Cloud computing promises to revolutionise how companies, research institutions and government organisations, including the National Health Service (NHS), offer applications and services to users in the digital economy. By consolidating many services as part of a shared ICT infrastructure operated by cloud providers, cloud computing can reduce management costs, shorten the deployment cycle of new services and improve energy efficiency. For example, the UK government's G-Cloud initiative aims to create a cloud ecosystem that will enable government organisations to deploy new applications rapidly, and to share and reuse existing services. Citizens will benefit from increased access to services, while public-sector ICT costs will be reduced. Security considerations, however, are a major issue holding back the widespread adoption of cloud computing: many organisations are concerned about the confidentiality and integrity of their users' data when hosted in third-party public clouds. Today's cloud providers struggle to give strong security guarantees that user data belonging to cloud tenants will be protected "end-to-end", i.e. across the entire workflow of a complex cloud-hosted distributed application. This is a challenging problem because data protection policies associated with applications usually require the strict isolation of certain data while permitting the sharing of other data. As an example, consider a local council with two applications on the G-Cloud: one for calculating unemployment benefits and one for receiving parking ticket fines, with both applications relying on a shared electoral roll database. How can the local council guarantee that data related to unemployment benefits will never be exposed to the parking fine application, even though both applications share a database and the cloud platform? The focus of the CloudSafetNet project is to rethink fundamentally how platform-as-a-service (PaaS) clouds should handle security requirements of applications. The overall goal is to provide the CloudSafetyNet middleware, a novel PaaS platform that acts as a "safety net", protecting against security violations caused by implementation flaws in applications ("intra-tenant security") or vulnerabilities in the cloud platform itself ("inter-tenant security"). CloudSafetyNet follows a "data-centric" security model: the integrity and confidentiality of application data is protected according to data flow policies -- agreements between cloud tenants and the provider specifying the permitted and prohibited exchanges of data between application components. It will enforce data flow policies through multiple levels of security mechanisms following a "defence-in-depth" strategy: based on policies, it creates "data compartments" that contain one or more components and isolate user data. A small privileged kernel, which is part of the middleware and constitutes a trusted computing base (TCB), tracks the flow of data between compartments and prevents flows that would violate policies. Previously such information flow control (IFC) models have been used successfully to enhance programming language, operating system and web application security. To make such a secure PaaS platform a reality, we plan to overcome a set of research challenges. We will explore how cloud application developers can express data-centric security policies that can be translated automatically into a set of data flow constraints in a distributed system. An open problem is how these constraints can be tied in with trusted enforcement mechanisms that exist in today's PaaS clouds. Addressing this will involve research into new lightweight isolation and sand-boxing techniques that allow the controlled execution of software components. In addition, we will advance software engineering methodology for secure cloud applications by developing new software architectures and design patterns that are compatible with compartmentalised data flow enforcement.

Rapidly developing digital technologies, together with social and business trends, are providing huge opportunities for innovation in product and service markets, and also in government processes. Technology developments drive socioeconomic and behavioural changes and vice versa, and the rate of change in these makes tracking and responding to high-speed developments a significant challenge in public and private sectors alike. Agile governance and policy-making for emerging technologies is likely to become a key theme in strategic thinking for the public and private sectors. Particular trends that are challenging now, and will increasingly challenge society include developments in technologies on the outskirts of the internet. These include Artificial Intelligence, not just in the cloud but in Edge computing, and in Internet of Things devices and networks. Alongside and in conjunction with this ecosystem, is Distributed Ledger Technology. Together this ensemble of technologies will enable innovations that promote productivity, like peer-to-peer dynamic contracts and other decision processes, with or without human sight or intervention. However, the ensemble's autonomy, proliferation and use in critical applications, makes the potential for hacking and similar attacks very significant, with the likelihood of them growing to become an issue of strategic national importance. To address this challenge, and to preserve the immense economic and productivity benefits that will come from the successful deployment and application of digital technologies 'at the edge', a focused initiative is needed. Ideally, this will use the UK's current platform of experience in the safe and secure application of the Internet of Things. The contributors to this platform include PETRAS partners, and several other centres of excellence around the UK. It is therefore proposed to build an inclusive PETRAS 2 Research Centre with national strategic value, on the established and successful platform of the PETRAS Hub. This will inherit its governance and management models, which have demonstrated the ability to coordinate and convene collaboration across 11 universities and 110 industrial and government User Partners, but will importantly step up its mission and inclusivity through open research calls for new and existing academic partners. PETRAS 2 will maintain an agile and shared research agenda that views social and physical science challenges with equal measure, and covers a broad range of Technology Readiness Levels, particularly those close to market. It will operate as a virtual centre, providing a magnet for collaboration for user partners and a single expert voice for government. User partner engagement is likely to be strong following the successes of the current PETRAS programme, which has raised over £1m in cash contributions from partners during 2018. The new PETRAS 2 'Secure Digital Technologies at the Edge' methodology will inherit the best of PETRAS, including open calls to the UK research community and a partnership-building fund that allows a responsive approach to opportunities that emerge from existing and new user and academic partnerships. PETRAS 2 will be driven by sectoral cybersecurity priorities while retaining a discovery research agenda to horizon-scan and develop understanding of new threats and opportunities. The scope of projects and the associated Innovate UK SDTaP demonstrators, spans early to late TRLs and aims to put knowledge into real user partner practice. Furthermore, the development of many early career researchers through PETRAS 2 research activities should lead to a step change in our national capability and capacity to address this highly dynamic area of socio-technical opportunity and risk.

