If you made any changes in Pure these will be visible here soon.

Personal profile

Scholarly biography

I am Professor of Software Systems Engineering and founding Director of the Centre for Secure, Intelligent and Usable Systems (CSIUS) at the University of Brighton.

I am also Fellow of the Higher Education Academy (HEA) and a Professional Member of the British Computer Society (BCS). I have been visiting researcher at the National Institute of Informatics (NII), Japan, and a visiting fellow at the British Telecom (BT), U.K and the University College London, U.K. I was visiting professor at the University of the Aegean, Greece and I am visiting professor at the University of Ionian, Greece.

I have published more than 150 papers (h-index 30) and I have secured more than £3M to support research and knowledge transfer. My funding portfolio includes grants from the European Union (FP7, Horizon2020), EPSRC, the Royal Academy of Engineering, the Higher Education Funding Council of England (HEFCE), and the Japanese National Institute of Informatics. I have also received funding from the Knowledge Transfer Partnership/Technology Strategy Board and the European Regional Development Fund for knowledge transfer and from industrial cources including British Telecom, ELC, Powerchex, and FORD.

My 'Powerchex KTP' project was finalist for the best 2012 UK National Knowledge Transfer Partnership TSB award.

I have strong experience of acting as evaluator for national and international funding bodies including the EPSRC, HEA, the EU, the Research Council of Norway, the Innovation Fund of Denmark, and the Austrian Research Council, and I have  been invited subject expert for events organised by the EU, NATO and TSB.

Research interests

The need to secure and esnure the privacy of software systems and the relevant infrastructure, has been recognised as a major challenge not just for the further usage of technology but also for the further advancement of human society. As such, a number of fundamental research challenges have been identified for relevant disciplines such as security engineering, privacy engineering, software engineering, and information systems.

My research interests lie in the intersection of privacy, security and software engineering.

My long-term research goal is to effectively analyse, understand and improve security and privacy of software systems for large, open and dynamic environments. In doing so, I have pioneered work in developing ontologies, languages, models, processes, methodologies and automated testing and optimisation techniques that consider security and privacy as integral aspects of the software systems development process.

In particular, my research focuses on the following areas:

  • Security and Privacy Requirements Engineering. My work in this area is concerned with the development and precise definition of modelling languages, methodologies and ontologies to support elicitation, modelling and analysis of security, trust, and privacy requirements. I have developed the Secure Tropos methodology, one of the first methodologies in the literature that implements the idea of security and privacy by design and integrates security, privacy and engineering techniques under one methodological approach.
  • Data Privacy Management and GDPR. I am interested in developing platforms and solutions that facilitate visual analysis of privacy requirements and needs and assist the creation, monitoring and enforcement of Privacy Level Agreements. Moreover, my work is focused in the analysis and development of innovative data privacy governance platforms, which facilitate scoping and processing of data and data breach management and support organisations towards GDPR and regulatory compliance.
  • IoT, 5G, Cyber-Physical, and Cloud Computing Security. My work in this area is focused on developing novel models, methodologies and analysis techniques that guarantee the highest possible levels of protection within IoT, 5G and Cloud computing environments, in the presence of different security and privacy threats.
  • Model-Based Security/Privacy Engineering. My work in that area focuses on the development and analysis of methods, processes, and architectures for secure and privacy-aware systems. At the requirements level, I focus on the development of processes that enable the elicitation and modelling of security and privacy requirements and analyse them in terms of security and privacy properties, relevant threats and vulnerabilities. At the architectural level, I focus on developing software architecture techniques to ensure that socio-technical systems satisfy security, trust and privacy requirements and that developed architectures reduce potential risks.
  • Security Engineering Decision Support. I am investigating novel decision-making methodologies and models that offer the highest possible levels of protection within different domains (e.g. IoT, Cloud) with regards to different security and privacy threats and a set of evolving factors such as security requirements, financial cost, indirect costs (e.g. people’s productivity), intangible and tangible assets. I am also interested in developing underlying formalisms, utilising logics and graph transformations, to enable precise specifications and automated reasoning, within the context of security and dependability, taking into account organisational policies and resource allocation.
  • Security Attack and Threat Discovery. I am interested in developing novel reasoning techniques and algorithms that assist the discovery of potential cyber-attack paths in supply-chain and critical infrastructures, taking into account information from the Common Weakness Enumeration (CWE) and from the Common Vulnerabilities and Exposures (CVE). My work can be applied within a dynamic risk management system to detect the vulnerabilities of the IT infrastructure and to deliver attack paths that satisfy certain criteria.
  • Security and Privacy Patterns. My work investigates the development of security and privacy pattern languages that enable the representation of patterns and guide developers through the process of designing a system to ensure security and privacy. A major novelty of this work is that the solution to the pattern is represented using concepts from the requirements stage, which enable developers to directly apply the patterns of the language to the security and privacy requirements analysis.
  • Automated Analysis Tools. I am interested in developing tools to support security and trust analysis of the socio-technical systems at different levels. At the higher level, they are graphical editors where security, privacy and trust models can be drawn and the grammatical correctness of the models is automatically checked. On the lower level, they enable analysis of security, privacy and trust properties and security threats.

