Dealing with the Internet of Insecure Things

I was invited to deliver a presentation to the Institute of Engineering & Technology's EC3 Group on "Dealing with the Internet of Insecure Things".  My talk provided an overview of the security challenges of the Internet of Things and argued that we should adopt human-centric engineering approaches to address these challenges.

Abstract: We are in an age of the ‘Internet of Everything’ where boundaries between citizens, governments, media, and societal organisations are becoming increasingly fuzzy as interconnected digital devices enable the collection and exchange of vast amounts of information across the globe. The availability of data gathered by these devices, coupled with advances in channels of digitally mediated communication, has created a host of new systems that are embedded into a range of human activities, including agriculture, energy, transportation, healthcare, policing, and education – creating the potential for a ‘smarter planet’. However, these cyber…

IET Innovation Awards Finalist! Winner!

Update (16 Nov 2017): I am very pleased to announce that the Privacy Band was chosen as the winner of the Cyber Security category of the IET Innovation Awards.  Vikram Mehta and I were presented the award which is a fantasic recognition of our invention.

"Privacy Band", our novel privacy management interface device, was a finalist in the Cyber Security category of the IET Innovation Awards.  The above video shows me discussing and demonstrating the device, which embodies a metaphor of "Privacy Itch" and "Privacy Scratch" as a mechanism for privacy awareness and control.

The IET Innovation Awards were announced on 15 November 2017.

People in the Machine

I recently delivered a talk at the Symposium on Software Engineering for Smart Systems, on the importance of considering the role of people in various aspects of software engineering for smart systems.  In addition to discussing the challenges that people face when designing, building and using smart systems, I presented some of the approaches we have been developing to help software engineers and users overcome these challenges.  The slides from the talk are provided below, and the abstract is as follows:

People in the Machine: 
Human-centred Software Engineering for Smart Systems
The growth in ubiquitous computing technologies has created ever greater opportunities to use the data gathered by these technologies to develop ‘smart systems’ that enhance a range of human activities, from health and wellbeing to transportation, agriculture, and sustainable living.  These 'smart systems' depend on software as the thread that weaves together a variety of underlying technologies from …

PhD Application Advice - FB Live Session

FB Live Session on Applying for a PhD
I often get contacted by potential PhD students who are interested in pursuing a research degree and I put some slides together as a resource to help answer some of the common questions.  I will be conducting a Facebook Live Session for the Sustainable Education Foundation on this topic on 18 June 2017. 
Of course, there are many similar guides available on this topic and I am particularly grateful to Matt Might for his excellent "Illustrated guide to a PhD", which I have borrowed from to prepare this information.  

SEF - Applying for a PhDfrom Arosha Bandara

Visual programming for 'wiring' the Internet of Things

There is a proliferation of devices being developed to form the building blocks of the Internet of Things (IoT), from Internet-connected power sockets and light bulbs to kettles, toasters and washing machines. However, to realise the full potential of the IoT, it will be necessary to allow these devices to interconnect and share data with each other to deliver the functionalities required by end-users. In recent research on end-user programming for the IoT, my colleagues Pierre Akiki, Yijun Yu and myself have proposed the notion of Visual Simple Transformations (ViSiT), that provides a visual programming paradigm for users to wire together IoT devices. The video above shows a demonstration of the ViSiT solution and full details of the approach will appear in an upcoming special issue of the ACM Transactions on Computer-Human Interaction (ToCHI).

This work is highlighted in a recent IEEE Software Blog: Empowering Users to Build IoT Software with a Puzzle-like Environment and full deta…

Privacy Perspectives for Data Privacy Day

A group of us, who are part of the EPSRC-funded, Monetize Me project, wrote an article on "Privacy perspectives: dos, don’ts, and to-dos", to mark Data Privacy Day on 28th January.   In this article, we highlight some of the challenges of understanding the privacy implications of a variety of new technologies, such as activity trackers and smart watches.  We make the point that:

"... it is not individuals’ responsibility alone to protect themselves from privacy intrusions. Technology companies and developers can adopt privacy by design principles to mitigate some of these risks, and such practice should become common, to avoid us becoming disillusioned with emerging technologies. Therefore, we argue that maintaining privacy is ultimately a collective effort, shared between researchers, developers and those who ultimately use the devices and services they produce."

The full article can be found on the Open University's news portal: "Privacy perspectives: do…

Are we losing the Internet Security battle?

I was recently invited by Heimdal Security to take part in an expert roundup, with the theme of "Is Internet Security a Losing Battle?".  The main thrust of my answer was to question our use of analogies of conflict in the context of Internet Security or cyber security.  As I said in my response:
"... in this context the metaphors of conflict, such as ‘war’ and ‘battle’ are unhelpful because they suggest that internet security is the responsibility of the technologists who act our defensive force against attackers.   Instead, as has been argued by technology activists like Cory Doctorow and others we might have more success by thinking of cyber security using the analogy of public health and communicable diseases.   By using this analogy, we make cyber security issues more relevant to people and spur them to gain a better understanding that, like diseases, any of us can be afflicted by a cyber security attack.  We can also adopt an analogous approach for handling cyber …