Our current research areas and projects include:
- Security in Autonomous Systems
This EPSRC supported basic research project explores fundamental
socio-technical aspects of security in the provisioning of “Trustworthy Autonomous Systems”. Further information about the project can be found here.
- Threat Modelling
Targets: Cloud, Web Services, IoT, Data Centers, Critical Infrastructures, ML
Activities: In order to quantifiably assess the trustworthiness of software, protocols and services, we develop approaches such as vulnerability/threat profiling, attack surface analysis, criticality/risk assessment and testing schema. Our research develops metrics for software and system security both conceptually as ‘compositional security’ and in an applied manner e.g., with the use of SLAs. We also explore threat models for ML processes and the underlying ML computing infrastructures.
Projects/Support: IBM, Hitachi, Microsoft, EC CONCORDIA, EC-SPRIDE, CASED, CRISP
- Modelling and Assessment of Trustworthy Software
Targets: Operating Systems, Large scale software systems
Activities: Our objective is to uncover deficiencies in software that can get invoked via operational factors such as load or concurrency (dependability implications) or deliberately via attacks (security implications) to result in the degradation of delivery of the expected services. We explore a variety of analytical, formal and experimental techniques, e.g., mutation testing, flaky tests, fuzz testing and a variety of stress injection approaches at different levels of the software stack. For testing coverage, the key drivers of interest are (a) representativeness, (b) efficiency and (c) reproducibility of the developed approaches.
Projects/Support: EC CONCORIDA, CRISP, DFG, Microsoft
- Design and Verification of Secure and Resilient Systems
Targets: Cloud computing, distributed systems, Internet of
Activities: Access control guidance for cloud systems. Formal verification (model checking) of access control models and policies. Modelling and quantification of security and resilience.
- Cyber Incident Response and Recovery
Target: Operational Technology, Critical Infrastructures
Activities: We take a socio-technical approach, to better understand and address challenges in the adoption and development of cyber incident response and recovery capability, within the nuclear sector. Our research focuses on the creation of frameworks and tooling to support and develop existing approaches through desk-based studies, industry engagement, and lab-based experimentation.
Project/Support: UK Nuclear Innovation Programme and EC CONCORDIA
- Measuring and analyzing the resilience and robustness of the Internet routing infrastructure
Targets: Internet topology mapping, BGP Routing, Interconnection infrastructure
Activities: Mapping the Internet topology at different
interconnection layers (IP-level, Point-of-Presence level, Autonomous System level), understanding the interdependencies between the
different building blocks and measure and understand the behaviour of routing protocols and algorithms
Project/Support: Antikraak: Protecting non-routed and transferred address space against
spear-hijacking, Aethra: Intelligent RIPE Atlas Resource Allocation
- Design & Analysis for Trustworthiness (Security & Dependability) in Distributed Systems
Targets: Web scale replication management, client-server models, data centers, cloud computing.
Activities: Consensus in asynchronous distributed systems extending from classical distributed system models to internet level WAN’s and servers. The application of this research is for both dependable and secure services. Resilient and efficient distributed storage algorithms Formal verification (Model Checking) of dependable distributed protocols.
Projects/Support: Microsoft & Microsoft PhD Fellowship, IBM, DECOS, INDEXYS, Inco-Trust, Think-Trust, DFG GK Mixed Mode Systems
- Threat Profiling + Security/Robustness Hardening of Software and Operating Systems
Targets: Distributed OS, Component Based SW.
Activities: Commodity OS and software is often inadequately designed to be resilient to all operational perturbations (dependability) or deliberate attacks (security). We tackle the issues of first understanding how the effects of errors/vulnerabilities propagate through the SW/OS (error profiling). Next we try to develop add-on wrappers that can mitigate the effect of these perturbations (operational or malicious). We tackle design of wrappers for embedded SW and OS’s targeting (a) effective placement of wrappers, (b) their dynamic constitution and (c) automated wrapping techniques. Increasing we target both dependability nuanced robustness and determining of vulnerabilities from a security viewpoint and especially as run-time security enhancement. Techniques and metrics for experimental and analytical testing of SW/OS
Projects/Support: Microsoft, DFG GK Mixed Mode Systems, DFG GK on Ubiquitous Computing, EC ReSIST, Saab, Volvo, Hitachi.
