EPSRC logo

Details of Grant 

EPSRC Reference: EP/Z531315/1
Title: Securing Convergent Ultra-large Scale Infrastructures
Principal Investigator: Rashid, Professor A
Other Investigators:
Belguith, Dr S Bradbury, Dr M S Suri, Professor N
Adepu, Dr S Creese, Professor S Flechais, Professor I
Researcher Co-Investigators:
Project Partners:
Academia Sinica Taiwan Airbus Operations Limited BT
Engine Shed Hewlett Packard Inc National Cyber Security Centre
RISE - Research Institutes of Sweden AB SETsquared Partnership Singapore University of Tech & Design
Vodafone UK Limited
Department: Computer Science
Organisation: University of Bristol
Scheme: Standard Research TFS
Starts: 01 September 2024 Ends: 31 August 2029 Value (£): 6,780,954
EPSRC Research Topic Classifications:
Human-Computer Interactions Networks & Distributed Systems
Software Engineering
EPSRC Industrial Sector Classifications:
Information Technologies
Related Grants:
Panel History:
Panel DatePanel NameOutcome
08 Feb 2024 PAN 181:OPP135; EPSRC Programme Grants Full Application Summer 2023 Announced
Summary on Grant Application Form
Digital infrastructures are seeing convergence and connectivity at unprecedented scale. This is true for both current critical national infrastructures and emerging future systems, e.g., smart cities, intelligent transportation, high-value manufacturing and Industry 4.0. Cyber security of such ultra-large scale infrastructures faces unprecedented complexity. Diverse legacy and non-legacy software and hardware compose on-the-fly to deliver services to millions of users with varying requirements and unpredictable actions. This complexity is compounded by intricate supply-chains and the need to deliver resilient operations in the presence of untrusted, partially trusted or compromised elements. The integrated exploration of such ultra-large scale, compositionally secure infrastructures is an imperative need, yet to be comprehensively scoped in the research community. There is an urgent need to pivot our perspective away from piecemeal solutions to one that takes a compositional, adaptive view, anticipating and addressing the security challenges arising from hitherto unprecedented complexity, heterogeneity and connectivity. Furthermore, shifting established research paradigms from an ideal vision of security-by-design to the reality of securing-a-compromised-system is imperative.

SCULI will drive this paradigm-shift to predictable security assurances in the presence of uncertainty. This holds the key to addressing the grand challenge of provisioning security at the societal scale—highly interconnected, dynamic, structureless, on-demand systems and services. To do so, it will deliver rapid research advances in four fundamental but interlinked research challenges:

Predictability at ultra-large scale: How to elicit, specify and validate security assurances for service composition in the presence of uncertainty, dynamism and human behaviour (including addressing direct and indirect dependencies and resulting systemic risks)?

Composition at ultra-large scale: How to compose and orchestrate security provision across diverse and heterogeneous evolving infrastructures with legacy and non-legacy elements that change over a long infrastructure lifespan?

Continual assurance at ultra-large scale: How to reason, to requisite levels of accuracy and at an appropriate pace, about the security state at runtime to provide continuity of oversight and trust, when several elements may be partially trusted, under attack, vulnerable or compromised?

Incident response at ultra-large scale: How to orchestrate incident response in a manner that accounts for heterogeneous incident response practices in constituent systems and provides situational awareness at the necessary pace and resolution for human-machine decision-making?

SCULI's research advances will deliver future security provision in digital infrastructures underpinning society for the next several decades. From a practical standpoint, embracing the challenges of delivering security in the context of such highly distributed, independent (individually) yet co-dependent (collectively), infrastructures is the only way to build a resilient digital backbone for industry and society. From a policy perspective, this is critical to the UK's socio-economic prosperity as reflected in the National Cyber Strategy (December 2021). From a citizens and public discourse perspective, this is key to transforming the narrative on cyber security from fear, uncertainty and doubt to predictable, continual assurance, and accountable decision-making when securing societal-scale infrastructures.
Key Findings
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Potential use in non-academic contexts
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Impacts
Description This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Summary
Date Materialised
Sectors submitted by the Researcher
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Project URL:  
Further Information:  
Organisation Website: http://www.bris.ac.uk