Shamal Faily

Dr Shamal Faily

  • Principal Academic In Systems Security Engineering
  • Poole House P416, Talbot Campus, Fern Barrow, Poole, BH12 5BB
Back to top

Biography

I am a Principal Lecturer in Systems Security Engineering and co-ordinator of the Bournemouth University Cyber Security Research group (BUCSR). I am also a RISCS Fellow in Secure Development Practices, and a SPRITE+ Expert Fellow.

Before joining BU, I was previously a Post-doctoral Researcher at the Department of Computer Science at the University of Oxford, and a Teaching Fellow at the Information Security Group at University College London. I completed my DPhil in Computer Science at the University of Oxford. Prior to my doctoral research, I was a software engineer within Logica's Space business. Software I developed has been used to support flight dynamics operations for several European Space Agency (ESA) missions, including Mars Express and Rosetta.

Research

My research explores how security can be 'built in' at the earliest stages of a software product or service's design, and how software can be designed to ensure it remains secure and usable when used in different contexts.

I am particularly interested in the role User Experience (UX) artefacts like personas can play in design for security and privacy, and how software tools can help rather than hinder the design of secure and usable software. I lead the development of the open-source CAIRIS platform, and am author of the textbook 'Designing Usable and Secure Software with IRIS and CAIRIS' (Springer, 2018).

Journal Articles

Books

  • Faily, S., 2018. Designing usable and secure software with IRIS and CAIRIS.
  • Beckers, K., Faily, S., Lee, S.-W. and Mead, N., 2017. Proceedings of the 4th International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2017). IEEE.
  • Beckers, K., Lee, S.-W. and Mead, N., 2016. Proceedings of the 3rd International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2016). IEEE.
  • Faily, S., Jiang, N., Dogan, H. and Taylor, J., 2016. Proceedings of the 30th International BCS Human Computer Interaction Conference (HCI 2016). British Computer Society.
  • Proceedings of the 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2015). IEEE.
  • Proceedings of the 1st Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE 2014). IEEE.
  • Proceedings of the Workshop on Web Applications and Secure Hardware (WASH'13). CEUR-WS.
  • Proceedings of the BCS HCI 2012 Workshop on Designing Interactive Secure Systems. BCS.
  • Faily, S., Živny, S., Fogelberg, C., Salamon, A. and Schäfer, M., 2008. Proceedings of the Oxford University Computing Laboratory Student Conference 2008. Oxford University Computing Laboratory.

Chapters

  • Atzeni, A., Faily, S. and Galloni, R., 2017. Usable Security: HCI-Sec Issues and Motivations. Encyclopedia of Information Science and Technology. IGI Global.
  • Atzeni, A., Lyle, J. and Faily, S., 2017. Developing secure, unified, multi-device, and multi-domain platforms: A case study from the webinos project. Application Development and Design: Concepts, Methodologies, Tools, and Applications. 539-564.
  • Faily, S., 2014. Evaluating the Implications of Attack and Security Patterns with Premortems. In: Blackwell, C. and Zhu, H., eds. Cyberpatterns: Unifying Design Patterns with Security and Attack Patterns. Springer.
  • Atzeni, A., Lyle, J. and Faily, S., 2014. Developing secure, unified multi-device and multi-domain platforms: A case study from the webinos project. Architectures and Protocols for Secure Information Technology. IGI Global, 310-333.
  • Faily, S., Lyle, J. and Parkin, S., 2012. Tool-support Premortems with Attack and Security Patterns. First International Workshop on Cyberpatterns: Unifying Design Patterns with Security, Attack and Forensic Patterns. 10-11.

Conferences

  • Iacob, C. and Faily, S., 2020. The impact of undergraduate mentorship on student satisfaction and engagement, teamwork performance, and team dysfunction in a software engineering group project. Annual Conference on Innovation and Technology in Computer Science Education, ITiCSE, 128-134.
  • Altaf, A., Faily, S., Dogan, H., Mylonas, A. and Thron, E., 2020. Identifying safety and human factors issues in rail using IRIS and CAIRIS. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11980 LNCS, 98-107.
  • Faily, S., Scandariato, R., Shostack, A., Sion, L. and Ki-Aries, D., 2020. Contextualisation of Data Flow Diagrams for Security Analysis. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 12419 LNCS, 186-197.
  • Faily, S., Scandariato, R., Shostack, A., Sion, L. and Ki-Aries, D., 2020. Contextualisation of Data Flow Diagrams for Security Analysis. GraMSec@CSF, 12419, 186-197 Springer.
  • Faily, S., Iacob, C., Ali, R. and Ki-Aries, D., 2020. Identifying Implicit Vulnerabilities Through Personas as Goal Models. CyberICPS/SECPRE/ADIoT@ESORICS, 12501, 185-202 Springer.
  • Faily, S. and Ki-Aries, D., 2019. Usable and secure requirements engineering with CAIRIS. Proceedings of the IEEE International Conference on Requirements Engineering, 2019-September, 502-503.
  • Henriksen-Bulmer, J., Faily, S. and Jeary, S., 2019. Implementing GDPR in the charity sector: A case study. IFIP Advances in Information and Communication Technology, 547, 173-188.
  • Coles, J., Faily, S. and Ki-Aries, D., 2018. Tool-supporting Data Protection Impact Assessments with CAIRIS. Proceedings - 2018 5th International Workshop on Evolving Security and Privacy Requirements Engineering, ESPRE 2018, 21-27.
  • Ki-Aries, D., Faily, S., Dogan, H. and Williams, C., 2018. Assessing system of systems security risk and requirements with oasosis. Proceedings - 2018 5th International Workshop on Evolving Security and Privacy Requirements Engineering, ESPRE 2018, 14-20.
  • Beckers, K., Faily, S., Lee, S.W. and Mead, N., 2018. Welcome to the fifth international workshop on evolving security and privacy requirements engineering (ESPRE'18). Proceedings - 2018 5th International Workshop on Evolving Security and Privacy Requirements Engineering, ESPRE 2018, VI.
  • Ki-Aries, D., Faily, S., Dogan, H. and Williams, C., 2018. System of systems characterisation assisting security risk assessment. 2018 13th System of Systems Engineering Conference, SoSE 2018, 485-492.
  • M'MANGA, A., Faily, S., McAlaney, J., Williams, C., Kadobayashi, Y. and Miyamoto, D., 2018. Eliciting Persona Characteristics for Risk Based Decision Making. In: 32nd International BCS Human Computer Interaction Conference 2-6 July 2018 Belfast, UK.
  • M'MANGA, A., Faily, S., McAlaney, J., Kadobayashi, Y. and Miyamoto, D., 2018. Qualitative Adaptation: Informing Design for Risk-based Decision Making. In: 2nd Workshop on the Challenges and Opportunities for Qualitative Data Research Methods in HCI 2-6 July 2018 Belfast, UK.
  • Iacob, C. and Faily, S., 2018. Redesigning an undergraduate software engineering course for a large cohort. Proceedings - International Conference on Software Engineering, 163-171.
  • M'manga, A., Faily, S., McAlaney, J. and Williams, C., 2018. Rationalising Decision Making about Risk: A Normative Approach. PROCEEDINGS OF THE TWELFTH INTERNATIONAL SYMPOSIUM ON HUMAN ASPECTS OF INFORMATION SECURITY & ASSURANCE (HAISA 2018), 263-271.
  • 5th IEEE International Workshop on Evolving Security & Privacy Requirements Engineering, ESPRE@RE 2018, Banff, AB, Canada, August 20, 2018. ESPRE@RE IEEE.
