X Close

UCL Department of Science, Technology, Engineering and Public Policy

Home

Applied in Focus. Global in Reach

Menu

COVID-19: IoT and Cybersecurity

By fredrikskippervold, on 27 August 2020

Fredrik Johan Skippervold is a UCL MPA Graduate within Digital Technologies and Policy 18/19. He holds a Bachelor of Law with Spanish and is currently a researcher in the PETRAS National Centre of Excellence for IoT Systems Cybersecurity.

Introduction

Over the past four months (April – July) my colleague Dr Catherine Wheller and I have been following the impacts of COVID-19 on cybersecurity and the Internet of Things (IoT) within the UK and beyond. The pandemic has inspired a range of IoT innovations to help stop the spread of the virus. We have written weekly landscape briefings (LB) that provide up to date information on the latest developments in this area. In this blog I will talk about how we set about collecting information and how we put together these reports, as well as highlight some of the major developments which include discussions surrounding privacy and ethics. To note, a final summary briefing will be posted alongside this blogpost. The summary, which can be found here, includes a detailed timeline of events, provides an overview of how IoT devices are helping to stop the spread of the virus (UK and globally) and presents discussions around so-called ‘immunity passports’.

Cybersecurity

(more…)

A holistic approach to reasoning about the security of critical infrastructure systems

By uchennadani, on 13 February 2020

By Dr Uchenna D Ani, Post-Doctoral Research Fellow with the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, UCL STEaPP

Security designs should not consider technical details alone but should capture the bigger picture of the co-interacting participants that provide critical services.

Critical National Infrastructure (CNI) systems need cybersecurity, physical security and personnel security.  CNI systems use networks of diverse technologies (hardware and software) to enable the exchange of data and information. Generally, this involves socio-technical systems (STS) – people interacting with the technology and working together as a single system structured to achieve operational objectives.

IoT

Integrating the internet and the Internet of Things (IoT) with CNI systems enable greater capabilities for remote, autonomous sensing. Integration supports smarter control, monitoring, predictive maintenance, safety, and security management, but the convergence brings new security risks that demand serious attention. Geoff E, of the UK National Cyber Security Centre (NCSC), highlights the need to consider such systems as a whole rather than the sum of individual components. A holistic perspective is therefore necessary to achieve more all-embracing security.

(more…)

Data Protection Day

By josellanos, on 28 January 2020

By Dr Jose Tomas Llanos, Research Fellow in PACE (Privacy Aware Cloud Ecosystems) at UCL STEaPP

Data Protection Day (or Data Privacy Day outside Europe) is an international holiday held every year on 28 January. The declared purpose of this holiday is “to give everyone a chance to understand what personal data is collected and processed and why, and what our rights are with respect to this processing.”[1] The date was not randomly chosen: it is the anniversary of the opening for signature, in 1981, of Council of Europe’s Convention 108 for the Protection of individuals with regard to automatic processing of personal data.[2]

Convention 108 introduced the concept of ‘protection of personal data’, as well as important data protection principles that were later enshrined in the Data Protection Directive[3] and included (in a somewhat more elaborate fashion) in the General Data Protection Regulation (GDPR)[4]: personal data must be obtained and processed fairly and lawfully (lawfulness and fairness); stored for specified and legitimate purposes and not used in a way incompatible with those purposes (purpose limitation); adequate, relevant and not excessive in relation to the purposes for which they are stored (i.e. data minimisation); accurate and, where necessary, kept up to date (accuracy); and preserved in a form which permits identification of the data subjects for no longer than is required for the purpose for which those data are stored (storage limitation).[5]

(more…)

People with Hearing Loss and Connected Home Technologies

By k.pothong, on 15 November 2019

PETRAS National Centre of Excellence for IoT Systems Cybersecurity took a first step to understand the needs and expectations of people with special requirements, starting with those with hearing loss, in their engagement with Internet of Things (connected devices) in their domestic environment. We organised a workshop on the 29th October 2019 which received interest and representation from a broad range of stakeholders, including technology developers, researchers, representatives of various UK groups for people with hearing loss (both the profoundly deaf and hard-of-hearing and cochlear implant users), as well as some individual end-users with hearing loss.

Kruakae Pothong led the workshop design, building on deliberation and value sensitive design, with the support of Claire Milne, a PETRAS Associate and LSE Visiting Senior Fellow, and Sarah Turner, a STEaPP Digital Technology and Public Policy MPA graduate. The workshop opened with participants sharing their experiences of technology in domestic life and the adjustments made to support various types of hearing loss. Participants were then asked to collectively define what they find problematic about their experience.

(more…)

Understanding Intimate Partner Abuse as a Cybersecurity Issue

By Siobhan Pipa, on 19 August 2019

By Julia Slupska, Digital Ethics Lab at the University of Oxford

Why isn’t revenge porn a cybersecurity issue? Gendered security threats – such as tech abuse in the context of domestic violence – has often been ignored in the cybersecurity discussion. Julia Slupska – in collaboration with the UCL Gender and IoT Lab – is working on an “intimate threat security review” to address this gap.

Domestic violence and intimate partner abuse (IPA) is a frequent cause of death worldwide. A 2018 UN report found that women are more likely to be killed at home than in any other location.[1] IPA is still highly prevalent in the UK: domestic abuse-related crimes accounted for 32 percent of violent crimes in the year ending March 2017.

(more…)