Secure and dependable software systems

Improving human trust on software systems

0

Our research

Modelling Languages and Ontologies
Our work in this area is concerned with the development and precise definition of modelling languages and ontologies to support visual modelling of security, trust, privacy and risk. Examples of our work in that area include the development of modeling languages based on the Goal-Oriented Requirements engineering paradigm, to model security and trust and the application of Concept diagrams in the area of Privacy Engineering, where ontologies can be used to capture privacy constraints over information systems. We also develop underlying formalisms, utilising logics and graph transformations, to enable precise specifications and automated reasoning, within the context of security and dependability, taking into account organisational policies and resource allocation.

Methodologies and Model-Based Engineering
Our work in that area focuses on the development and analysis of methods, processes, methodologies and architectures for secure and dependable systems. At the requirements level we focus on the development of processes that enables security engineers to elicit and model security requirements  and analyse them in terms of security properties, relevant threats and vulnerabilities. At the architectural level, we focus on developing software architecture techniques to ensure that software systems satisfy security, trust and privacy requirements and that developed architectures reduce potential risks. Such techniques include model-based methodologies that enable support at different levels, from design –through the development of architectural models, to run time – through the execution and management of such models. Our work also include traceability support between software architecture and other artefacts of the software lifecycle such as code and requirements.

Security Engineering Decision Support
One of the single largest concerns facing organizations today is how to protect themselves from cyber attacks whose prominence impose the need for organisations to prioritize their cyber security concerns with respect to their perceived threats. We are investigating novel decision-making methodologies and models that guarantee the highest possible levels of protection within different domains (e.g. IoT, Cloud) with regards to different security and privacy threats and a set of evolving factors such as security requirements, financial cost etc.

Computer Aided Software Engineering (CASE) tools
To support software development process activities, we are developing computer-aided software engineering (CASE) tools. Our tools support  security and trust analysis of the system under development at different levels. At the higher level, they are graphical editors where security and trust models can be drawn and the grammatical correctness of the models is automatically checked. On the lower level, they enable analysis of security and trust properties and security threats.

Viewing Message: 1 of 1.
 Notice

We use cookies to personalise content, to provide social media features and to analyse our traffic. Read our detailed cookie policy

Skip to toolbar