Scheme: University Research Fellowship
Organisation: University College London
Dates: Dec 2012-Dec 2017
Summary: When you are working on a computer system (say, on a computer on your school network), it is hard to know whether the system is secure. It is very likely to contain some security vulnerabilities, and the larger the system is, the more likely it is that parts of the system could be broken into without your noticing. Maybe you will find out later, or maybe you will never know. How can we make judgements about the security of computer systems when we don’t know for certain all the things we would like to know about them? How can we make sure that security defences work as well as we need?
Previous attempts to study and improve the security of computer systems are flawed because they cannot adequately handle systems that are as large and complex as those we use today; they are also not very good when we don’t have full answers to all the questions about the computer system that you might ask -- and there are lots of those situations! (For example, you may not know whether the computer has been updated with the latest security fixes, what software the person who used the computer before you may have installed, whether there are any bugs you don’t yet know in the software you are using, and how likely it is that someone malicious will exploit one of those bugs before you manage to get the bug fixed...) This project will find better ways of understanding the security of the kind of computer systems that we actually use in real life today, even when we don’t know everything about the system for certain. It will also find ways of measuring the security of the system, and discover which security defences work best and why. In the longer term, it will help us to design security defences that work better than anything we have today.