The Internet of Things has great potential to revolutionise the way in which we deploy networked devices, and to provide networking capability to every-day objects, making them 'smart objects'. Security should be at the core of these newly developed smart objects, but innovation is outstripping the development of security in this context. There is much emphasis on the positive side of this technology without considering the negative implications. It is not too challenging to think of many ways how the Internet of Things can be abused letting outsiders in through a digital ruse. This would include intruders gaining access to a lighting system, to remotely switch off the lights in a property, to assist in home burglary. Its also not too far of stretch to imagine an intruder turning on a cooker remotely, with the potential to cause a form of "digital arson" which we have never before experienced. Yes, it is amazing to be able to text your cooker so that dinner is ready when you get home. However, do we really want these features if it leaves us vulnerable to digital attack on our properties? Vast improvements need to be made in the state of the art of cyber defences in order to prepare and protect ourselves for the imminent innovations in digital technology. Novel and effective solutions in computer based security are imperative to research as current techniques may not prove effective in this new context. In order to create the next generation of cyber defence tools we must look to new sources of inspiration. One of these can be in the form of studying how this problem is solved in natural systems, in particular the defence and response mechanisms of the human immune system. Artificial immune systems (AIS) are one potential solution which may have significant impact on future cyber defence. They are designed to solve computational problems through studying natural mechanisms in immunology. Current research in AIS for computer security focuses purely on detection of anomalies, leaving the user to respond to the detected threat. Few of these systems actually produce any form of response as a result of detecting a potential intrusion. This is problematic in the Internet of Things as the responsibility would lie with the homeowner who is not a cyber security expert, leaving homes potentially vulnerable to digital intrusions. The novelty of this proposed research is to create a prototype responsive artificial immune system - RAIS, which can both detect intruders and produce appropriate responses in order to mitigate the problem of automatically responding intrusion detection systems. Persistent engagement with a cyber defence stakeholder will ensure that the prototype system is useful in cyber defence applications. Our approach to this is to perform a deep interdisciplinary study of the translation of detection to response within the human immune system by modelling immune responses. A mechanism in immunology termed the 'immunological synapse' will be studied form the basis of a model used to create a novel blueprint for the responsive artificial immune system. This will occur through constructing agent-based models of the natural system from which these necessary properties can be abstracted by looking at how two cell types, Dendritic Cells and T-helper cells interact to produce immune responses to pathogens. We will model this interaction using knowledge already amassed by the host group, and aim to extend the research through performing further experiments to refine these models. The discipline hop is to be hosted within an immunology lab, whose research aims to understand immune mechanisms of response in order to create immunotherapies for treating cancers, by turning the immune system against detected tumour cells. Understanding of natural immune responses is key for both the future developments of artificial immune systems and also in how to use the immune system therapeutically in the fight against cancer.

