Back to top

Biography

I am a Principal Lecturer in Systems Security Engineering and co-ordinator of the Bournemouth University Cyber Security Research group (BUCSR)

Before joining BU, I was previously a Post-doctoral Researcher at the Department of Computer Science at the University of Oxford, and a Teaching Fellow at the Information Security Group at University College London. I completed my DPhil in Computer Science at the University of Oxford. Prior to my doctoral research, I was a software engineer within Logica's Space business. Software I developed has been used to support flight dynamics operations for several European Space Agency (ESA) missions, including Mars Express and Rosetta.

Research

My research explores how security can be 'built in' at the earliest stages of a software product or service's design, and how software can be designed to ensure it remains secure and usable when used in different contexts.

I am particularly interested in the role User Experience (UX) artefacts like personas can play in design for security and privacy, and how software tools can help rather than hinder the design of secure and usable software. I maintain the free and open-source CAIRIS platform, and am author of the textbook 'Designing Usable and Secure Software with IRIS and CAIRIS' (Springer, 2018).

Journal Articles

Books

  • Faily, S., 2018. Designing Usable and Secure Software with IRIS and CAIRIS. Springer.
  • Beckers, K., Faily, S., Lee, S.-W. and Mead, N., 2017. Proceedings of the 4th International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2017). IEEE.
  • Beckers, K., Lee, S.-W. and Mead, N., 2016. Proceedings of the 3rd International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2016). IEEE.
  • Faily, S., Jiang, N., Dogan, H. and Taylor, J., 2016. Proceedings of the 30th International BCS Human Computer Interaction Conference (HCI 2016). British Computer Society.
  • Proceedings of the 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2015). IEEE.
  • Proceedings of the 1st Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2014). IEEE.
  • Proceedings of the Workshop on Web Applications and Secure Hardware (WASH'13). CEUR-WS.
  • Proceedings of the BCS HCI 2012 Workshop on Designing Interactive Secure Systems. BCS.
  • Faily, S., Živny, S., Fogelberg, C., Salamon, A. and Schäfer, M., 2008. Proceedings of the Oxford University Computing Laboratory Student Conference 2008. Oxford University Computing Laboratory.

Chapters

  • Atzeni, A., Faily, S. and Galloni, R., 2017. Usable Security: HCI-Sec Issues and Motivations. Encyclopedia of Information Science and Technology. IGI Global.
  • Atzeni, A., Lyle, J. and Faily, S., 2017. Developing secure, unified, multi-device, and multi-domain platforms: A case study from the webinos project. Application Development and Design: Concepts, Methodologies, Tools, and Applications. 539-564.
  • Faily, S., 2014. Evaluating the Implications of Attack and Security Patterns with Premortems. In: Blackwell, C. and Zhu, H., eds. Cyberpatterns: Unifying Design Patterns with Security and Attack Patterns. Springer.
  • Atzeni, A., Lyle, J. and Faily, S., 2014. Developing secure, unified multi-device and multi-domain platforms: A case study from the webinos project. Architectures and Protocols for Secure Information Technology. IGI Global, 310-333.
  • Faily, S., Lyle, J. and Parkin, S., 2012. Tool-support Premortems with Attack and Security Patterns. First International Workshop on Cyberpatterns: Unifying Design Patterns with Security, Attack and Forensic Patterns. 10-11.

Conferences

Theses

Software

Others

PhD Students

  • Jane Henriksen-Bulmer. A Framework for Public Bodies for Managing the Secure and Appropriate Release of Open Source Data
  • Andrew M'Manga. Designing Systems for Risk-based Decision Making and Assurance
  • Duncan Ki-Aries. Risk Assessment for Complex Systems of Systems
  • Mohammad Naiseh. Designing Self-Adaptive Electronic Prescription Service (EPS) for Improved User Experience for Repeat Prescriptions
  • Amna Altaf. Integrating Safety, Security, and Human Factors Engineering

Profile of Teaching PG

  • Security by Design (Level 7)

Profile of Teaching UG

  • Ethical Hacking and Countermeasures (Level 5)
  • Security by Design (Level 6)

Invited Lectures

  • Bringing Security, Usability, and Software Engineering together with Personas. Oxford Brookes University. 2013.
  • HCI-Security: An Overview. Cranfield University. April 2014.