  • Iacob, C. and Faily, S., 2017. Using Extreme Characters to Teach Requirements Engineering. Proceedings - 30th IEEE Conference on Software Engineering Education and Training, CSEE and T 2017, 2017-January, 107-111.
  • Faily, S. and Iacob, C., 2017. Design as code: Facilitating collaboration between usability and security engineers using CAIRIS. Proceedings - 2017 IEEE 25th International Requirements Engineering Conference Workshops, REW 2017, 76-82.
  • Ki-Aries, D., Dogan, H., Faily, S., Whittington, P. and Williams, C., 2017. From requirements to operation: Components for risk assessment in a pervasive system of systems. Proceedings - 2017 IEEE 25th International Requirements Engineering Conference Workshops, REW 2017, 83-89.
  • Beckers, K., Faily, S., Lee, S.W. and Mead, N., 2017. Welcome to the fourth international workshop on evolving security and privacy requirements engineering (ESPRE'17). Proceedings - 2017 IEEE 25th International Requirements Engineering Conference Workshops, REW 2017, xix.
  • M'manga, A., Faily, S., McAlaney, J. and Williams, C., 2017. Folk Risk Analysis: Factors Influencing Security Analysts’ Interpretation of Risk. In: 3rd Workshop on Security Information Workers 12-14 July 2017 Santa Clara, USA. Proceedings of the 3rd Workshop on Security Information Workers Usenix Association.
  • Ki-Aries, D., Faily, S., Dogan, H. and Williams, C., 2017. Re-framing 'the AMN': A case study eliciting and modelling a System of Systems using the Afghan Mission Network. Proceedings - International Conference on Research Challenges in Information Science, 103-108.
  • M'Manga, A., Faily, S., McAlaney, J. and Williams, C., 2017. System design considerations for risk perception. Proceedings - International Conference on Research Challenges in Information Science, 322-327.
  • Jane, H.B. and Faily, S., 2017. Applying contextual integrity to open data publishing. HCI 2017: Digital Make Believe - Proceedings of the 31st International BCS Human Computer Interaction Conference, HCI 2017, 2017-July, 1-7.
  • Iacob, C., Faily, S. and Harrison, R., 2016. MARAM: Tool support for mobile app review management. MobiCASE 2016 - 8th EAI International Conference on Mobile Computing, Applications and Services.
  • Ki-Aries, D., Faily, S. and Beckers, K., 2016. Persona-Driven Information Security Awareness. In: 30th British HCI Group Annual Conference on People and Computers: Fusion 11-15 July 2016 Bournemouth, UK.
  • Faily, S., Stergiopoulos, G., Katos, V. and Gritzalis, D., 2016. “Water, water, every where”: Nuances for a water industry critical infrastructure specification exemplar. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 9578, 243-246.
  • Iacob, C. and Faily, S., 2016. Improving human-reviews interaction: A study of the role, use, and place of online reviews. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July.
  • Faily, S., Iacob, C. and Field, S., 2016. Ethical hazards and safeguards in penetration testing. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July.
  • Faily, S., Gritzalis, D., Lykou, G., Mylonas, A., Partridge, A. and Katos, V., 2016. Human-centered specification exemplars for critical infrastructure environments. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July.
  • Partridge, A. and Faily, S., 2016. The application of useless Japanese inventions for requirements elicitation in information security. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July.
  • Ali, R., McAlaney, J., Faily, S., Phalp, K. and Katos, V., 2015. Mitigating circumstances in cybercrime: A position paper. Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015, 1972-1976.
  • Favale, M., McDonald, N., Faily, S. and Gatzidis, C., 2015. Human Aspects in Digital Rights Management: The Perspective of Content Developers​. In: Fourth International Workshop on Artificial Intelligence and IP Law 9 December-9 November 2015 Braga, Portugal.
  • Faily, S. and Jones, M., 2015. Embedding Professional Practice into the Cybersecurity Curriculum using Ethics. In: 1st UK Workshop on Cybersecurity Training & Education 11 June 2015 Liverpool.
  • Faily, S., Lyle, J., Fléchais, I. and Simpson, A., 2015. Usability and Security by Design: A Case Study in Research and Development. In: NDSS Workshop on Usable Security 8 February-8 January 2015 2015.
  • Vallindras, A., Faily, S. and ACM, 2015. The Mystery of Security Design. BRITISH HCI 2015, 316-317.
  • Faily, S., McAlaney, J. and Iacob, C., 2015. Ethical dilemmas and dimensions in penetration testing. Proceedings of the 9th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2015, 233-242.
  • McDonald, N., Faily, S., Favale, M. and Gatzidis, C., 2015. Digital rights management: The four perspectives of developers, distributors, users, and lawyers. Proceedings of the 9th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2015, 276-285.
  • Faily, S. and Fléchais, I., 2014. Eliciting and Visualising Trust Expectations using Persona Trust Characteristics and Goal Models. In: 6th International Workshop on Social Software Engineering 17 November-17 August 2014 Hong Kong. ACM.
  • Faily, S., Lyle, J., Fléchais, I., Atzeni, A., Cameroni, C., Myrhaug, H., Göker, A. and Kleinfeld, R., 2014. Authorisation in Context: Incorporating Context-Sensitivity into an Access Control Framework. In: 28th British HCI Group Annual Conference on People and Computers: Sand, sea and Sky 9-12 September 2014 Southport, UK. British Computer Society.
  • Faily, S., 2014. Engaging Stakeholders in Security Design: An Assumption-Driven Approach. In: International Symposium on Human Aspects on Information Security & Assurance (HAISA 2014) 8-10 July 2014 Plymouth University.
  • Faily, S., 2014. Ethical Hacking Assessment as a Vehicle for Undergraduate Cyber-Security Education. In: BCS 19th Annual INSPIRE Conference 15 April 2014 Southampton.
  • Iacob, C., Harrison, R. and Faily, S., 2013. Online Reviews as First Class Artifacts in Mobile App Development. In: Fifth International Conference on Mobile Computing, Applications and Services 7-8 November 2013 Paris, France. , 47-53.
  • Lyle, J., Faily, S. and Winandy,, M., 2013. The Workshop on Web Applications and Secure Hardware. In: Workshop on Web Applications and Secure Hardware (WASH’13), Co-located with the 6th International Conference on Trust and Trustworthy Computing (TRUST 2013) 20 June 2013 London. Proceedings of the Workshop on Web Applications and Secure Hardware (WASH’13), Co-located with the 6th International Conference on Trust and Trustworthy Computing (TRUST 2013), London, United Kingdom, June 20, 2013, 1011 CEUR-WS.org.
  • Faily, S., Lyle, J., Flechais, I., Atzeni, A., Cameroni, C., Myrhaug, H., Goker, A. and Kleinfeld, R., 2013. Policies in Context: Factors Influencing the Elicitation and Categorisation of Context-Sensitive Security Policies. Proceedings of the Workshop on Home Usable Privacy and Security.
  • Faily, S., 2013. Security Patterns Considered Harmful? Proceedings of The Second International Workshop on Cyberpatterns: Unifying Design Patterns with Security, Attack and Forensic Patterns, 108-109.
  • Faily, S. and Lyle, J., 2013. Guidelines for Integrating Personas into Software Engineering Tools. Proceedings of the 5th ACM SIGCHI symposium on Engineering interactive computing systems, 69-74.
  • Faily, S., Power, D., Armstrong, P. and Flechais, I., 2013. Formal Evaluation of Persona Trustworthiness with EUSTACE (Extended Abstract). Trust and Trustworthy Computing, 6th International Conference, TRUST 2013, 267-268.
