RESEARCH

Information technology has become embedded in a growing number of services provided by commercial businesses, by non-profit organizations, and by governments.

This trend is still growing.

For example :

  • instead of selling MRI scanners to hospitals, some companies sell the service of MRI scanning
  • the road network and cars are evolving in a network of intelligent agents that provide services to each other
  • vital infrastructure is connected to the internet, and public safety is maintained by a combination of IT-based services.

  • The result is a higher level of service provision than was possible before the use of IT.
    At the same time, risks increase too, sometimes even faster than the increase in service provision.

  • IT-based medical services increase the risk for patient safety and privacy
  • on-line business is subject to on-line attacks
  • vital infrastructures may be hacked
  • IT-based surveillance entails privacy risks

  • The goal of the SCS group is to develop methods and techniques for developing IT-based services that balance service levels with safety- and security levels, and to develop methods and techniques that make existing IT-based services more secure.

    As suggested by the following diagram, we are particularly interested in the balance and trade-off between service, safety, and security.

    • Services
    • Core question is how we can develop complex networks of IT services in which we balance the goals and needs of stakeholders with cost-effectiveness, safety and security risks. We use techniques from service-oriented architectures and model-driven development. Major application domains are currently health care and wellness.

    • Cybersecurity
    • Core question is how a defender can win the continuing battle against attacker by increasing attacker effort, increasing the chance of discovery, and decreasing the gain for an attacker. We use techniques from cryptography, machine learning, system security and risk management. Major application domains are currently industrial control systems, intelligent transport systems, and health care.

    • Safety
    • Core question is how public safety can be improved by IT-based services to recognize people (i.e. biometrics), behavior, and situations. We use techniques from pattern recognition, machine learning, and computer vision, where we aim to optimize the trade-off between safety, privacy, and usability. Our main application domain is public safety.