Grants

  • HuaHana: Phase 3 (Innovate UK, 06 Sep 2018). In Progress
  • Integrating Safety, Security, and Human Factors Engineering (Ricardo, 03 Sep 2018). Awarded
  • HuaHana: Phase 2 (Innovate UK, 09 May 2018). Completed
  • Data Protection Impact Assessment of StreetScene (Bournemouth University, 13 Feb 2018). Completed
  • HuaHana:a productivity platform for usable and secure software design (Innovate UK, 01 Feb 2018). Completed
  • Commercialisation of CAIRIS (DCMS / SETsquared, 27 Jan 2017). Completed
  • Bournemouth-Athens Network in Critical Infrastructure Security (BANCIS) (BU Fusion Investment Fund, 01 Sep 2016). Completed
  • Risk Assessment for Complex Systems of Systems (Defence Science and Technology Laboratory, 01 Sep 2016). In Progress
  • Designing Systems for Risk-Based Decision Making and Assurance (Defence Science and Technology Laboratory, 09 Dec 2015). In Progress
  • Bournemouth University Computer Human Interaction (BUCHI) (BU Fusion Investment Fund, 01 Mar 2015). Completed
  • Making sense of DRM in game development (Madrigal) (Bournemouth University - Fusion Investment Fund, 01 Feb 2015). Completed
  • Bournemouth European Network In Cyber Security (BENICS) (BU Fusion Investment Fund, 01 Mar 2014). Completed
  • Evaluating the Usability, Security, and Trustworthiness of Ad-hoc Collaborative Environments (EUSTACE) (EPSRC, 30 May 2012). Completed

External Responsibilities

  • European Intelligence and Security Informatics Conference (EISIC) 2015, Programme Committee (2015-)
  • IEEE Joint Intelligence and Security Informatics Conference (JISIC), Programme Committee (2014-)
  • 1st International Workshop on Evolving Security & Privacy Requirements Engineering, Organising Co-Chair (2014-), http://espre2014.org/
  • International Conference on Trust & Trustworthy Computing (Socio-economics Strand, Programme Committee (2013-)
  • Second International Workshop on Cyberpatterns: Unifying Design Patterns with Security, Attack, and Forensic Patterns, Programme Committee (2013-)
  • European Intelligence and Security Informatics Conference, Programme Committee (2013-)
  • Human Aspects in Mobile App Engineering: Workshop at British HCI 2013, Workshop Co-Chair (2013-)
  • Workshop on Web Applications and Secure Hardware (Co-located with Trust 2013), Workshop Co-Chair (2013-)
  • Designing Interactive Secure Systems SIG at ACM Conference on Human Factors in Computer System, Organiser (2013-)
  • 6th International Conference on Trust & Trustworthy Computing, Publicity Co-Chair (2013-)
  • Designing Interactive Secure Systems: Workshop at British HCI 2012, Workshop Co-Chair (2012-)
  • ACM SIGCHI Symposium on Engineering Interactive Computing Systems, Reviewer (2011-2012)
  • BCS Conference on Human-Computer Interaction, Reviewer (2011-2014)
  • ACM Conference on Human Factors in Computer Systems, Reviewer (2010-2016)
  • Journal of Systems and Software (Elsevier), Reviewer
  • Pervasive and Mobile Computing (Elsevier), Reviewer
  • Behaviour & Information Technology (Taylor & Francis), Reviewer
  • International Journal of Secure Software Engineering (IGI Global), Reviewer
  • Computers & Security (Elsevier), Reviewer

Internal Responsibilities

  • Co-ordinator, BU Cyber Security Research Group

Conference Presentations

  • First International Conference on Cyber Security for Sustainable Society 2015, The Social Psychology of Cybersecurity, 26 Feb 2015, Coventry

Qualifications

  • DPhil in Computer Science (University of Oxford, 2011)
  • BSc (Hons) in Business Computing Systems (City University, 1998)
  • Postgraduate Certificate in Software Engineering (University of Oxford, 2008)
  • PG Cert in Education Practice (Bournemouth University, 2015)

Memberships

  • ACM, Member,
  • Association for Computing Machinery, Member,
  • British Computer Society, Member,
  • Higher Education Academy, Fellow,

External Media and Press

The data on this page was last updated at 04:11 on November 15, 2018.