Skip to main content

2014 Retrospective ...

Highlight from November 2014: Receiving CCT status for Introduction to Cyber Security MOOC
from Chris Ensor (Deputy Director, CESG) and Richard Pharro (CEO, APMG)
2014 has been an eventful year across many spheres of my academic life, complete with research published in major conferences and journals, PhD students graduating and new courses launched.  My final post for the year is a quick review of some of the highlights:

  • January: The year started with the news that two of the papers I co-authored and submitted to the International Conference on Software Engineering (ICSE 2014) had been accepted for publication.  Both of these papers were based on the work of my PhD students, one on privacy requirements engineering and the other on adaptive user interfaces.  It turned out to be a pretty successful year for OU research at ICSE overall.
  • February: We got confirmation that the EPSRC would be funding our project, "MonetizeMe: Privacy and the Quantified Self in the Digital Economy", which would involve colleagues from the Faculty of Business and Law as well. The project formally started by late summer and I am looking forward to seeing this work progress in 2015. 
  • April: Together with colleagues from the Adaptive Security and Privacy project I attended a joint NII-OU-Lero workshop on Software Engineering for Smart Cities that was held as the Masdar Institute in Abu Dhabi.
  • July: Pierre Akiki, a PhD student I jointly supervised with Yijun Yu, successfully defended his PhD on Engineering Adaptive Model-Driven User Interfaces for Enterprise Applications.  His examiners were Prof. Michael Harrison (Newcastle) and Dr. Leonor Barroca (OU).  Pierre is now an assistant professor of computer science at Notre Dame University - Louaize.
  • September: The MOOC Introduction to Cyber Security was launched for registration.  I am the lead educator for the MOOC and the development was supported by the UK National Cyber Security Programme.  I worked with my colleagues in the department to produce the content, most notably Mike Richards, Bashar Nuseibeh and Julie Wright.  We were also supported by an excellent project manager Jane Roberts and Learning Media Developer / Editor, Amy Leon.  
  • October: We started the first presentation of the new post-graduate module in Software Engineering (M814), for which I am the module chair.   This course is based on two older courses on managing software engineering in enterprises and requirements engineering.  It is a core module in our MSc in Computing (Software Engineering).
  • November: The Introduction to Cyber Security MOOC was recognised as a CESG Certified Training course for raising awareness of cyber security skills and technologies.  I had the pleasure of attending the launch event for the CCT programme in London where the official certificate for the MOOC was awarded by Chris Ensor (Deputy Director, CESG) and Richard Pharro (CEO, APMG).
  • December: We completed the first presentation of the Introduction to Cyber Security MOOC, which had over 15K learners, and ~25% of these completed the 8-week course.
Hopefully the coming year will be equally eventful and exciting!
Post a Comment

Popular posts from this blog

Visual programming for 'wiring' the Internet of Things

There is a proliferation of devices being developed to form the building blocks of the Internet of Things (IoT), from Internet-connected power sockets and light bulbs to kettles, toasters and washing machines. However, to realise the full potential of the IoT, it will be necessary to allow these devices to interconnect and share data with each other to deliver the functionalities required by end-users. In recent research on end-user programming for the IoT, my colleagues Pierre Akiki, Yijun Yu and myself have proposed the notion of Visual Simple Transformations (ViSiT), that provides a visual programming paradigm for users to wire together IoT devices. The video above shows a demonstration of the ViSiT solution and full details of the approach will appear in an upcoming special issue of the ACM Transactions on Computer-Human Interaction (ToCHI).

This work is highlighted in a recent IEEE Software Blog: Empowering Users to Build IoT Software with a Puzzle-like Environment and full deta…

Privacy-by-Design Framework for Internet of Things Systems

IOT-2016 7-9 September, 2016, Stuttgart, Germany from Charith Perera
Recent DDoS attacks on key internet services, like the attack that affected the Dyn domain name service, highlighted the security challenges associated with the proliferation of insecure Internet of Things (IoT) systems.  This attack exploited common vulnerabilities like the use of default administration passwords on IoT devices such as internet-enabled CCTV cameras, internet-enabled appliances and smart home devices, to recruit over hundreds of thousands of nodes into a botnet.   This capability highlights the cyber security threats associated with the IoT and brings into sharp relief the importance of considering both security and privacy when designing these systems.

In recent work, presented at the Internet of Things Conference, we describe a privacy-by-design framework for assessing the privacy capabilities of IoT applications and platforms.  Building on more general design strategies for privacy in informaiton …

Are we losing the Internet Security battle?

I was recently invited by Heimdal Security to take part in an expert roundup, with the theme of "Is Internet Security a Losing Battle?".  The main thrust of my answer was to question our use of analogies of conflict in the context of Internet Security or cyber security.  As I said in my response:
"... in this context the metaphors of conflict, such as ‘war’ and ‘battle’ are unhelpful because they suggest that internet security is the responsibility of the technologists who act our defensive force against attackers.   Instead, as has been argued by technology activists like Cory Doctorow and others we might have more success by thinking of cyber security using the analogy of public health and communicable diseases.   By using this analogy, we make cyber security issues more relevant to people and spur them to gain a better understanding that, like diseases, any of us can be afflicted by a cyber security attack.  We can also adopt an analogous approach for handling cyber …