If you made any changes in Pure these will be visible here soon.

Personal profile

Scholarly biography

I am Professor of Software Systems Engineering and founding Director of the Centre for Secure, Intelligent and Usable Systems (CSIUS) at the University of Brighton.

I am also Fellow of the Higher Education Academy (HEA) and a Professional Member of the British Computer Society (BCS). I have been visiting researcher at the National Institute of Informatics (NII), Japan, and a visiting fellow at the British Telecom (BT), U.K and the University College London, U.K. I was visiting professor at the University of the Aegean, Greece and I am visiting professor at the University of Ionian, Greece.

I have published more than 150 papers (h-index 30) and I have secured more than £3M to support research and knowledge transfer. My funding portfolio includes grants from the European Union (FP7, Horizon2020), EPSRC, the Royal Academy of Engineering, the Higher Education Funding Council of England (HEFCE), and the Japanese National Institute of Informatics. I have also received funding from the Knowledge Transfer Partnership/Technology Strategy Board and the European Regional Development Fund for knowledge transfer and from industrial cources including British Telecom, ELC, Powerchex, and FORD.

My 'Powerchex KTP' project was finalist for the best 2012 UK National Knowledge Transfer Partnership TSB award.

I have strong experience of acting as evaluator for national and international funding bodies including the EPSRC, HEA, the EU, the Research Council of Norway, the Innovation Fund of Denmark, and the Austrian Research Council, and I have  been invited subject expert for events organised by the EU, NATO and TSB.

Research interests

The need to secure and esnure the privacy of software systems and the relevant infrastructure, has been recognised as a major challenge not just for the further usage of technology but also for the further advancement of human society. As such, a number of fundamental research challenges have been identified for relevant disciplines such as security engineering, privacy engineering, software engineering, and information systems.

My research interests lie in the intersection of privacy, security and software engineering.

My long-term research goal is to effectively analyse, understand and improve security and privacy of software systems for large, open and dynamic environments. In doing so, I have pioneered work in developing ontologies, languages, models, processes, methodologies and automated testing and optimisation techniques that consider security and privacy as integral aspects of the software systems development process.

In particular, my research focuses on the following areas:

  • Security and Privacy Requirements Engineering. My work in this area is concerned with the development and precise definition of modelling languages, methodologies and ontologies to support elicitation, modelling and analysis of security, trust, and privacy requirements. I have developed the Secure Tropos methodology, one of the first methodologies in the literature that implements the idea of security and privacy by design and integrates security, privacy and engineering techniques under one methodological approach.
  • Data Privacy Management and GDPR. I am interested in developing platforms and solutions that facilitate visual analysis of privacy requirements and needs and assist the creation, monitoring and enforcement of Privacy Level Agreements. Moreover, my work is focused in the analysis and development of innovative data privacy governance platforms, which facilitate scoping and processing of data and data breach management and support organisations towards GDPR and regulatory compliance.
  • IoT, 5G, Cyber-Physical, and Cloud Computing Security. My work in this area is focused on developing novel models, methodologies and analysis techniques that guarantee the highest possible levels of protection within IoT, 5G and Cloud computing environments, in the presence of different security and privacy threats.
  • Model-Based Security/Privacy Engineering. My work in that area focuses on the development and analysis of methods, processes, and architectures for secure and privacy-aware systems. At the requirements level, I focus on the development of processes that enable the elicitation and modelling of security and privacy requirements and analyse them in terms of security and privacy properties, relevant threats and vulnerabilities. At the architectural level, I focus on developing software architecture techniques to ensure that socio-technical systems satisfy security, trust and privacy requirements and that developed architectures reduce potential risks.
  • Security Engineering Decision Support. I am investigating novel decision-making methodologies and models that offer the highest possible levels of protection within different domains (e.g. IoT, Cloud) with regards to different security and privacy threats and a set of evolving factors such as security requirements, financial cost, indirect costs (e.g. people’s productivity), intangible and tangible assets. I am also interested in developing underlying formalisms, utilising logics and graph transformations, to enable precise specifications and automated reasoning, within the context of security and dependability, taking into account organisational policies and resource allocation.
  • Security Attack and Threat Discovery. I am interested in developing novel reasoning techniques and algorithms that assist the discovery of potential cyber-attack paths in supply-chain and critical infrastructures, taking into account information from the Common Weakness Enumeration (CWE) and from the Common Vulnerabilities and Exposures (CVE). My work can be applied within a dynamic risk management system to detect the vulnerabilities of the IT infrastructure and to deliver attack paths that satisfy certain criteria.
  • Security and Privacy Patterns. My work investigates the development of security and privacy pattern languages that enable the representation of patterns and guide developers through the process of designing a system to ensure security and privacy. A major novelty of this work is that the solution to the pattern is represented using concepts from the requirements stage, which enable developers to directly apply the patterns of the language to the security and privacy requirements analysis.
  • Automated Analysis Tools. I am interested in developing tools to support security and trust analysis of the socio-technical systems at different levels. At the higher level, they are graphical editors where security, privacy and trust models can be drawn and the grammatical correctness of the models is automatically checked. On the lower level, they enable analysis of security, privacy and trust properties and security threats.