Within these research areas I have supervised to completion seven PhD and one MPhil students and I currently supervise Five PhD students at the University of Brighton. I have  examined 16 PhD students.

I have lead the University of Brighton team on three European Union funded projects, VisiOn, MITIGATE and SESAME and I am the technical coordinator of the DEFeND Project.

I am also interested in applying the theoretical research outputs of my work to different application domains and my work has been applied to the development and analysis of systems in the areas of critical infrastructures, cloud computing, health-care, telecommunications, banking, and e-commerce.

Education/Academic qualification

PhD, University of Sheffield


Master, University of Sheffield


Bachelor, University of Wales


External positions

College Member, EPSRC, Engineering and Physical Sciences Research Council (EPSRC)

2017 → …

Member, British Computer Society

2009 → …

Fellow, Higher Education Academy, Higher Education Academy, UK

2007 → …

Fingerprint Dive into the research topics where Haris Mouratidis is active. These topic labels come from the works of this person. Together they form a unique fingerprint.

  • 2 Similar Profiles
Requirements engineering Engineering & Materials Science
Cloud computing Engineering & Materials Science
Information systems Engineering & Materials Science
Industry Engineering & Materials Science
Data privacy Engineering & Materials Science
Recommender systems Engineering & Materials Science
Public administration Engineering & Materials Science
Risk assessment Engineering & Materials Science

Network Recent external collaboration on country level. Dive into details by clicking on the dots.

Projects 2015 2021

Research Output 2012 2019

A conceptual redesign of a modelling language for cyber resiliency of healthcare systems

Athinaiou, M., Mouratidis, H., Fotis, T. & Pavlidis, M., 26 Sep 2019, 3rd International Workshop on Security and Privacy Requirements Engineering SECPRE 2019: In conjunction with ESORICS 2019. Springer, ( Lecture Notes in Computer Science).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Modeling languages

Cyber security incident handling, warning and response system for the european critical information infrastructures (cyberSANE)

Papastergiou, S., Mouratidis, H. & Kalogeraki, E. M., 15 May 2019, Engineering Applications of Neural Networks - 20th International Conference, EANN 2019, Proceedings. Maglogiannis, I., Jayne, C., Macintyre, J. & Iliadis, L. (eds.). Cham: Springer-Verlag, Vol. 1000. p. 476-487 12 p. (Communications in Computer and Information Science).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Open Access

DEFeND Architecture: a Privacy by Design Platform for GDPR Compliance

Piras, L., Al-Obeidallah, M., Praitano, A., Tsohou, A., Mouratidis, H., Gallego-Nicasio Crespo, B., Baptiste Bernard, J., Fiorani, M., Magkos, E., Castillo Sanz, A., Pavlidis, M., D'Addario, R. & Giovanni Zorzino, G., 31 May 2019, (Accepted/In press).

Research output: Contribution to conferencePaper

Open Access
Data privacy
Data acquisition

Enhancing secure business process design with security process patterns

Argyropoulos, N., Mouratidis, H. & Fish, A., 13 Jul 2019, In : Software and Systems Modeling. p. 1-23

Research output: Contribution to journalArticle

Process Design
Business Process
Process design
Business Process Modeling

Modelling the Interplay of Security, Privacy and Trust in Sociotechnical Systems: A Computer-Aided Design Approach

Salnitri, M., Angelopoulos, K., Pavlidis, M., Diamantopoulou, V., Mouratidis, H. & Giorgini, P., 20 Jul 2019, In : Software and Systems Modeling. p. 1-25

Research output: Contribution to journalArticle

Computer aided design
Data privacy
Requirements engineering

Activities 2015 2018

Intensive Programme on Information and Communications Security - IPICS2018

Haris Mouratidis (Presenter)

Activity: External talk or presentationInvited talk

Research Council of Norway, IKTPLUSS Digital Security

Haris Mouratidis (Reviewer)

Activity: External funding peer-review

EU Funded Project AEGIS

Haris Mouratidis (EU expert evaluator)

Activity: External funding peer-review

Eurostars Programme, European Union

Haris Mouratidis (Reviewer)

Activity: External funding peer-review