Skip to main content
A silicon chip on a finger tip
Cyber Security Academy

Research themes

Find out what research we're carrying out.

The University of Southampton has been hosting a U.K. National Academic Centre of Excellence in Cyber Security Research (ACE-CSR), which recognizes us as an internationally leading institute for research and education on cyber security. 

Hardware Security 

The escalating demand for hardware security can be attributed to several pivotal factors, which underscore the imperative need for enhanced measures in this domain. These factors encompass: 

  1. The anticipated proliferation of Artificial Intelligence (AI) systems, coupled with their intended deployment in applications of paramount safety and criticality. 
  2. The burgeoning ease with which physical invasive attacks can be orchestrated is primarily attributable to the widespread adoption of Internet of Things (IoT) technology in safety-critical and security-sensitive domains, such as national infrastructure, medical devices, and smart cards. Furthermore, the evolving landscape of reverse engineering methodologies has heightened the efficacy of such attacks. 
  3. The heightened risk of Trojan insertion and counterfeit devices is exacerbated by the globalization of integrated circuit production. This extensive distribution has exposed the integrated circuit supply chain to manipulation by malicious actors, resulting in the potential introduction of hardware Trojans or intellectual property theft. 

To counter these looming threats, our efforts are focused on the development of robust defense mechanisms, with a specific emphasis on: 

  1. Constructing a trustworthy and secure AI system capable of detecting security breaches on edge devices. 
  2. Pioneering the creation of cost-effective secure protocols utilizing physically unclonable functions, a novel category of security measures and primitives that can establish an inherent hardware identity for each device. 
  3. Devising innovative techniques to mitigate the vulnerabilities associated with Trojan insertion and counterfeit integrated circuits. 

Distributed Ledger Technology (DLT)

Distributed Ledger Technology is also known as blockchain, a focus and research direction of ours. The fascinating properties of decentralisation, data control, and integrity make blockchain a disruptive technology for a variety of application domains, from distributed and cloud computing to the Internet of Things. Through the work we are carrying out, Southampton is quickly emerging as an international knowledge centre on DLT, entertaining new collaborations with industry in the UK and public administrations in Europe and beyond. 

Internet-of-Things (IoT)

Our focus is on using blockchain to underpin distributed IoT devices enabling accountable data storage and management. This line of research targets smart energy and home automation scenarios aiming at offering blockchain-empowered energy marketplace and autonomous home controllers. 

Digital Forensics 

Digital Forensics investigates and develops methods for the collection, preservation, analysis, and presentation of digital evidence in legal proceedings or investigations. It also devises processes for examining and recovering digital information from electronic devices and digital storage media to uncover, investigate, and prevent cybercrimes or other illicit activities. 

Cyber threat intelligence (CTI)

This is a broad term describing information about potential threats and the actors that may wish to exploit them. It is an invaluable component in an organisation’s approach to the management of Cyber Risk and an active area of research within the community. Our activities include:

  • approaches to sharing CTI
  • connecting openly available intelligence to an improved understanding of cyber situational awareness (including predictive capability)
  • developing machine support for the work of cyber investigators
  • investigations into making CTI more actionable using machine-based approaches to extract additional intelligence and structure from the existing data corpora


This simplifies policy specification and the management of user rights using a two-tier management, it groups users into roles and assigns permissions to each role. Administrative role-based access control (ARBAC) is a policy mechanism for controlling how changes can be made to the RBAC policy by various administrators. 

Risk Management

Research focuses on risk analysis and decision-making using quantitative modeling and real-time Big data techniques applied to FinTech and Cyber-Risk research fields, via state-of-the-art high-performance computing facilities. 


This is a main application of blockchain to cloud computing to underpin the Federation-as-a-Service solution. It is an innovative solution to federate cloud systems ensuring privacy-preserving management of service or data, optimised resource utilisation, and decentralised and democratic federation governance. 

Blockchain offers the decentralised computational infrastructure to build cloud federations with trustless data integrity and availability guarantees. This line of research was to address problems in the public administration space because some of the specific requirements of demonstrable data custody and service or data sharing governance normally imposed on governments, typically point directly to the key properties of integrity for data and code offered by blockchains. 


This is the foundation of data quality, capturing the trace of data manipulation over space, time, and actors. Provenance becomes critical in application domains such as healthcare where patient safety can be endangered. Based on blockchain technologies, we are focussing on decentralised storage and computation of data provenance to prevent by-design loss and corruption of healthcare data across geographically distributed medical institutions. 

Cyber and the Law 

This works on data situation models relying in part on anonymisation and pseudonymisation practices, and their implications for data protection obligations. The Horizon 2020 FutureTrust project on interoperability of electronic identification and trust services and the interplay between the General Data Protection Regulation (GDPR) and key data protection principles, such as data protection by design. 

Identity and Access Management

This research focuses on the design of privacy-preserving identity and access management systems that are resilient to cyber-attacks. We explore the use of blockchain technology and Intel SGX trusted hardware to guarantee the integrity of users’ digital identities and access control policies and of the identity verification and access control protocols. These guarantee both data immutability and integrity and confidentiality of the policy enforcement process. 


This focuses on integrating humans into the IoT ecosystem. The project investigates how and where crowdsourcing can be used within an IoT ecosystem to improve trust and user-driven privacy and provide better human-driven data-sharing mechanisms. By using the crowd, we build up trust, privacy, & data-sharing capabilities openly and transparently. 


This is a project funded by the Higher Education Academy to enhance both students’ cyber security skills and the University’s cyber security posture through supervised penetration testing and a responsible disclosure policy. 

Software Verification and Validation 

Software Verification and validation in cyberspace is the focus of project ADVANCE. This is developing a unified tool-based framework for automated formal verification and validation of cyber-physical systems. 

Cyber-Physical System Security 

This studies the security issues in cyber-physical systems (CPS) which are characterised by the deep integration and close interaction between the cyber (information) systems and the physical systems. Examples of CPS include:

  • smart energy systems
  • automotive CPS
  • cyber-human systems
  • smart manufacturing systems
  • smart health CPS


This research explores the applicability of GDPR in real terms, concerning the currently known anonymisation techniques. We conclude that new algorithms are needed if we need to be GDPR compliant. Specifically, we explore advanced indexing to endow differential privacy with resilience to attacks based on repeated queries, through our new notion of context controls. 

Government-related activities 

This consist of working with government agencies across Europe and beyond to address privacy and security requirements in public administration. Our current efforts center on distributed ledgers as computational infrastructure to provide data integrity guarantees. 

In the recent past worked with the government on the cyber security of the Internet-of-Things, of the UK Smart Metering Programme as well as the effectiveness of Cyber Essentials. We have established solid working relationships with several agencies including the:

  • Cabinet Office
  • Foreign and Commonwealth Office
  • Information Commissioner’s Office
  • Italian Ministry of Economy and Finance
  • National Crime Agency