Cyber Security for Digital Infrastructures and Technologies (Glasgow Cyber Defence Group )
The Glasgow Cyber Defence Group (GCDG) is an international leader in the cyber security of digital infrastructures and technologies, working closely with a broad range of academic, industrial and government partners. Our research spans across multiple domains and is focused on developing practical methods to address pragmatic security and privacy challenges in networked systems, hardware, software and human factors.
GCDG has a long tradition on cyber security in Cyber-physical Systems (CPS) primarily on Industrial Control Systems (ICS) serving a number of safety-critical national infrastructure sectors (e.g., energy, automation, manufacturing) and hosts the unique Cyber Safety Lab (CSL). We have also strong contributions in programmable network security for large-scale networked systems, security-by-design in hardware systems (e.g., FPGAs) and IoT devices, usable and human-centred security, privacy engineering and software verification.
Theme Lead: Dr Angelos Marnerides
Glasgow Cyber Safety Lab
The Glasgow Cyber Safety Lab (CSL) is unique in the UK and one of only 3 comparable facilities worldwide that focus on the cyber security of safety-critical cyber-physical systems. Supported by a number of industrial partners we solicit realistic requirements and provide exclusive access to a set of safety-critical network infrastructures including both conventional technologies and domain-specific Cyber-Physical Systems (CPS) with specific setups of Industrial Control Systems (ICS). CSL outputs have facilitated highly impactful research in securing ICS, which has shaped Scottish, UK-wide, European, and UN cyber security policies for the civil energy, nuclear, utilities and aviation industries.
Track record - staff
- Dr. Angelos Marnerides (lead) - research revolves around novel data-driven security and resilience mechanisms for Internet-enabled cyber physical systems (CPS), anomaly detection in ICS and the development of cyber threat intelligence (CTI) solutions including the detection and profiling of malware and large-scale IoT botnets using Internet measurements.
- Prof. Dimitrios Pezaros - founding director of netlab and interim director of Glasgow's Cyber Defence Laboratory. His research focuses on networked systems resilience through always-on monitoring and adaptive resource provisioning, anomaly and intrusion detection for virtualised, software-defined, and resource-constrained (IoT) networked infrastructures.
- Prof. Wim Vanderbauwhede - research with a focus on CyberSecurity of IoT and other smart devices, with the aim of making the design of hardware systems (in particular FPGAs) proof against errors and tampering, through the use of advanced type systems.
- Dr. Jeremy Singer - is primarily focused on research related to secure execution environments and investigates the composition of novel micro-architectural techniques to mitigate runtime exploits and privacy-aware methods distilled by programming language runtime techniques.
- Dr. Mohamed Khamis - undertakes research at the intersection of Human-Computer Interaction and Security. His research focuses on understanding threats to user privacy that are caused/facilitated by ubiquitous technologies, such as thermal attacks and shoulder surfing and inventing novel ubiquitous systems for protecting user privacy and security on mobile devices, public displays, and in VR.
- Dr. Inah Omoronyia - focuses on Secure Software Engineering revolving around the design and implementation of secure and privacy preserving software systems as resulted by the development of practical and novel methods to analyse privacy and security requirements.
- Dr. Ornela Dardha - research centred around programming languages and (behaviural) types for correct and safe interaction and communication of software components in concurrent and distributed systems.
- Dr. Jose Cano Reyes - works in system and algorithmic-wide properties of adversarial machine learning (ML), secure federated learning and ML-based security on edge devices.
- Dr. Anna Lito Michala - is interested in developing ML-based security and privacy solutions in IoT deployments with a particular focus on privacy assisted by edge computing.
Dr. Michele Sevegnani - research on Digital Twins as dynamic data-driven formal models enabling reasoning about the safety, reliability and predictability of location-aware, event-based, cyber-physical systems, particularly complex systems that are already deployed.
- Dr. Emma Li - focuses on cyber security and privacy using behavioral biometrics in human-computer interaction, wearables, and robotic systems. For example, continuous behavioral biometric authentication via keystroke dynamics, touch screen, VR headsets, haptic controllers, etc.
Projects (active in the last 6 years)
Our research has received considerable funding from the EU, the UK Engineering and Physical Science Research Council (EPSRC), the European Network and Information Security Agency (ENISA), GCHQ/NCSC, Innovate UK as well as from industrial partners (e.g., EDF, Facebook, Raytheon, Arm).
- Organisational Resilience for the Civil Nuclear Industries - EDF Energy, (Pezaros, Marnerides)
- TruSDEd: Trustworthy, Software-Defined Cyberattack Detection and Mitigation at the Network Edge - PETRAS National Centre of Excellence for IoT Systems Cybersecurity, PI: Pezaros
- PT.HEAT: Preventing Thermal Attacks (funded by PETRAS, £177,075). PI: Mohamed Khamis. Partners: Scottish Business Resilience Centre. From 11/2021 to 04/2023
- PriXR: Protecting XR User and Bystander Privacy (funded by REPHRAIN, £79,997). PI: Mark McGill, Co-I: Mohamed Khamis. From 01/2022 to 11/2022
- AppControl: Enforcing Application Behaviour through Type-Based Constraints (EPSRC EP/V000462/1), Vanderbauwhede, 2020 -2024, £1.48m
- Capable VMs (EPSRC EP/V000349/1), Singer, 2020 2024, £469k
- TAPS: Assessing, Mitigating and Raising Awareness of the Security and Privacy Risks of Thermal Imaging (EPSRC EP/V008870/1), Khamis, 2021-2023, £262k
- Emergence of cybersecurity capability across Critical National infrastructure, National Cyber Security Centre (National Cyber Security Centre - NCSC), Khamis, £140k
- Developing Pedagogy that Optimises Forensic Training in Safety Related Industrial Control Systems (National Cyber Security Centre - NCSC), Johnson, 2019 - 2020, £249k
- BehAPI: Behavioural Application Program Interface, (EU H2020), Dardha
Multi-Perspective Design of IoT Cybersecurity in Ground and Aerial Vehicles (MAGIC), PETRAS, Sevegnani, 2020-2022
Formal methods for Agritech Resilience Modelling (FARM), PETRAS, Sevegnani, 2021-2023
- Understanding and Mitigating the Security Risks of Thermal Imaging, Royal Society of Edinburgh, Khamis, £65k
- Facilitating Parental Insight and Moderation for Safe Social VR, Facebook Reality Labs, Khamis, £56k
- Process Regulation and Compliance (Scottish Enterprise, 309867-01), Omoronyia
- HutZero 6 - Transforming early-stage cyber ideas into businesses, UK Department for Digital, Cultural, Media and Sports (DCMS), Omoronyia
- Privacy Engineering for Software Designers (Innovate UK CyberSecurity Startup Accelerator Programme), Omoronyia, April - July 2019, £21k
- Border Patrol: Improving Hardware Security through Type-Aware Systems Design (EPSRC EP/N028201/1), Vanderbauwhede, February 2017 - January 2022, £638k
- Forecasting and Visualizing Safety and Security Concerns as a Consequence of Systems Changes in Air Traffic Management Networks (US Office of Naval Research), Johnson and Pezaros, September 2015 - September 2018, £192k
- Engaging with Scotland's SMEs to improve security (Royal Academic of Engineering), Renaud, September2015 - August 2016, £30k
- Cloud Security: Government clouds and incident reporting (European Network and Information Security Agency (ENISA)), Johnson, April to December 2013, £31k
- Multisensory information presentation for automotive safety systems (Freescale Semiconductor UK Ltd), Brewster, October 2012 - March 2016, £24k