  • Faily, S., Coles-Kemp, L., Dunphy, P., Just, M., Akama, Y. and Luca, A.D., 2013. Designing Interactive Secure Systems: CHI 2013 Special Interest Group. CHI ’13 Extended Abstracts on Human Factors in Computing Systems, 2469-2472 ACM.
  • Lyle, J., Nilsson, C., Isberg, A. and Faily, S., 2013. Extending the web to support personal network services. SAC, 711-716.
  • Faily, S. and Lyle, J., 2013. Security Lessons Learned Building Concept Apps for webinos. In: BCS HCI 2013 Workshops: Human Aspects in Mobile App Engineering 9 September 2013 Brunel University, London. Human Aspects in Mobile Apps Engineering: Workshop at British HCI 2013.
  • Su, T., Lyle, J., Atzeni, A., Faily, S., Virji, H., Ntanos, C. and Botsikas, C., 2013. Continuous Integration for Web-Based Software Infrastructures: Lessons Learned on the webinos Project. Haifa Verification Conference Springer.
  • Faily, S., Lyle, J., Namiluko, C., Atzeni, A. and Cameroni, C., 2012. Model-driven architectural risk analysis using architectural and contextualised attack patterns. Proceedings of the Workshop on Model-Driven Security, 3:1-3:6 ACM.
  • Faily, S., Lyle, J., Paul, A., Atzeni, A., Blomme, D., Desruelle, H. and Bangalore, K., 2012. Requirements Sensemaking using Concept Maps. HCSE’2012: Proceedings of the 4th International Conference on Human-Centered Software Engineering, 217-232 Springer.
  • Faily, S. and Flechais, I., 2012. Software for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS. In: BCS HCI 2012 Workshops: Designing Interactive Secure Systems 12-14 September 2012 Birmingham, UK. Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems, 3:1-3:4.
  • Faily, S., Lyle, J. and Parkin, S., 2012. Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems. In: BCS HCI 2012 Workshops: Designing Interactive Secure Systems 12-14 September 2012 Birmingham, UK. Proceedings of BCS HCI 2012 Workshops: Designing Interactive Secure Systems, 5:1-5:4.
  • Lyle, J., Paverd, A., King-Lacroix, J., Atzeni, A., Virji, H., Flechais, I. and Faily, S., 2012. Personal PKI for the smart device era. 9th European PKI Workshop: Research and Applications.
  • Lyle, J., Faily, S., Flechais, I., Paul, A., Goker, A., Myrhaug, H., Desruelle, H. and Martin, A., 2012. On the design and development of webinos: a distributed mobile application middleware. Proceedings of the 12th IFIP WG 6.1 international conference on Distributed applications and interoperable systems, 140-147.
  • Lyle, J., Monteleone, S., Faily, S., Patti, D. and Ricciato, F., 2012. Cross-platform access control for mobile web applications. Policies for Distributed Systems and Networks (POLICY), 2012 IEEE International Symposium on, 37-44.
  • Fuhrhop, C., Lyle, J. and Faily, S., 2012. The webinos project. Proceedings of the 21st international conference companion on World Wide Web, 259-262 ACM.
  • Faily, S., 2012. Analysing Chindogu: Applying Defamiliarisation to Security Design. CHI 2012 Workshop on Defamiliarisation in Innovation and Usability.
  • Gionis, G., Desruelle, H., Blomme, D., Lyle, J., Faily, S. and Bassbouss, L., 2011. “Do we know each other or is it just our Devices?”: A Federated Context Model for Describing Social Activity Across Devices. W3C/PrimeLife Federated Social Web Europe Conference 2011.
  • Faily, S., 2011. Bridging User-Centered Design and Requirements Engineering with GRL and Persona Cases. In: CEUR iStar 2011 5th International i* Workshop 28-29 August 2011 Trento, Italy. Proceedings of the 5th International i* Workshop, 114-119.
