Research programme
Cyber-Security-by-Integrated-Design (C-SIDe) project
Cyber-attacks, privacy-related problems or failures in functioning: many technologies that are used every day have security issues that are solved when the software is already in use. An interdisciplinary project, in which Olga Gadyatskaya, Harry Wijshoff, Alex Uta and Kristian Rietveld from the Leiden Institute of Advanced Computer Science (LIACS) participate, are investigating how to solve security problems during the software development. This project was awarded 1.45 million euros from the NWA cyber security programme.
- Duration
- 2021 - 2025
- Contact
- Els de Busser
- Funding
- NWO cyber security programma
- Partners
Institute of Security and Global Affairs (ISGA), Leiden Institute of Advanced Computer science, Haagse Hogeschool, Nationaal Cyber Security Centrum (NCSC) van het ministery of Justice and Security, SURFsara (www.surf.nl) en het Nationaal e-Health Living Lab (NeLL, LUMC, nell.eu).
The Cyber-Security-by-Integrated-Design (C-SIDe) project approaches the cybersecurity problem from another angle than that is usual. ‘We take into account that security is not only a technical concept, but it emerges from an interplay of many technical and non-technical factors,’ Olga Gadyatskaya explains. ‘Many companies developing software products already look for security-by-design approaches accommodating security into their software design process. But the current secure software development approaches focus mainly on technology-related steps and engage only participants involved in these technical steps. In our project, we involve a broader selection of stakeholders, and investigate, for example, how well the users understand what they need to do to keep the system secure, or whether managers have realistic expectations about how quickly a secure system can be developed.’
The aim of the C-SIDe project is to create an integrated approach to Security-by-design, and a methodology for developing secure systems that will involve a multitude of stakeholders, including experts in psychology, privacy, and governance and risk management. Gadyatskaya: ‘This methodology will allow organizations to have a better view on security of their products and to create exciting and secure technologies. To facilitate adoption of security-by-design, the project team will also work on identifying opportunities to improve the public policy aiming to support companies working on secure-by-design products.’