In information security, one leak is sufficient to spoil the security of a system. It is therefore imperative to control the security properties of all components of a system. This is hard because;

  1. there might be a large number of components
  2. we do not know all the components of a system that interacts with the outside world
  3. we cannot control or even exhaustively describe the possible interactions of an attacker with these components
Interaction with the world around occurs, for example, when people are required to use passwords that are not easy to guess, or when the network is wireless, and thus shares the airwaves with everybody else. For distributed and embedded systems security is even more difficult, because these are often resource constrained, dynamically evolving, unattended and are very open and accessible to attackers.

As a security group, we therefore choose to focus on distributed and embedded systems. The research mission of the DIES group is "to provide fundamental improvements for the security of distributed and embedded systems, by designing suitable building blocks and fostering systematic reasoning."

Our research can be categorised according to the topic, the tools used and the application area.

We work on the following topics:

  • data security
  • network security
  • cyber security

Tools we use are:

  • cryptographic algorithms and protocols
  • formal methods and statistics
  • simulation and case studies

Our results are applied in the following application areas:

  • health and food management
  • critical control systems
  • social and enterprise networks