The first year involves a series of taught modules on the technical and human / social / behavioural aspects of trust, identity, privacy and security (TIPS) at-scale.
Fundamentals of TIPS-at-Scale
Students develop a shared understanding of the underlying dimensions of TIPS and an awareness of the challenges when scaling up state-of-the-art methods. This module focuses on
- Infrastructures: scalability challenges in cyber-physical systems, largescale networks and hardware
- Human, organisation and regulatory contexts: risk management & governance, human factors pertaining to TIPS-at-Scale, privacy & online rights, law & regulatory aspects
- Systems security: current techniques for cryptography, operating systems, cloud and distributed systems security, as well as authentication, authorisation and accountability - and the challenges in scaling these
- Software security: challenges posed by both traditional software and the democratisation effect whereby people from all walks of life are developing and deploying apps to potentially millions of users globally
Empirical Research Methods for TIPS-at-Scale
Students are empowered to select, tailor and utilise appropriate research methods to address TIPS-at-Scale challenges.This module includes:
- Importance of multiple/mixed methods in TIPS-at-Scale
- Methods, including experiments, surveys, interviews, focus groups, ethnography and action research and their
- Challenges of research with new forms of data, e.g., from large-scale information flows in social media or smart connected environments
- Data-scientific thinking and use of quantitative methods for analysis of large-scale TIPS data sets
- Ethical considerations in TIPS-at-Scale research such as sharing of large-scale data sets, their sanitisation and challenges with regards to assured anonymisation
Threats and Risks for TIPS-at Scale
Students are exposed to state-of-the art risk management and mitigation approaches in industry, and the inherent challenges when attempting to scale those approaches up. The module will include:
- Attacks and defences, including how malware and attack technologies are scaling up, the factors driving adversarial behaviours and the challenges of undertaking security operations, forensics and incident management
- Threats arising from cross-domain nature of hyper-connected infrastructures, where data and information cross a range of platform, administrative, organisational and geographical boundaries
- Threat modelling for TIPS-at-Scale
- Risk management and assessment, perceptions of risks pertaining to large-scale infrastructures, how these impact mitigation, existing risk frameworks and their limitations
- Connecting risk and threat profiles to policy and decision making
Students are provided with comprehensive training in responsible innovation around four key competencies as articulated by the EPSRC AREA framework for RI: anticipation, reflection, engagement and action.This module will include:
- Innovation, its history and evolution, with a particular emphasis on models and processes of innovation in the (big) data and hyper-connected information age
- Contemporary innovation systems, knowledge creation, diffusion and translation, with an emphasis on large scale hyperconnected systems
- Innovation’s potential to co-produce risks / ethical dilemmas with economic and social value
- Multi-level governance of innovation in large scale hyper-connected systems
- Deficits of current governance and an RI framework to address these, modelled on real world case studies
- Practical tools and methods for exploring TIPS through a framework for RI
- Application of tools to TIPS at scale challenges within group projects
Resilient Socio-technical Infrastructures
Students learn about approaches to keep large socio-technical infrastructures in operation when they operate in partially-trusted settings and even when parts of the infrastructure are compromised, e.g., inclusion of malicious human actors, software or hardware. They will gain hands-on experience of analysing resilience of realistic scale systems in the Bristol Cyber Security Testbed.
Members of academic staff, industrial visitors and prominent external speakers from academia, government and industry deliver masterclasses where students go far deeper in pursuit of specialised topics from a wide range of themes of both technical and social nature. The format of the master-classes is adapted to requirements of specific topics, e.g., in-class delivery in combination with visits to industrial facilities where needed or on-site delivery at an industry partner.
Masterclasses are complemented by students undertaking two placements of 2 weeks each, one in an industry or practice organisation and one in an academic research group at Bristol or Bath. The placements provide students with hands-on experience of working on TIPS-at-Scale problems in industry and research settings. These placements help shape their understanding of practical challenges and research issues, and, together with masterclasses, provide a strong basis for their research proposal.