Formal Security Analysis of Critical Infrastructure

Tom Chothia

Senior Lecturer in Cyber Security, University of Birmingham

By applying formal, mathematical techniques to analyse high integrity systems we can find weaknesses that other analyses miss. I will give an overview of some of our past work in this area, which used the tool ProVerif to analyse the security of embedded devices, including a security analysis of e-passports and EMV bank cards. I will then describe how we are developing these techniques to be applicable to large scale systems, and how we are using these to find attack vectors against proposed next generation rail systems.

About Tom Chothia

Dr Tom Chothia is a Senior Lecturer in Cyber Security at the University of Birmingham. His research involves the development of new formal analysis techniques and applying these to important cyber security problems. His past work includes security analysis of devices, including work on e-­passports and contactless bank cards. He currently has research grants to work on the security of UK rail, industrial control systems, finding backdoors in device firmware and key management for cryptographic devices. Dr Chothia also teaches and designs modules for the University of Birmingham's Cyber Security MSc.

Sponsored by

Official Media Partners

Supported by