UK gov awards £10 million to cutting-edge security-by-design projects


The UK government is set to provide £10 million to nine winners of its Digital Security by Design programme, which aims to bolster the resilience of the nation’s digital infrastructure.

The funding commitment, which will be spread across four years, has been awarded to academics from nine institutions to pursue the development of systems embedded with security-by-design principles.

A particular concern among IT managers is the nature by which many devices, particularly those in the Internet of Things (IoT) ecosystem, have been developed without security in mind. Funding has now been allocated to nine institutions to pursue the development of the systems they’ve proposed.

The University of Southampton, for example, will receive a portion of the funding to build its HD-Sec system, which aims to speed up the process of identifying security vulnerabilities and reduce errors in software design.

“Cyber attacks can cause significant economic and social damage and leave a lasting mark on affected businesses,” said science minister Amanda Solloway MP.

“Today’s funding will allow some of the country’s most innovative businesses and academics to work together on digital solutions to tackle these threats. The UK not only has a proud heritage in computing, but is a world leader in digital security and we are committed to ensuring our country remains one of the safest places to do business online.”

AppControl, being developed by the University of Glasgow, will also be funded as part of the scheme. This platform uses microprocessors to ensure vital systems used in cars, medical robots and nuclear power plants can remain digitally secure.

Meanwhile, funding will also be funnelled to the University of Birmingham to develop CAP-TEE, which uses prototype microchips to protect systems guarding sensitive data from cyber criminals.

The government launched a challenge in January 2019 with £70 million of backing for researchers to develop means by which developers can ‘design out’ security threats.

The Digital Security by Design initiative, which was formalised in July last year, saw private companies invest £117 million in addition to the previously announced £70 million in order to develop next-gen security systems.


How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation


The chipmaker ARM subsequently partnered with the government as part of the scheme to create allegedly ‘hack-resistant’ chips, with £36 million ploughed into the five-year project.

The first stages of the initiative resulted in the development of the microprocessor technology known as Capability Hardware, which is built with safeguards to make it more secure than conventional processors. These protections are built in the processor architecture and hardware system so systems become more secure when faced with all manners of software security vulnerabilities.

Each research team awarded funding in this latest stage of the process will create a working example of their technology using these prototype chips, while also demonstrating the economic and social benefits.

“The Digital Security by Design programme will radically update the security foundations of the digital computing infrastructure that underpins the entire economy,” said UK Research & Investment challenge director for Digital Security by Design, John Goodacre.

“I’m honoured that these leading universities and researchers have aligned their expertise to this challenge.

“These projects will increase the knowledge and skills around this new technology, as well as research the opportunities this fundamental change offers to the security of computers across business and society in the future.”

The full list of winners of the grant funding are as follows:

  • CapableVMs – Led by Dr Laurence Tratt (King’s College London) and Dr Jeremy Singer (University of Glasgow)
  • CAPcelerate: Capabilities for Heterogeneous Accelerators – Led by Dr Timothy Jones (University of Cambridge)
  • CapC: Capability C semantics, tools and reasoning – Led by Dr Mark Batty (University of Kent)
  • CAP-TEE: Capability Architectures for Trusted Execution – Led by Dr David Oswald (University of Birmingham)
  • CHERI for Hypervisors and Operating Systems (CHaOS) – Led by Dr Robert Watson (University of Cambridge)
  • CloudCAP: Capability-based Isolation for Cloud Native Applications – Led by Prof Peter Pietzuch (Imperial College London)
  • Holistic Design of Secure Systems on Capability Hardware (HD-Sec) – Led by Professor Michael Butler (University of Southampton)
  • SCorCH: Secure Code for Capability Hardware – Led by Dr Giles Reger (The University of Manchester) and Prof Daniel Kroening (University of Oxford)
Keumars Afifi-Sabet
Features Editor

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.