  • Faily, S. and Flechais, I., 2011. Eliciting Usable Security Requirements with Misusability Cases. Proceedings of the 19th IEEE International Requirements Engineering Conference, 339-340 IEEE Computer Society.
  • Faily, S., 2011. Security goes to ground: on the applicability of Security Entrepreneurship to Grassroot Activism. In: CHI Workshop on HCI, Politics and the City: Engaging with Urban Grassroots Movements for Reflection and Action 7-12 May 2011 Vancouver, BC, Canada.
  • Faily, S., 2011. Two Requirements for Usable and Secure Software Engineering. In: 1st Software and Usable Security Aligned for Good Engineering (SAUSAGE) Workshop 5-6 April 2011 National Institute of Standards and Technology Gaithersburg, MD USA.
  • Faily, S. and Flechais, I., 2011. Persona Cases: A Technique for grounding Personas. CHI ’11: Proceedings of the 29th International conference on Human factors in computing systems, 2267-2270 Vancouver, BC, Canada: ACM.
  • Atzeni, A.S., Cameroni, C., Faily, S., Lyle, J. and Flechais, I., 2011. Here's Johnny: A Methodology for Developing Attacker Personas. ARES, 722-727 IEEE.
  • Faily, S. and Flechais, I., 2011. User-Centered Information Security Policy Development in a Post-Stuxnet World. ARES, 716-721 IEEE Computer Society.
  • Faily, S. and Flechais, I., 2010. A Meta-Model for Usable Secure Requirements Engineering. Software Engineering for Secure Systems, 2010. SESS ’10. ICSE Workshop on, 29-35.
  • Faily, S. and Flechais, I., 2010. Improving Secure Systems Design with Security Culture. Poster at: Human Factors in Information Security.
  • Faily, S. and Flechais, I., 2010. Analysing and Visualising Security and Usability in IRIS. Availability, Reliability and Security, 2010. ARES 10. Fifth International Conference on.
  • Faily, S. and Flechais, I., 2010. Security through Usability: a user-centered approach for balanced security policy requirements. Poster at: Annual Computer Security Applications Conference.
  • Flechais, I. and Faily, S., 2010. Security and Usability: Searching for the philosopher’s stone. Workshop on the development of EuroSOUPS (European Symposium on Usable Privacy and Security).
  • Faily, S. and Flechais, I., 2010. The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System Design. HCSE’2010: Proceedings of the 3rd Conference on Human-Centered Software Engineering, 111-118 Springer.
  • Faily, S. and Flechais, I., 2010. To boldly go where invention isn’t secure: applying Security Entrepreneurship to secure systems design. NSPW ’10: Proceedings of the 2010 New Security Paradigms Workshop, 73-84 New York, NY, USA: ACM.
  • Faily, S. and Flechais, I., 2010. A Model of Security Culture for e-Science. Proceedings of the South African Information Security Multi-Conference (SAISMC 2010), 154-164 University of Plymouth.
  • Faily, S. and Flechais, I., 2010. Barry is not the weakest link: eliciting secure system requirements with personas. BCS HCI, 124-132 ACM.
  • Faily, S. and Flechais, I., 2009. Context-Sensitive Requirements and Risk Management with IRIS. International Requirements Engineering, 2009. RE’09. 17th IEEE.
  • Faily, S., 2008. Towards Requirements Engineering Practice for Professional End User Developers: A Case Study. Requirements Engineering Education and Training, 2008. REET ’08, 38-44 IEEE.
  • Faily, S. and Flechais, I., 2008. Making the invisible visible: a theory of security culture for secure and usable grids. UK e-Science All Hands Conference 2008, Edinburgh, UK (Oral Presentation).
  • Faily, S., 2007. Living with Flight Dynamics : Proposals and Possible Pitfalls for Harmonising Flight Dynamics Systems with EGOS. European Ground System Architecture Workshop (ESAW) 2007, ESOC, Darmstadt, Germany (Oral Presentation).

