Head, Bristol Cyber Security Group

Director, National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online (REPHRAIN))

Director, EPSRC Centre for Doctoral Training in Cyber Security: Trust, Identity, Privacy and Security in Large-scale Infrastructures (TIPS-at-Scale)

Principle Investigator and Editor-in-Chief, Cyber Security Body of Knowledge (CyBOK)

My research spans cyber security and software engineering. I focus on novel software modularity techniques that underpin software that is adaptable, evolvable and resilient in the face of changes and the volatile nature of user requirements and behaviours in the modern digital world. This naturally ties in with my cyber security research which focuses on developing tools and techniques that are adaptable to the constantly changing threat patterns utilised by criminals online. I am particularly interested in security of cyber-physical systems, such as, industrial control systems and Internet of Things. I am also a keen researcher of adversarial and non-adversarial behaviours pertaining to cyber security. I lead projects as part of the UK Research Institute on Trustworthy Industrial Control Systems (RITICS) and UK Research Institute on Socio-technical Cyber Security (RISCS), the National Centre of Excellence on Cyber Security of Internet of Things (PETRAS) and am a member of the UK Centre for Research and Evidence on Security Threats (CREST). I also lead research on readiness of software engineers and developers to work with new secure hardware as part of the ESRC Hub on Digital Security by Design (Discribe). I am a Fellow of the Alan Turing Institute. Prior to joining the University of Bristol, I was co-founder and co-director of the Security Lancaster Institute at Lancaster University.