- Quantification of Security & Dependability
Targets: Metrics for SW & System Security, Cloud Computing, Web Services.
Activities: Development of metrics and supporting techniques to quantify and assess the trustworthiness of software, protocols and services. In the ABC4Trust (Attribute Based Credentials for Trust) project, two technologies from Microsoft (U-Prove) and IBM (Identity Mixer) will be used as pilots for security quantification. The approaches span attack surface analysis, criticality assessment, threats profiling and testing schema. Methodologies for benchmarking the dependability/security levels of operating systems and especially web services. This involves development of benchmarking strategies, processes and tools to evaluate the desired metrics.
Projects/Support: Microsoft, EC ABC4Trust, Comifin, Inspire, Inco-Trust, DBench, ReSIST.
- Peer to Peer Communication Overlay based Security/Dependability Approaches for Critical Infrastructure Protection
Targets: Power Grids, Financial Infrastructures, P2P Networks
Activities: Development of (a) overlay middleware, (b) data analysis, (c) threat quantification and (d) response mechanisms for enhancing trustworthiness levels of critical infrastructures. The smart power grid is targeted in the EC INSPIRE project and the EC COMIFIN project targets the protection of financial infrastructures.
Projects/Support: COMIFIN, INSPIRE, CASED, Comifin-Inco, Inspire-Inco
- Mobile Computing: Trust & Resilience in Mobile Computing and Wireless Sensor Networks
Targets: Distributed Ad hoc mobile, WSN environments
Activities: Transaction Management in Mobile Databases protocols for providing efficient and fault-tolerant transactions in mobile ad-hoc networks. The thrust is on mixed-mode systems i.e., heterogeneous computing and communication environments. Dependable Embedded Wireless Sensor Networks where we concentrate on providing procedures for reliable data transport, and its reliability assessment. Maintenance of deployed WSN where we develop dependability models for measuring and monitoring the dependability of deployed WSN’s. Both active and proactive (prediction based) schema are developed. QoI: Increasingly, the notion of a widely inter-connected, adaptive and dynamic ubiquitous computing environment is being proposed for virtually all application domains. Consequently, the underlying Wireless Sensor Networks (WSN) represent a key enabling technique for the emerging ambient/ubiquitous/pervasive computing. The key service provided by a WSN is to characterize the physical world as required by the user(s). Hereby, the main interest of users is to receive specified information (events, real world snapshots) with a certain desired quality level that may include precision, freshness of sampled data or data coverage range among other relevant data quality attributes, collectively termed as the Quality of Information (QoI).
Projects/Support: EC IST NextTTA, DECOS, DFG GK Mixed Mode Systems
- Component Based Design of Dependable Embedded Systems
Designing complex embedded systems is problematic from both the design and testing viewpoints. We advocate a component based design of “integrated” and “composable” systems and services – see DECOS project links. Conceptual guidelines for composability, applied Object-Oriented paradigms, distributed protocols (diagnosis etc) form basic elements of the projects.
Projects/Support: EC DECOS, EC IST NextTTA, DECOS, GENESYS, INDEXYS
- HW/SW Co-Design (& Assessment Methodologies)
We develop methodologies for design and assessment of dependable systems and SW. The focus is on systems that integrate a diverse set of functions (where the individual functions having diverse dependability, criticality, and security requirements) such that the overall system, integrating the various functions, can still meet the overall dependability requirements. Typical examples involve the safety-critical X-by-wire systems in the automotive and aerospace arena. We develop frameworks to quantify the dependability/security relevant interactions across diverse functions. Guidelines (heuristics, algorithms) to integrate functions are developed along with an optimization framework to assess the “goodness of integration” and tradeoffs involved over the integration process. We are also investigating issues of power-aware integration.