Theses

Software

Others

PhD Students

  • Mohammad Naiseh. Designing Self-Adaptive Electronic Prescription Service (EPS) for Improved User Experience for Repeat Prescriptions
  • Amna Altaf. Integrating Safety, Security, and Human Factors Engineering
  • Omolola Fagbule

Profile of Teaching PG

  • Security by Design (Level 7)

Profile of Teaching UG

  • Security by Design (Level 6)

Grants

  • HuaHana: Phase 3 (Innovate UK, 06 Sep 2018). Completed
  • Integrating Safety, Security, and Human Factors Engineering (Ricardo, 03 Sep 2018). Awarded
  • HuaHana: Phase 2 (Innovate UK, 09 May 2018). Completed
  • Data Protection Impact Assessment of StreetScene (Bournemouth University, 13 Feb 2018). Completed
  • HuaHana:a productivity platform for usable and secure software design (Innovate UK, 01 Feb 2018). Completed
  • Commercialisation of CAIRIS (DCMS / SETsquared, 27 Jan 2017). Completed
  • Bournemouth-Athens Network in Critical Infrastructure Security (BANCIS) (BU Fusion Investment Fund, 01 Sep 2016). Completed
  • Risk Assessment for Complex Systems of Systems (Defence Science and Technology Laboratory, 01 Sep 2016). In Progress
  • Designing Systems for Risk-Based Decision Making and Assurance (Defence Science and Technology Laboratory, 09 Dec 2015). In Progress
  • Bournemouth University Computer Human Interaction (BUCHI) (BU Fusion Investment Fund, 01 Mar 2015). Completed
  • Making sense of DRM in game development (Madrigal) (Bournemouth University - Fusion Investment Fund, 01 Feb 2015). Completed
  • Bournemouth European Network In Cyber Security (BENICS) (BU Fusion Investment Fund, 01 Mar 2014). Completed
  • Evaluating the Usability, Security, and Trustworthiness of Ad-hoc Collaborative Environments (EUSTACE) (EPSRC, 30 May 2012). Completed

External Responsibilities

  • European Intelligence and Security Informatics Conference (EISIC) 2015, Programme Committee (2015-)
  • IEEE Joint Intelligence and Security Informatics Conference (JISIC), Programme Committee (2014-)
  • 1st International Workshop on Evolving Security & Privacy Requirements Engineering, Organising Co-Chair (2014-), http://espre2014.org/
  • International Conference on Trust & Trustworthy Computing (Socio-economics Strand, Programme Committee (2013-)
  • Second International Workshop on Cyberpatterns: Unifying Design Patterns with Security, Attack, and Forensic Patterns, Programme Committee (2013-)
  • European Intelligence and Security Informatics Conference, Programme Committee (2013-)
  • Human Aspects in Mobile App Engineering: Workshop at British HCI 2013, Workshop Co-Chair (2013-)
  • Workshop on Web Applications and Secure Hardware (Co-located with Trust 2013), Workshop Co-Chair (2013-)
  • Designing Interactive Secure Systems SIG at ACM Conference on Human Factors in Computer System, Organiser (2013-)
  • 6th International Conference on Trust & Trustworthy Computing, Publicity Co-Chair (2013-)
  • Designing Interactive Secure Systems: Workshop at British HCI 2012, Workshop Co-Chair (2012-)
  • ACM SIGCHI Symposium on Engineering Interactive Computing Systems, Reviewer (2011-2012)
  • BCS Conference on Human-Computer Interaction, Reviewer (2011-2014)
  • ACM Conference on Human Factors in Computer Systems, Reviewer (2010-2016)
  • Journal of Systems and Software (Elsevier), Reviewer
  • Pervasive and Mobile Computing (Elsevier), Reviewer
  • Behaviour & Information Technology (Taylor & Francis), Reviewer
  • International Journal of Secure Software Engineering (IGI Global), Reviewer
  • Computers & Security (Elsevier), Reviewer

Internal Responsibilities

  • Co-ordinator, BU Cyber Security Research Group

Conference Presentations

  • First International Conference on Cyber Security for Sustainable Society 2015, The Social Psychology of Cybersecurity, 26 Feb 2015, Coventry

Qualifications

  • PG Cert in Education Practice (Bournemouth University, 2015)
  • DPhil in Computer Science (University of Oxford, 2011)
  • PG Cert in Software Engineering (University of Oxford, 2008)
  • BSc (Hons) in Business Computing Systems (City University, 1998)

Memberships

  • ACM, Member,
  • Association for Computing Machinery, Member,
  • British Computer Society, Member,
  • Higher Education Academy, Fellow,