dr Mark Manulis Reader
Deputy Director of SCCS, Head of Department Research interests: cloud and edge computing,
of Computer Science connected and autonomous vehicles, cybercrime
Research interests: applied cryptography, and online safety.
authentication, privacy, identity and key
management, secure communications, IoT and Dr Robert Granger
network security.
Lecturer in Secure Systems
Research interests: computational number theory
Dr Ioana Boureanu
and algebraic geometry; their applications to
Deputy Director of SCCS, Senior Lecturer cryptography and cryptanalysis; and finite fields.
in Secure Systems
Research interests: provable security, automatic Professor Nishanth Sastry
verification, authentication, key-exchange,
Co-Head of Distributed and Networked
formal methods for security/privacy.
Systems group
Research interests: online harms, web tracking
Professor Liqun Chen
and privacy, GDPR and web consent, internet
Professor in Secure Systems data science and large-scale/in-the-wild
Research interests: cryptography, trusted measurements, edge networks, including
computing, hardware security. applications of block chains.
Professor Gregory Chockler Professor Helen Treharne
Co-Head of Distributed and Networked Professor in Secure Systems
Systems group Research interests: formal verification, security
Research interests: secure and trustworthy verification, authentication, trusted computing, IoT
distributed computing, fault-tolerant distributed applications, rail applications, intelligent mobility,
algorithms, secure data replication and useable security.
transaction processing, blockchain consensus.
Dr Steve Wesemeyer
Dr Santanu Dash Director of ACE-CSE, Senior Teaching Fellow
Lecturer in Secure Systems in Secure Systems
Research interests: Secure software systems, Research interests: formal verification, computer
software engineering and analysis. security, cryptography, information security.
Dr Brijesh Dongol Professor Alan Woodward
Senior Lecturer in Secure Systems Visiting Professor
Research interests: verification, distributed and Research interests: cryptography, steganography,
concurrent systems, real-time and hybrid systems, watermarking and general computer security.
autonomous systems, weak memory, algebra.
Dr Constantin Cătălin Drăgan
Lecturer in Secure Systems
Research interests: electronic voting, applied
cryptography, provable security, formal
verification, privacy-preserving technology.
19
SU RREY.AC.U K/ SC C S SCCS Team8195-1018
SURREY CENTRE FOR CYBER SECURITY
University of Surrey
Guildford, Surrey GU2 7XH, UK
+44 (0)1483 68 6058
SCCS@surrey.ac.uk
surrey.ac.uk/sccs
Twitter: @SCCS_UniSurrey
LEARN MORE
Discover more about our research projects
Find out about our MSc Information SecurityYou can also read
