The UK’s second Academic Research Institute to investigate new ways of automatically analysing computer software to reduce its vulnerability to cyber threats has been announced.
The second Research Institute will carry out research into techniques for Automated Program Analysis and Verification of computer software. The outputs from the Research Institute will provide businesses, individuals and government with additional confidence that software will behave in a secure fashion when installed on operational networks.
Funded by a £4.5m grant, the new Research Institute is made up of teams from six universities. It has been established by the Government intelligence agency GCHQ, with the Engineering and Physical Sciences Research Council (EPSRC) through the Research Councils UK (RCUK) Global Uncertainties Programme and the Department for Business, Innovation and Skills (BIS).
It follows the first Academic Research Institute, established in September 2012.
Both Academic Research Institutes form part of a Government effort to use universities in all cyber security.
This allows UK academics in the field of cyber-security to connect with industry and international researchers to tackle some of the UK challenges in cyber.
David Willetts, Minister for Universities and Science, said: “This institute will build on the UK’s global reputation for cyber security research and innovation. It complements wider work government is doing in partnership with academia and industry to boost the economy through improved cyber security. This includes the Cyber Growth Partnership which met for the first time this week.”
Universities in the second Research Institute were selected by a competitive process, in which they had to devise new research projects to address three key challenge areas in computer security:
Vulnerability discovery
Malware analysis and classification of code
Improved defences and mitigations.
To address these very tough problems requires world-leading researchers in fields such as mathematical logic, programming languages and program analysis. Six teams were successful:
Queen Mary, University of London, working with University of Kent and University College London
University of Edinburgh
Imperial College London
University College London
University of Kent working with University College London; and
The University of Manchester.
Imperial College London was selected to host the Research Institute, with Professor Philippa Gardner taking the role of Director of Research. She said: “The creation of this Research Institute recognises the excellence of UK research in automated program analysis and verification. It provides an exciting opportunity to focus this research on cyber security.”
David Delpy, EPSRC’s Chief Executive, said: “We rely on the structures of the online world as much as we depend on physical infrastructure and utilities. Academic research that both evaluates threats and devises appropriate defences and safeguards is vital to our national and personal security. Fundamental and applied science and engineering have important roles to play here.”
The Research Institute aims to open for business in April 2013 for a period of three years.
Notes
The second Academic Research Institute has been established to conduct research into Automated Program Analysis and Verification. This is part of a joint response between GCHQ, the Department for Business, Innovation and Skills (BIS), the Research Councils’ Global Uncertainties Programme (RCUK) (led by EPSRC) and the Office of Cyber Security and Information Assurance (OCSIA) to, Protecting and Promoting the UK in a Digital World, the Government’s National Cyber Security Strategy. The Strategy describes how Government is working with academia and industry to make the UK more resilient to cyber attacks.
Objectives of the Strategy are to:
Tackle cyber crime and make the UK one of the most secure places in the world to do business in cyberspace
Make the UK more resilient to cyber attack and better able to protect our interests in cyberspace
Help to shape an open, vibrant and stable cyberspace which the UK public can use safely and that supports open societies
Build the UK’s cross-cutting knowledge, skills and capability to underpin all cyber security objectives.
Last year, GCHQ, BIS and RCUK announced the award of Academic Centre of Excellence (ACE) in Cyber Security Research status to eight UK universities. http://www.gchq.gov.uk/Press/Pages/Cyber-Security-Research-Centres-of-Excellence.aspx and a first Academic Research Institute in the “Science of Cyber Security” https://www.gchq.gov.uk/Press/Pages/UK’s-First-Academic-Research-Institute-to-Investigate-the-‘Science-of-Cyber-Security’.aspx.
Also in the pipeline are plans for a scheme to recognise Academic Centres of Excellence in Cyber Security Education, Certification of Cyber Security training courses and increased sponsorship of PhD research.