Within these research areas I have supervised to completion seven PhD and one MPhil students and I currently supervise Five PhD students at the University of Brighton. I have  examined 16 PhD students.

I have lead the University of Brighton team on three European Union funded projects, VisiOn, MITIGATE and SESAME and I am the technical coordinator of the DEFeND Project.

I am also interested in applying the theoretical research outputs of my work to different application domains and my work has been applied to the development and analysis of systems in the areas of critical infrastructures, cloud computing, health-care, telecommunications, banking, and e-commerce.

Fingerprint Fingerprint is based on mining the text of the person's scientific documents to create an index of weighted terms, which defines the key subjects of each individual researcher.

  • 4 Similar Profiles
Requirements engineering Engineering & Materials Science
Cloud computing Engineering & Materials Science
Information systems Engineering & Materials Science
Recommender systems Engineering & Materials Science
Industry Engineering & Materials Science
Public administration Engineering & Materials Science
Risk assessment Engineering & Materials Science
Supply chains Engineering & Materials Science

Network Recent external collaboration on country level. Dive into details by clicking on the dots.

Projects 2015 2020

Research Output 2012 2018

A novel risk assessment methodology for SCADA maritime logistics environments

Kalogeraki, E. M., Papastergiou, S., Mouratidis, H. & Polemi, N., 28 Aug 2018, 8, 9, 1477.

Research output: Contribution to journalArticleResearchpeer-review

Open Access
File
risk assessment
logistics
Risk assessment
Supply chains
Logistics

Apparatus: A framework for security analysis in internet of things systems

Mavropoulos, O., Mouratidis, H., Fish, A. & Panaousis, E., 23 Aug 2018

Research output: Contribution to journalArticleResearchpeer-review

Application programs
Refining
Visualization
Hardware
Internet of things

Applying the physics of notation to the evaluation of a security and privacy requirements engineering methodology

Diamantopoulou, V. & Mouratidis, H., 8 Oct 2018, 26, 4, p. 382-400 19 p.

Research output: Contribution to journalArticleResearchpeer-review

Open Access
File
Requirements engineering
Physics
Information systems
Communication
Industry

A Security Analysis Method for Industrial Internet of Things

Mouratidis, H. & Diamantopoulou, V., 3 May 2018

Research output: Contribution to journalArticleResearchpeer-review

Open Access
File
Personal computers
Large scale systems
Internet of things
Sensors
Industry

From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks

Polatidis, N., Pimenidis, E., Pavlidis, M., Papastergiou, S. & Mouratidis, H., 22 May 2018

Research output: Contribution to journalArticleResearchpeer-review

Recommender systems
Risk management
Supply chains
Information systems

Activities 2015 2018

Research Council of Norway, IKTPLUSS Digital Security

Haris Mouratidis (Reviewer)
2018

Activity: External funding peer-review

Eurostars Programme, European Union

Haris Mouratidis (Reviewer)
2018

Activity: External funding peer-review

Intensive Programme on Information and Communications Security - IPICS2018

Haris Mouratidis (Presenter)
2018

Activity: External talk or presentationInvited talk

EU Funded Project AEGIS

Haris Mouratidis (EU expert evaluator)
2018

Activity: External funding peer-review