Projects/Support: EC IST NextTTA, Saab, EC DECOS, GENESYS, INDEXSYS
- Communication Issues in Distributed Embedded Systems
The interest here is to focus on communication/bus protocols – CAN, TT-CAN/CAN+, TT/TDMA, Optical Buses etc. Issues of interest include looking at stand-alone and relative properties across these buses covering the issues of: Bus Reliability, Capabilities of providing for fail-silence, Bandwidth/Scheduling Capabilities, Support for Atomic Broadcast and Group Membership Protocols. Issues of testing these protocols is also covered.
Projects/Support: Microsoft, EC IST NextTTA, Saab, Volvo, SSF, EC IST DBench
- Distributed Diagnosis
The thrust is on developing run-time strategies for error detection, isolation and recovery i.e., the on-line diagnostic process for distributed systems. We tackle development of consensus based diagnosis protocols. From the initial results on classical synchronous distributed systems, this work is expanding to cover diagnosis in mobile ad-hoc (and partially synchronous) computing environments. The project covers protocol development, analysis (formal and stochastic modeling) and protocol verification/validation (experimental and formal model checking).
Projects/Support: EC DECOS, Hitachi, Saab, Volvo, Vinnova, SSF
- Understanding Propagation and Effect on Errors in Software
The research involved designing frameworks for profiling and analyzing the propagation and effect of errors (mainly data errors) in software. Our interest is both at the program level (Detectors and Correctors) and at the systems level where we target strategies for placement and assessment of Executable Assertions and other error handling mechanisms in SW/OS’s.
Projects/Support: Saab Endowment, Volvo Research
- FORTS: Fault Tolerant Real-Time Operating System (US Dept. of Defense DARPA)
This is a DARPA/ITO sponsored project being conducted jointly with the Univ. of Pittsburgh and the Honeywell Technology Center. The project is looking at scheduling and dependability issues in providing fault tolerance in systems through the use of novel scheduling algorithms and approaches. We identify (a) the slack available in a given schedule, and (b) the fault tolerance requirements for a given task set, and the proposed approach utilizes allocation, overloading and reclaiming aspects of idle time slots in a schedule to provide the desired fault tolerance properties. This is composite theoretical and experimental project, and RT-MACH is being used as a test bed.
- X-By-Wire (EC NextTTA)
Development of dependability oriented – system design, protocols, testing – strategies for X-by-Wire-control for safety critical applications.
- DICOSMOS (Distributed Control of Safety Critical Mechanical Systems)
With the introduction of distributed computer systems in vehicles and machinery there is a need for new design methods and architectures that are suitable for the increasing amount of software implemented safety critical control systems. There is a large potential for functional integration, information sharing and the introduction of completely new functionality. The DICOSMOS2 project takes an interdisciplinary approach towards these problems in the boarder land between automatic control and computer engineering.
- Cache Based User/OS Transparent Error Recovery
Design of novel cache architectures that can support roll-forward checkpointing based fault recovery techniques in hard RT environments is being investigated. This project is specifically aimed at cost-effective, distributed embedded systems where RT deadline driven error recovery is desired, though in a manner transparent to the user/OS. NSF CAREER Award
- Validation of Dependable Real-Time Protocols Using Formal Techniques (TFR)
- Cost Effective Architectures for Embedded and Distributed RT Control (Nutek)
- Self Stabilization in Embedded RT Systems (Volvo Research)
- Saab Endowment (Saab)
- Verification and Validation of Embedded Potocols (NJIT)
- Dependability Evaluation and Applications of NGCR Standards (ONR/NWAC)
- Reliability Modeling of Dependable Distributed Systems (ONR)
- Distributed Diagnosis and Health Monitoring (NASA)