Nine winners of the UK Government’s Digital Security by Design programme are to share £10 million in grants between them. Grants are spread over four years and were announced by Digital Secretary Oliver Dowden. The recipients are expected to create new cybersecurity technologies to secure tech infrastructure and increase cyber resiliency.
Digital Secretary Oliver Dowden said: “We have a world-class cyber security sector, and together we are working hard to make sure the UK is the safest place to work, connect and live online.
“With government support, these projects will build cutting-edge, secure technologies that will give people and businesses further confidence in our digital services and help weaken the threat of cyber attackers.”
The money is coming from two different departments. The Department for Business, Energy and Industrial Strategy is contributing £7m from its Industrial Strategy Challenge Fund. The Department for Digital, Culture, Media and Sport is providing the remaining £3 million from the £1.9bn National Cyber Security Strategy.
Digital Security by Design winners
The nine winners of the Digital Security by Design grants are:
AppControl: Enforcing Application Behaviour through Type-Based Constraints – Led by Dr Wim Vanderbauwhede (University of Glasgow)
CapableVMs – Led by Dr Laurence Tratt (King’s College London) and Dr Jeremy Singer (University of Glasgow)
CAPcelerate: Capabilities for Heterogeneous Accelerators – Led by Dr Timothy Jones (University of Cambridge)
CapC: Capability C semantics, tools and reasoning – Led by Dr Mark Batty (University of Kent)
CAP-TEE: Capability Architectures for Trusted Execution – Led by Dr David Oswald (University of Birmingham)
CHERI for Hypervisors and Operating Systems (CHaOS) – Led by Dr Robert Watson (University of Cambridge)
CloudCAP: Capability-based Isolation for Cloud-Native Applications – Led by Prof Peter Pietzuch (Imperial College London)
Holistic Design of Secure Systems on Capability Hardware (HD-Sec) – Led by Professor Michael Butler (University of Southampton)
SCorCH: Secure Code for Capability Hardware – Led by Dr Giles Reger (The University of Manchester) and Prof Daniel Kroening (University of Oxford)
The exact amount that has been awarded to each project has not been made public.
Solving key cybersecurity issues around technology
While there is little detail on some of the solutions via the relevant university websites, some have published details of their projects.
Software vendors have talked about the need to write secure software for decades. Sadly, every day sees a litany of failures across the industry. Southampton University plans to address this with its HD-Sec solution. It has partnered with Airbus, Arm, Altran, AWE, Galois, L3Harris, Northrop Grumman and Thales.
Professor Michael Butler who leads the project said: “Our vision is the transformation of security system development from an error-prone, iterative build-test-fix approach to a correctness-by-construction approach whereby formal methods guide the design of software in such a way that it satisfies its specification by construction.
“The impact of this will be to reduce overall development costs, while increasing trustworthiness, of security-critical systems.”
At the University of Birmingham, Dr David Oswald’s team is building on its existing projects around Trusted Execution Environments with its CAP-TEE project. It wants to create prototype microchips to protect systems that shield sensitive, personal data. There is little on the university website as to the details of this project at the moment.
Enterprise Times: What does this mean
The UK Government has an ongoing set of funding programmes for research at UK universities. The funding is spread over multiple-years and designed to help universities take research from idea to product. The challenge is often the next stage, monetisation. That is the point where universities team up with outside interests and the UK Treasury sees little return on its initial investment.
One solution would be to change the model from a grant to early-stage investment. It would give the UK a greater stake in the research being created inside the UK. It would also ensure that when the products are sold to large organisations, there would be a return to the taxpayer.
This is an important consideration. As the Digital Security by Design programme shows, there is a lot of advanced research taking place in UK universities. The problem is that the beneficiaries are rarely UK companies.
As the UK pushes for trade deals around the world, it will want to ensure it has something to sell. The UK has a lot of research and early-stage projects in key areas of technology, such as encryption and IoT. Moving from grants to early-stage investment would be an excellent start to protecting the UK technology base.