Horizon is a multidisciplinary centre for Digital Economy (DE) research and impact. We balance the development of new technologies to capture and analyse human data, with explorations of how these can be used to deliver powerful experiences to people, with an awareness and understanding of the human and social values that must underpin these. We follow a user-centred approach, undertaking research in the wild based on principles of open innovation. In its first phase, Horizon has established a core team of over 50 researchers and has reached out to build a wider network of 35 academic and 200 industry, public and third-sector partners. We have established a Centre for Doctoral Training and inaugurated the DE All Hands series of conferences and national DE CDT Summer School. World-class scientific outputs in diverse disciplines have been balanced with economic, cultural and societal impact. This proposal builds on this critical mass to enable a step-change in Horizon's translational research and impact. We respond to the changing nature of the digital economy as it matures, as the social, physical and digital become blended and as human data becomes an increasingly valuable asset. We offer a vision in which human data enables the creation and delivery of highly personal experiences. We propose to address three major challenges. The first is to establish new technologies that collect and interpret our human data in a more transparent way. The second is to be able to better understand and design new kinds of experiences that employ these technologies to promote the values of personal fulfilment, wellbeing and sustainability. The third is to address key ethical challenges around design for privacy and new models of ownership. We will work closely with a range of external partners whose interests span: computing and analytics; social policy; and diverse sectors of the DE including creative industries, retail, fast moving consumer goods, finance, energy, transportation and healthcare. We will engage these through a programme of agile translational research projects. These will be integrated into an overarching strategic impact campaign that revolves around three flagships. In turn, these will be supported by two further programmes; one targeted at sustaining the wider DE community and the second at developing the capacity of our researchers to deliver translational research and impact.

Cyber-physical risks pose new challenges to the UK security and defence community. Nation state actors are increasingly equipping themselves with tools capable of causing damage to cyber-physical systems. During times of elevated threat, e.g. the Ukraine war, it has become common for such tools to be used in the theatre of conflict, but the risk that they will be used outside the affected region also increases, as does the risk that they will fall into the hands of non-state actors and used more widely than against conventional cyber-physical systems. At the same time, society as a whole is developing a growing reliance on social-media, apps, connected IoT devices and both AI and Mixed Reality. By itself, this also has major security implications leading to high volumes of new crimes that need addressing but, when used in combination with cyber-physical attacks, a qualitatively different form of attack is experienced, known as a hybrid threat because of its similarity to the hybrid cyber/kinetic warfare that has emerged as a feature of recent conflicts. Our team will create a cohort of leaders equipped with specialist skills specifically adapted to tomorrow's cyber-physical risks. They will learn how to (1) manage risks that develop jointly across the cyber and physical domains, (2) reduce risks in one domain by intervening in the other domain, (3) understand how criminal groups protect their interest by operating across domains, and (4) pre-empt the propagation of unintended consequences from one domain to the next. These future leaders will also undertake an intense programme of activities designed to nurture key complementary skills. The eXchange, Lead!, Get it Done, and Next Step schemes will be shaped with our industry partners to address important gaps highlighted in a recent government report: "40% of businesses reported that cybersecurity job applicants are deficient in their complementary skills". Beyond fostering technical expertise, the CDT will help students and partners develop an acute awareness of the wider issues and dilemmas posed by all such work in democratic societies. To deliver an exceptional learning experience, we bring a powerful group of industry partners and academic experts from the engineering, natural and social sciences within a single-site research training centre in London. Academically excellent and pro-active within and between cohorts, the 50+ CDT students will specialise in a range of scientific techniques from at least two of the following four 'cyber-physical risk' themes. These were selected in consultation with students and partners based on their relevance, attractiveness and employment opportunities: 1. Futures: forecast how future socio-technical trends will shape the geopolitical implications of cyber-physical risk, understand how to co-design effective control and mitigation measures for different legal, technical, and policy contexts in order to support societal resilience. 2. Cyber-physical systems: support regulation of IoT devices, detect 'below the radar' attacks against cyber-physical control systems; contribute to the resilience of critical infrastructures. 3. Online Communication: prevent the misuse of social media for disinformation campaigns, detect incitement to hate crime in games, analyse crime related communication on the dark web, etc. 4. Simulation and Interaction: develop and apply simulation technologies (e.g., digital twins, VR, XR) for the study of human behaviour in a range of cyber-physical risk scenarios. EPSRC areas directly relevant to the following themes: Artificial intelligence technologies, Building a secure and resilient world, Digital security by design, Digital signal processing, Human communication in information and communication technologies, Human-computer interaction, ICT networks and distributed systems, Image and vision computing, Natural language processing, Operational research, Pervasive and ubiquitous computing.