• Skip to content
  • Skip to footer
  • Accessibility options
University of Brighton
  • About us
  • Business and
    employers
  • Alumni and
    supporters
  • For
    students
  • For
    staff
  • Accessibility
    options
Open menu
Home
Home
  • Close
  • Study
    • Courses and subjects
    • Find a course
    • A-Z course list
    • Explore our subjects
    • Academic departments
    • Visiting the university
    • Explore online
    • Online events
    • Virtual tours
    • Chat to our students and staff
    • Open days
    • Applicant days
    • Order a prospectus
    • Ask a question
    • Studying here
    • Clearing 2021
    • Accommodation and locations
    • Applying
    • Undergraduate
    • Postgraduate
    • Transferring from another university
    • The Student Contract
    • International students
    • Fees and finance
    • Advice and help
    • Advice for students
    • Advice for parents and carers
    • Advice for schools and teachers
    • Managing your application
    • Undergraduate
    • Postgraduate
  • Research and enterprise
    • Research and enterprise
    • Research and enterprise organisation
    • Brighton Futures – our themes
    • Centres of Research and Enterprise Excellence (COREs)
    • Research and Enterprise Groups (REGs)
    • Our research database
    • Information for business
    • Community University Partnership Programme (CUPP)
    • Postgraduate research degrees
    • PhD research disciplines and programmes
    • PhD funding opportunities and studentships
    • How to apply for your PhD
    • Research environment
    • Investing in research careers
    • Strategic plan
    • Research concordat
    • News, events, publications and films
    • Research and enterprise news
    • Research and enterprise public events
    • Inaugural lectures
    • Research publications and films
    • Academic staff search
  • About us
  • Business and employers
  • Alumni, supporters and giving
  • Current students
  • Staff
  • Accessibility
Search our site
CSIUS Banner 1
Centre for Secure, Intelligent and Usable Systems
  • What we do
  • Who we work with
  • Study or work with us
  • Who we are
  • What we do
    • What we do
    • Security
    • Intelligence
    • Usability
    • Our research and enterprise projects
    • Our research and enterprise impact
  • Security

Security

Our work on the Security theme focuses on the development of structured practices and techniques that support the engineering and analysis of secure and dependable systems and minimise system behaviour that can endanger their security and privacy while increasing their trustworthiness. In particular, our work makes contributions to the following areas:

Find out about our collaborations in Who we work with

Security and Privacy Requirements Engineering

Our work in this area is concerned with the development and precise definition of modelling languages, methodologies and ontologies to support elicitation, modelling and analysis of security, trust, and privacy requirements. We have developed the Secure Tropos methodology, one of the first methodologies in the literature that implements the idea of security and privacy by design and integrates security, privacy and engineering techniques under one methodological approach.

Model-Based Security Engineering

Our work in that area focuses on the development and analysis of methods, processes, and architectures for secure and privacy-aware systems. At the requirements level, we focus on the development of processes that enable the elicitation and modelling of security and privacy requirements and analyse them in terms of security and privacy properties, relevant threats and vulnerabilities. At the architectural level, we focus on developing software architecture techniques to ensure that software systems satisfy security, trust and privacy requirements and that developed architectures reduce potential risks. Such techniques include model-based methodologies that enable support at different levels, from design –through the development of architectural models, to run time – through the execution and management of such models. Our work also includes traceability support between software architecture and other artefacts of the software lifecycle such as code and requirements.

IoT, 5G and Cloud Computing Security

Recent advances in information and communication technologies such as Internet of Things, 5G and Cloud Computing, provide significant benefits but at the same time raise important issues with regards to security and privacy. We are developing novel models, methodologies and analysis techniques that guarantee the highest possible levels of protection within IoT, 5G and Cloud computing environments, in the presence of different security and privacy threats.

Security Engineering Decision Support

One of the single largest concerns facing organisations today is how to protect themselves from cyber-attacks whose prominence impose the need to prioritise their cyber security concerns with respect to their perceived threats. We are investigating novel decision-making methodologies and models that offer the highest possible levels of protection within different domains (e.g. IoT, Cloud) with regards to different security and privacy threats and a set of evolving factors such as security requirements, financial cost, indirect costs (e.g. people’s productivity), intangible and tangible assets. We also develop underlying formalisms, utilising logics and graph transformations, to enable precise specifications and automated reasoning, within the context of security and dependability, taking into account organisational policies and resource allocation.

Security Attack and Threat Discovery

We develop novel reasoning techniques and algorithms that assist the discovery of potential cyber-attack paths in supply-chain and critical infrastructures, taking into account information from the Common Weakness Enumeration (CWE) and from the Common Vulnerabilities and Exposures (CVE). Our work can be applied within a dynamic risk management system to detect the vulnerabilities of the IT infrastructure and to deliver attack paths that satisfy certain criteria.

Data Privacy Management and GDPR

We develop platforms and solutions that facilitate visual analysis of privacy requirements and needs and assist the creation, monitoring and enforcement of Privacy Level Agreements. Moreover, we focus our work in the analysis and development of innovative data privacy governance platforms, which facilitate scoping and processing of data and data breach management and support organisations towards GDPR compliance.

Security and Privacy Patterns

Security and privacy patterns capture the experiences of experts, allowing novices to rely on expert knowledge and solve security and privacy problems in a more systematic and structured way. The literature provides catalogues of security and privacy patterns. However, representing and selecting security and privacy patterns remains largely an empirical task. Our work contributes towards the solution of this problem in two ways. On one hand, we investigate the development of security and privacy pattern languages that enable the representation of patterns and guide developers through the process of designing a system to ensure security and privacy. A major novelty of our work in that area is that the solution to the pattern is represented using concepts from the requirements stage, which enable a developer to directly apply the patterns of the language to the security and privacy requirements analysis. We also pioneer work on security and privacy patterns selection, which allows us to understand in depth the trade-offs involved in patterns and the implications of a pattern to various security and privacy requirements. The process then supports the search for a combination of security and privacy patterns that will meet given security and privacy requirements.

Automated Analysis Tools

To support software development process activities, we are developing computer-aided software engineering (CASE) tools. Our tools support security and trust analysis of the system under development at different levels. At the higher level, they are graphical editors where security and trust models can be drawn and the grammatical correctness of the models is automatically checked. On the lower level, they enable analysis of security and trust properties and security threats.

Back to top
  • Facebook
  • Twitter
  • Instagram
  • YouTube
  • LinkedIn icon

Contact us

University of Brighton
Mithras House
Lewes Road
Brighton
BN2 4AT

Main switchboard 01273 600900

Course enquiries

Sign up for updates

University contacts

Report a problem with this page

Quick links

  • Courses
  • Open days
  • Order a prospectus
  • Academic departments
  • Academic staff
  • Professional services departments
  • Jobs
  • Privacy and cookie policy
  • Accessibility statement
  • Libraries
  • Term dates
  • Maps
  • Graduation
  • Site information
  • Online shop
  • COVID-19

Information for

  • Current students
  • International students
  • Media/press
  • Careers advisers/teachers
  • Parents/carers
  • Business/employers
  • Alumni/supporters
  • Suppliers
  • Local residents