UK's second Cyber Research Institute launched
Supplementary content information
The UK's second Academic Research Institute to investigate new ways of automatically analysing computer software to reduce its vulnerability to cyber threats has been launched.
The second Research Institute will carry out world-leading research into techniques for Automated Program Analysis and Verification of computer software. The outputs from the Research Institute will provide businesses, individuals and government with additional confidence that software will behave in a secure fashion when installed on operational networks.
Funded by a £4.5 million grant, the new Research Institute is made up of teams from six Universities. It has been established by GCHQ in partnership with the Engineering and Physical Sciences Research Council (EPSRC) through the UK Research and Innovation Global Uncertainties Programme and the Department for Business, Innovation and Skills (BIS).
It follows hot on the heels of the first Academic Research Institute, which was established in September 2012.
Both Academic Research Institutes form part of a cross-government commitment to increase the nation's academic capability in all fields of Cyber Security.
This allows leading UK academics in the field of Cyber Security to connect with industry security experts and international researchers to tackle some of the UK's toughest challenges in Cyber Security. This collaborative approach between academia, industry and government will ensure that research is relevant and inspired by real world, cutting edge, security issues.
David Willetts, Minister for Universities and Science, said:
This institute will build on the UK's global reputation for cyber security research and innovation. It complements wider work government is doing in partnership with academia and industry to boost the economy through improved cyber security. This includes the Cyber Growth Partnership which met for the first time this week.
Universities in the second Research Institute were selected following a tough competitive process, in which they had to devise new research projects to address three key challenge areas in computer security:
- Vulnerability discovery.
- Malware analysis and classification of code.
- Improved defences and mitigations.
To address these very tough problems requires world-leading researchers in fields such as mathematical logic, programming languages and program analysis. Six teams were successful:
- Queen Mary, University of London, working with University of Kent and University College London
- University of Edinburgh
- Imperial College London
- University College London
- University of Kent working with University College London
- The University of Manchester
Imperial College London was selected to host the Research Institute, with Professor Philippa Gardner taking the role of Director of Research. She said:
The creation of this Research Institute recognises the excellence of UK research in automated program analysis and verification. It provides an exciting opportunity to focus this research on cyber security.
David Delpy, EPSRC's Chief Executive, said:
We rely on the structures of the online world as much as we depend on physical infrastructure and utilities. Academic research that both evaluates threats and devises appropriate defences and safeguards is vital to our national and personal security. Fundamental and applied science and engineering have important roles to play here.
The Research Institute aims to open for business on 1 April 2013 for a period of three years.
Notes for editors
- The second Academic Research Institute has been established to conduct research into Automated Program Analysis and Verification. This is part of a joint response between GCHQ, the Department for Business, Innovation and Skills (BIS), the UK Research and Innovation Global Uncertainties Programme (UKRI) (led by EPSRC) and the Office of Cyber Security and Information Assurance (OCSIA) to, Protecting and Promoting the UK in a Digital World, the Government's National Cyber Security Strategy. The Strategy describes how Government is working with academia and industry to make the UK more resilient to cyber attacks.
Objectives of the strategy are to:
- Tackle cyber crime and make the UK one of the most secure places in the world to do business in cyberspace
- Make the UK more resilient to cyber attack and better able to protect our interests in cyberspace
- Help to shape an open, vibrant and stable cyberspace which the UK public can use safely and that supports open societies
- Build the UK's cross-cutting knowledge, skills and capability to underpin all cyber security objectives.
- Last year, GCHQ, BIS and UK Research and Innovation announced the award of Academic Centre of Excellence (ACE) in Cyber Security Research status to eight UK universities and a first Academic Research Institute in the Science of Cyber Security
- Also in the pipeline are plans for a scheme to recognise Academic Centres of Excellence in Cyber Security Education, Certification of Cyber Security training courses and increased sponsorship of PhD research.
- Both the ACE and Research Institute initiatives are harnessing the vital role that academia has to play in supporting the UK's Cyber Security but the roles are different. The ACE initiative recognises existing areas of strength. The Research Institutes, on the other hand, are targeted investment to develop capability on strategically important topics.
- The award of research grants to the universities in the Research Institute in Automated Program Analysis and Verification is subject to agreement of Terms & Conditions.
- In other areas, GCHQ, BIS and UK Research and Innovation are working together to advance the level of cyber education at all levels from GCSE through to post graduate research.
- Further information on the role of BIS in delivering the cyber security strategy is available via the Protecting and promoting the UK in a digital world announcement.
- GCHQ is one of the three UK intelligence agencies. Further information can be found on the GCHQ website.
- The Engineering and Physical Sciences Research Council (EPSRC) takes the lead in cyber security within the UK Research and Innovation Global Uncertainties Programme.
Reference: PN 23-13