The University of Southampton has been hosting a U.K. National Academic Centre of Excellence in Cyber Security Research (ACE-CSR), which recognises us as an internationally leading institute for research and education on cyber security.
Cyber-Physical System Security studies the security issues in cyber-physical systems (CPS) which are characterized by the deep integration and close interaction between the cyber (information) systems and the physical systems. Example CPS include smart energy systems, automotive CPS, cyber-human systems, smart manufacturing systems, smart health CPS, etc.
Hardware Security The attack surface on computing devices at the hardware level is becoming very sophisticated, this trend driven by two major factors. The first is the rapid increase of number of connected devices (around 50B in 2025); this has made it much easier for adversaries to have physical access and wage invasive and semi-invasive attacks or perform well known side channel analysis. The second factor is the remarkable growth of outsourcing in the hardware supply chain, which has brought about serious challenges in the form of new security attacks, particularly, IC counterfeit and Hardware Trojan insertion. Compromised hardware products pose serious threats if used in critical infrastructure and military applications. Our current research to address these problems include, but not limited to, enhancing the physical security of computing devices and systems through the use of physically unclonable functions technology, development of blockchain-based tracking mechanisms for hardware supply chain security, development of logic locking techniques to mitigate the risk of counterfeits, and the use of artificial intelligence technology to enhance the efficacy of tamper resistant design and intrusion detection techniques. In addition, we are working on the development of education resources to raise awareness of the security threat at the hardware level.
Cyber threat intelligence (CTI) is a broad term describing information about potential threats and the actors that may wish to exploit them. It is an invaluable component in an organisation’s approach to the management of Cyber Risk and an active area of research within the community. Our activities include (1) approaches to sharing CTI; (2) connecting openly available intelligence to an improved understanding of cyber situational awareness (including predictive capability); (3) developing machine support for the work of cyber investigators; and (4) investigations into making CTI more actionable using machine based approaches to extract additional intelligence and structure from the existing data corpora.
RBAC simplifies policy specification and the management of user rights using a two tier management, it groups users into roles and assigns permissions to each role. Administrative role-based access control (ARBAC) is a policy mechanism for controlling how changes can be made to the RBAC policy by various administrators.
Risk Management research focuses on risk analysis and decision-making using quantitative modelling and real-time Big data techniques applies to FinTech and Cyber-Risk research fields, via state-of-the-art high performance computing facilities.
Distributed Ledger Technology aka blockchain, is a main focus and research direction of ours. The fascinating properties of decentralisation, data control and integrity make blockchain a disruptive technology for a variety of application domains, from distributed and cloud computing, to the Internet-of-Things. Through the work we are carrying out, Southampton is quickly emerging as an international knowledge centre on DLT, entertaining new collaborations with industry in the UK and public administrations in Europe and beyond.
FAAS is a main application of blockchain to cloud computing is to underpin the Federation-as-a-Service solution. It is an innovative solution to federate cloud systems ensuring privacy-preserving management of service/data, optimised resource utilisation, decentralised and democratic federation governance. Blockchain offers decentralised computational infrastructure to build cloud federations upon with trust-less data integrity and availability guarantees. This line of research was to address problems in the public administration space, because some of the specific requirements of demonstrable data custody and service/data sharing governance normally imposed on governments, typically point directly to the key properties of integrity for data and code offered by blockchains.
Provenance is the foundation of data quality, capturing the trace of data manipulation over space, time and actors. Provenance becomes critical in application domains such as healthcare where patient safety can be endangered. Based on blockchain technologies, we are focussing on decentralised storage and computation of data provenance to prevent by-design loss and corruption of healthcare data across geographically distributed medical institutions.
Internet-of-Things(IoT), the focus of project Block-IT is a key enabler of new computing systems, but it lacks of a reliable underlying computation infrastructure. Our focus is on using blockchain to underpin distributed IoT devices enabling accountable data storage and management. This line of research targets smart-energy and home automation scenarios aiming at offering blockchain-empowered energy marketplace and autonomous home controllers.
Cyber and the Law works on data situation models relying in part on anonymisation and pseudonymisation practices, and their implications for data protection obligations. The Horizon 2020 FutureTrust project on interoperability of electronic identification and trust services and the interplay between with the General Data Protection Regulation (GDPR) and key data protection principles, such as data protection by design.
Identity and Access Management research focusses on the design of privacy-preserving identity and access management systems that are resilient to cyber attacks. We explore the use of blockchain technology and Intel SGX trusted hardware to guarantee the integrity of users’ digital identities and access control policies and of the identity verification and access control protocols. These guarantee both data immutability and integrity and confidentiality of the policy enforcement process.
Health-I focuses on integrating humans into the IoT ecosystem. The project investigates how and where crowdsourcing can be used within an IoT ecosystem to improve trust and user-driven privacy, and provide better human-driven data sharing mechanisms. By using the crowd we build up trust, privacy, & data sharing capabilities in an open and transparent way.
CASTLE is a project funded by the Higher Education Academy to enhance both students’ cyber security skills and the University’s cyber security posture through supervised penetration testing and a responsible disclosure policy.
Software Verification & Validation in cyberspace is the focus of project ADVANCE. This is developing a unified tool-based framework for automated formal verification and validation of cyber-physical systems.
GDPR research explores the applicability of GDPR in real terms, with reference to the currently known anonymisation techniques. Our conclusion is that new algorithms are needed if we need to be GDPR compliant. Specifically, we explore advanced indexing to endow differential privacy with resilience to attacks based on repeated queries, through our new notion of context controls.
Government related activities consist of working with government agencies across Europe and beyond to address privacy and security requirements in the public administration. Our current efforts centre on distributed ledgers as computational infrastructure to provide data integrity guarantees.
In the recent past worked with the government on the cyber security of the Internet-of-Things, of the UK Smart Metering Programme as well as the effectiveness of Cyber Essentials. We have established solid working relationships with several agencies including the Cabinet Office, the Foreign and Commonwealth Office, the Information Commissioner’s Office, the Italian Ministry of Economy and Finance and the National Crime Agency.
Colleagues within CyberSecurity Southampton lead research projects of over £18million.
A number of funded projects are active and involve colleagues from across the Centre, including: