The University of Southampton

The group undertakes basic and applied cyber security research, constituting the core of the Academic Centre of Excellence for Cyber Security Research and of the Cyber Security Academy, a partnership between University, Industry and Government, whose objectives span from research and consultancy to outreach, training and knowledge transfer. 


The Cyber research programme aims at enhancing the cyber security of modern IT systems advancing used techniques and processes towards automated, secure and reliable cyber defences

Formal methods. We focus on the design and use of formal method techniques such as formal semantics, type systems and model checking in order to support the implementation and verification of secure by-design systems. Besides the development of associated theories, the stream outcomes comprise a number of automated verification tools. 

Blockchain. We have been significantly focussing on a promising and exciting new research direction: distributed ledger technologies (DLT), aka blockchains, and their applications to distributed and cloud computing, and to the Internet-of-Things (IoT). Through the work we are carrying out, Southampton is quickly emerging as an international knowledge centre on DLT, entertaining new collaborations with industry in the UK and public administrations in Europe and beyond. 

This programme aims at strengthening the cyber security of modern IT systems via the use of fast, scalable blockchain infrastructure deployed and used in as-a-Service like way. We are currently working on the following research streams:

• Design Paradigms: addressing the issues of how to analyse, compare and consequently design and develop fast, scalable, yet secure, blockchain and smart-contract infrastructures.

• Service Ledger: aiming at developing a software platform based on blockchain to underpin highly dynamic coalition systems like IoT, cloud federation and provenance tracking scenarios.

• Security Services: aiming at strengthening typical security services like access control, identity and privacy management with blockchain integrity, availability and decentralisation features. 

Security and privacy. We focus on a variety of methods for controlling the management of sensitive data and the processes operating upon. Key effort is placed on authorisation and authentication controls aiming at creating secure by-design system such as access control infrastructures and data sharing protocols.

We are also focussing on anonymity, where we are developing incentive schemas to favour cooperation, trust management, where we target cyber risk management applications, and anonymisation, where we are enhancing current techniques to protect them from de-anonymisation attacks.

Thanks to strong collaborations with the Law School, we are also investigating and developing the adoption of regulation such as GDPR within current data management systems. 

Human Factor. We focus on favouring the adoption of cyber security controls in practice by devising new learning and awareness approaches to make human decision making and cyber behaviours more effective.

IoT. We are engaged in various national and university activities focussing on IoT such as PETRAS []. We have a broad research programme on IoT crossing all the other research themes. The overall goal of the IoT programme is to make the IoT ecosystem more secure. This spans over (i) formal modelling and analysis of IoT languages and frameworks; (ii) dynamic analysis of firmware updates; (iii) lightweight yet secure physical authentication procedures; (iv) fine-grained authorisation infrastructures; (v) blockchain-connected IoT applications; (vi) vulnerability assessment.

Provenance. It is the foundation of data quality. Provenance captures the trace of data manipulation over space, time and actors understanding the semantic relationships among them in order to point out how data is actually generated and used. We focus on the formal modelling and reasoning on provenance models, and their cyber security implications. Just to mention a few, we are dealing with partial information for enforcing accurate provenanceprivacy management of provenance data, and decentralised solution for supporting multi-party provenance systems.

Malware analysis. We focus on the devising of automated solutions for coping with malware-driven threats. We are developing techniques to automatically learn models and patterns behind malware evolution, thus to devise technologies for keeping pace with the speed of novel malware variations. 


 A number of funded projects are active across the group, including: