What we do

Our mission at the Centre for Intelligent, Secure and Usable Systems is to perform world–class research that delivers innovation, knowledge and new practices for the development of secure, intelligent and usable software systems.

  • We support communities and industry through knowledge transfer, creating theoretical, applied, industrial and educational impact. 
  • We deliver innovation, new knowledge and practices to support the consideration of security, intelligence and usability as integral aspects of systems engineering process.
  • We investigate and deliver theoretical research across three main areas of interest and their intersection.

Find out how to join us as a member, collaborator, student or visitor.

Contact us for information on consultancy and collaboration with the centre's experts

CSIUS@brighton.ac.uk

Our areas of research at the Centre for Secure, Intelligent and Usable Systems 

Our research into software systems divides broadly around the three approaches in the research centre's title: secure systems, intelligent systems and usable systems. 

Research into security of software systems

Our work on system and software security focuses on the development of structured practices and techniques that support the engineering and analysis of secure and dependable systems and minimise system behaviour that can endanger their security and privacy while increasing their trustworthiness. In particular, our work makes contributions to the following areas:

Security and Privacy Requirements Engineering

Our work in this area is concerned with the development and precise definition of modelling languages, methodologies and ontologies to support elicitation, modelling and analysis of security, trust, and privacy requirements. We have developed the Secure Tropos methodology, one of the first methodologies in the literature that implements the idea of security and privacy by design and integrates security, privacy and engineering techniques under one methodological approach.

Banner showing research themes in security in computing: text reads security and privacy requirements engineering model-based security engineering, Internet of Things and cloud computing security, Trust analysis, Risk Management, Security of Cyber-physical systems, threats and vulnerability alaysis and propagation security of critical infrastructures, privacy engineering and privacy patterns

Model-Based Security Engineering

Our work in that area focuses on the development and analysis of methods, processes, and architectures for secure and privacy-aware systems. At the requirements level, we focus on the development of processes that enable the elicitation and modelling of security and privacy requirements and analyse them in terms of security and privacy properties, relevant threats and vulnerabilities.

At the architectural level, we focus on developing software architecture techniques to ensure that software systems satisfy security, trust and privacy requirements and that developed architectures reduce potential risks. Such techniques include model-based methodologies that enable support at different levels, from design –through the development of architectural models, to run time – through the execution and management of such models. Our work also includes traceability support between software architecture and other artefacts of the software lifecycle such as code and requirements.

 

Internet of Things (IoT), 5G and Cloud Computing Security

Recent advances in information and communication technologies such as Internet of Things, 5G and Cloud Computing, provide significant benefits but at the same time raise important issues with regards to security and privacy. We are developing novel models, methodologies and analysis techniques that guarantee the highest possible levels of protection within IoT, 5G and Cloud computing environments, in the presence of different security and privacy threats.

 

Security Engineering Decision Support

One of the single largest concerns facing organisations today is how to protect themselves from cyber-attacks whose prominence impose the need to prioritise their cyber security concerns with respect to their perceived threats. We are investigating novel decision-making methodologies and models that offer the highest possible levels of protection within different domains (e.g. IoT, Cloud) with regards to different security and privacy threats and a set of evolving factors such as security requirements, financial cost, indirect costs (e.g. people’s productivity), intangible and tangible assets. We also develop underlying formalisms, utilising logics and graph transformations, to enable precise specifications and automated reasoning, within the context of security and dependability, taking into account organisational policies and resource allocation.

 

Security Attack and Threat Discovery

We develop novel reasoning techniques and algorithms that assist the discovery of potential cyber-attack paths in supply-chain and critical infrastructures, taking into account information from the Common Weakness Enumeration (CWE) and from the Common Vulnerabilities and Exposures (CVE). Our work can be applied within a dynamic risk management system to detect the vulnerabilities of the IT infrastructure and to deliver attack paths that satisfy certain criteria.

Data Privacy Management and GDPR

We develop platforms and solutions that facilitate visual analysis of privacy requirements and needs and assist the creation, monitoring and enforcement of Privacy Level Agreements. Moreover, we focus our work in the analysis and development of innovative data privacy governance platforms, which facilitate scoping and processing of data and data breach management and support organisations towards GDPR compliance.

Security and Privacy Patterns

Security and privacy patterns capture the experiences of experts, allowing novices to rely on expert knowledge and solve security and privacy problems in a more systematic and structured way. The literature provides catalogues of security and privacy patterns. However, representing and selecting security and privacy patterns remains largely an empirical task. Our work contributes towards the solution of this problem in two ways. On one hand, we investigate the development of security and privacy pattern languages that enable the representation of patterns and guide developers through the process of designing a system to ensure security and privacy. A major novelty of our work in that area is that the solution to the pattern is represented using concepts from the requirements stage, which enable a developer to directly apply the patterns of the language to the security and privacy requirements analysis. We also pioneer work on security and privacy patterns selection, which allows us to understand in depth the trade-offs involved in patterns and the implications of a pattern to various security and privacy requirements. The process then supports the search for a combination of security and privacy patterns that will meet given security and privacy requirements.

Automated Analysis Tools

To support software development process activities, we are developing computer-aided software engineering (CASE) tools. Our tools support security and trust analysis of the system under development at different levels. At the higher level, they are graphical editors where security and trust models can be drawn and the grammatical correctness of the models is automatically checked. On the lower level, they enable analysis of security and trust properties and security threats. 

Research into intelligent software systems

We develop systems which are able to understand, structure and provide access to large, complex datasets in an efficient way. We exploit artificial intelligence, data analytics and mathematical theories to create intelligent software which utilises big data resulting from interactions between people, things and environments.

Natural language processing

Research explores ways in which computer technology can be applied to tasks which involve the use of natural (human) languages (like English, French or Arabic). Our research interests include statistical language generation, combining language and vision, text mining, emotional content and opinion in text, recommender systems, information quality, lexical representation, multilingualism, semantic metadata, evaluation methods, and natural language systems and architectures.

Feature banner showing Intelligent software research themes: text reads, automated, provision of context and explanation, semantic and ontological challenges, intelligent reasoning systems, data analytics, agent-based achitectures, data science, natural language processing, computational linguistics, machine learning techniques for complex datasets, statistical analysis

Computational Technologies for Visual Data

Our inter- and multi-disciplinary research includes the development and deployment of computational technologies for the capture, analysis, visualisation and fabrication of visual data, in particular 2D and 3D data. These areas include:          

  • 2D and 3D imaging techniques and workflows for recording accurate and reproducible visual datasets of physical objects or environments;
  • Extraction of semantic information of 2D and 3D shapes based on shape analysis, machine learning or computational linguistic methods;
  • Repositories for storing large visual datasets along with semantic information including provenance and legacy metadata;
  • Visualisation using web based and other interactive technologies, such as Virtual or Augmented Reality, for providing user access;
  • Design and fabrication technologies for re-using and (re)manufacturing visual data into physical objects.

Statistics and Categorical data Analysis

Our work focuses on developing regression models for correlated discrete and continuous responses, estimation methods of large covariance matrices and hypothesis testing procedures in high-dimensional settings. Although our research is motivated by cross-disciplinary collaborations with biologists, bioinformaticians, computer scientists and doctors, it finds application in a wide range of studies, including studies in social sciences, health studies and omics-studies among others. We disseminate the developed methods in R packages that are contributed to the R-CRAN and Bioconductor projects.

 

Research into usability of software systems

We explore the interaction between people and software systems from the perspectives of analysis, design, evaluation and visualisation. We design novel visual notations and tools to support the development of human-friendly systems. We focus on the following areas:

  • Interaction: user-focused interaction with devices, displays and content
  • Information visualization: automated diagram generation, empirical validation
  • User Experience: focus on cognition and collaboration in designing systems
  • Visual modelling: ontology engineering, software engineering
  • Accessible reasoning: diagrammatic logics, non-expert users
  • Philosophy and semiotics: study of meaningful communication
Banner showing the research theme of software usability. Text reads, interactive technologies, creative design methods, user-centred design and evaluation, visualisation of logic, data visualisation, usability of secure systems, 3D technologies, semantic technologies, user experience

User experience and behaviour

Our work on the user experience and behaviour explores the interaction between people and technology, from the perspectives of analysis, design and evaluation. In terms of analysis, we undertake research into the personal, social and organisational contexts within which information and digital technologies are produced, managed and consumed in contemporary society. Recent research and publications have focused on:

  • The impact of digital technologies on health information
  • Using digital technology in social care settings
  • Impact of digital technologies on the marketing sector

Information behaviour and in-technology acceptance studies

We are also very active in information behaviour and in-technology acceptance studies. In terms of design for use, we are involved in designing, developing and evaluating interactive technologies that aim to be useful, usable and attractive, particularly in learning and cultural heritage. Visual modelling aims to enable diagrammatic notations to be widely used for practical applications. A major strand of research is designing new diagrammatic logics suitable for use in software modelling and ontology engineering. This is complemented by work in the visualisation area, on the automated creation of effective diagrams for displaying information. To achieve our aims, the research is inherently interdisciplinary, making contributions in the areas of logic, reasoning, information visualisation, and human-computer interaction (HCI) with a strong empirical component to ensure that results are usable by people for real-world applications.

Integrating informal situated learning with formal classroom-based education

Our researchers are developing mobile and web-based knowledge sharing applications together with related teaching materials in seven languages. The mobile knowledge sharing application uses a crowd-sourced information system to help international students share their knowledge and understanding of the local language and culture. The system allows students to collect, annotate and tag interesting or intriguing language- and culture-related content found in everyday life, including text, images, audio recordings and web links. These content items are saved to an online repository, from where they can are shared with other language learners.

Improving teaching with real-time feedback

Researchers in CSIUS are have developed the SA-E system for analysing students' real-time feedback provided via social media. Students' real-time feedback is acknowledged as an important source of information for teachers/lecturers to improve their teaching and address issues students may have, such as going deeper in some of the materials covered or providing more examples to understand an abstract concept.

Our research impact and sector collaboration

The intersection between information technology, society and security is becoming exponentially complex. Researchers at the University of Brighton are working on new approaches to create secure ways for people to make use of the huge potential that today’s connected and interactive world offers. 

The world of information technology has changed considerably over the past 30 years. A generation ago, computers were mostly stand-alone devices with minimum connectivity, used by professionals, specialists and enthusiasts to perform specialised tasks. 

Today, computers, smartphones and even household appliances are widely connected and used to store, exchange and gain instant access to information and data wherever it is stored.  

Building on the centre's existing strong links with industry and the public sector, we have established and nurtured strong strategic relationships with partners across five key application contexts: health, education, culture, public administration and services, critical infrastructures.

In each of these areas we provide strong and regular collaborations through Knowledge Transfer Partnerships, consultancy, and small and large research projects:

Health: We have significant experience of applying our research in health-related applications, including security and privacy models for health data exchange, technology acceptance in ehealth and mobile applications development for NHS health records. We have established working collaborations with important stakeholders both nationally (NHS trusts, Farr Institute of Health Informatics Research) and internationally (e.g. Bambino Ges. Paediatric Hospital).

Education: We have applied our research on user-centred design approaches to the design of mobile and ubiquitous devices and applications, particularly in the domains of learning. Moreover, we have applied semantic analysis of student learning.

Culture: We have significant experience of applying our research in the Culture sector, including analysis of 3D content in digital repositories, historical text mining of archives, and game-based crowd-sourcing of curatorial work. We have extended collaborations with relevant stakeholders including the Royal Pavilion and Museums, Historic England and the Natural History Museum, to name few of them.

Public administration and services: We have applied our research to develop platforms that empower citizens to achieve desired levels of privacy and public administration authorities to improve transparency with respect to privacy of citizen data. We have collaborated with international stakeholders from national authorities (e.g. the Italian Ministry of Finance) and local authorities (e.g. Municipality of Athens) and we are developing further collaboration opportunities with new entities, such as The Pensions Regulator.

Critical Infrastructures: We have developed novel modelling and visualisation techniques and have applied them to case studies to decrease the threat of data and identity theft, understand 5G security vulnerabilities and simulate propagation of security threats on connected infrastructures. We have developed collaborations with large stakeholders from industry (e.g. NOKIA, Fujitsu) and critical infrastructure owners (e.g. Maritime ports and Telecommunication companies such as OTE).

Application Domains: We apply our work in various important sectors of human society and we work with organisations in those areas through Knowledge Transfer Partnerships (KTPs), consultancy, and small and large research projects.

Computer screen showing sussex loops, bronze age bracelet from 3D digital heritage projects with museum sector.

Examples of our collaborations

Hospitals in Spain and Italy, and government departments in France, Italy and Greece

Funded by the European Commission’s Horizon 2020 programme, the two-year VisiOn: Visual Privacy Management in User-Centric Open Environments project has concluded with the successful development of a visual privacy management platform that enables citizens and public administrations to understand and visualise their privacy needs. It identifies conflicts with regard to different privacy needs and privacy laws and it provides warnings to citizens and organisations informing them of potential privacy breaches.

Knowledge Transfer Partnership with Family Law Partners

Working with Family Law Partners, we are delivering a two-year Knowledge Transfer Partnership (KTP), utilising the University’s knowledge engineering and artificial intelligence expertise to develop a triage style system to underpin a novel model of family law provision.

By partnering with the University, Family Law Partners receive a programmer who is able to help build capacity and transfer technical knowledge to the team. By having the programmer based in the Family Law Partners office, and immersed in their family law culture, the programmer sees first-hand the challenges the partner have as family lawyers and the desire they have to better service their clients’ needs through new technology.

Accessible reasoning with diagrams 

Working with Nokia Networks and Horizons Regional Council, Brighton, University of Cambridge and Leverhulme Trust are developing a series of case studies based on real world problems and properties that end users must model and reason about. Modelling and formal reasoning is required in many real-world domains in order to convey knowledge unambiguously and correctly, yet the practitioners in these domains are typically not logic experts. Thus, currently available symbolic logic approaches are inadequate and often lead to errors in handling data, delays in product release, and even breaches in consumer privacy. We provide a solution: a new formal diagrammatic logic for developing, debugging, communicating and reasoning rigorously yet accessibly about domain models. Thus, the project has the potential to revolutionise approaches to modelling and reasoning across a wide range of sectors.

Using a real world case study - Iron Age settlement of Castrolandin, Spain

This collaboration built privacy and trust as part of a cultural heritage conceptual model. Using a real world case study from the Iron Age settlement of Castrolandin in Spain, the University of Brighton has been working alongside the Institute of Heritage Sciences, Spanish National Research Council, to examine issues around privacy and trust in the creation and management of cultural heritage resources.

Logo for research project vision privacy platform

 

Logo for Nokia Horizons regional council

 

Logos of the Institute of Heritage Sciences and the Spanish National Research Council

Our research and enterprise output

Research undertaken by the centre members is innovative, multi-disciplinary, and often collaborative, with clear social and economic impact.

Details of research publications and other outputs fostered by the centre and achieved by its members, along with funded projects delivered by the centre, can be accessed on the Centre for Intelligent, Secure and Usable Systems' database of research.

Visit our institutional record of publications and projects