For the first time in the modern age we have the opportunity to study at first hand the environmental impact of a flood basalt (>1 km3 fissure eruption). Flood basalt eruptions are one of the most hazardous volcanic scenarios in Iceland and have had enormous societal and economic consequences across the northern hemisphere. A flood basalt eruption was included in the UK National Risk Register in 2012 as one of the highest priority risks. The Holuhraun eruption reached the flood basalt size sometime after 20 October 2014. It is now the largest flood basalt in Iceland since the Laki eruption in 1783-84, which caused the deaths of >20% of the Icelandic population by environmental pollution and famine and likely increased European levels of mortality through air pollution by sulfur-bearing gas and aerosol. The pollution from Holuhraun has been intensifying over the last few weeks, reaching a "Dangerous" level for the first time in Iceland on 26 October (as defined by the World Health Organisation). During 18-22 September, SO2 fluxes reached 45 kt/day, a rate of outgassing rarely observed during sustained eruptions, suggesting that the sulfur loading per kg of erupted magma (we estimate >0.35 wt%) exceeds both that of other recent eruptions in Iceland and perhaps also other historic basaltic eruptions globally, raising questions regarding the origin of these prodigious quantities of sulfur. A lack of data concerning conversion rates of SO2 gas into aerosol, the residence times of aerosol in the plume and the dependence of these on meteorological factors is limiting our confidence in the ability of atmospheric models to forecast gas and aerosol concentrations in the near- and far-field from Icelandic flood basalt eruptions. Preliminary study of the erupted products highlights two extraordinary features: (1) matrix glasses contain up to 1000 ppm sulfur (<100 ppm is expected for degassed melt) and are extremely heterogeneous and (2) abundant sulfide liquid globules in the matrix glass are "caught in the act" of breaking down on quenching, suggesting that sulfur is not only supplied by the melt, but also by the breakdown of sulfide liquid during degassing. These observations highlight a previously overlooked but potentially very large reservoir of sulfur that leaves little petrological record. These results might go some way towards understanding the extremely high sulfur yield of this eruption and have implications for assessing the environmental impact. This project combines the expertise of a large group of researchers to understand better the sulfur and chalcophile metal budget of the Holuhraun eruption. We will follow the formation of sulfide liquids, through to their breakdown on degassing, to the outgassing of SO2 gas and conversion to aerosol. The entire pathway is not well understood, particularly given complexities related to the rapid magma ascent rates postulated for the Holuhraun magmas and the lack of ash in the plume, both of which we hypothesise impose kinetic constraints on sulfur processing in different parts of the system. We will carry out detailed petrological, geochemical measurements of lavas and plume chemistry to understand the sulfur budget and to feed into models of plume chemistry and dispersion, which are essential for hazard monitoring.

This study asks how leading countries are organising and using national and regional diagnostic testing systems for Covid19 ('testing systems') in order to reduce Covid-19 mortality per capita in their populations, to avoid or shorten 'lock-downs', and reduce economic impacts from the pandemic. We will explain how testing systems have been shaped during the pandemic, and how challenges related to testing are overcome. The research will span North America, Europe, Africa, Asia and Australia as well as the UK. The project builds on an established Covid-19 UK research and knowledge exchange hub at the University of Sussex that has been facilitating rapid dialogue and dissemination of research on Covid-19 diagnostic testing between the international research team and policy makers in the UK and beyond. The hub has a track-record of reporting results that have been widely welcomed and valued by the UK civil service and reported widely to public audiences in the media. As the pandemic continues, understanding the use of testing systems remains vital to optimise the Covid-19 response and save lives. With innovation and learning continuing (e.g. around the UK government's ambitious mass-testing programme), we propose to undertake further comparative research to share lessons across contexts. In order to support Covid-19 responses internationally, we will engage with governments and share deliverables from the early months of this 15-month project. Additionally, to inform preparations for future outbreaks and pandemics, we will contribute to national and international fora seeking to learn lessons from the current crisis.

What will the UK's critical infrastructure look like in 2030? In 2050? How resilient will it be? Decisions taken now by policy makers, NGOs, industrialists, and user communities will influence the answers to these questions. How can this decision making be best informed by considerations of infrastructural resilience? This project will consider future developments in the UK's energy and transport infrastructure and the resilience of these systems to natural and malicious threats and hazards, delivering a) fresh perspectives on how the inter-relations amongst our critical infrastructure sectors impact on current and future UK resilience, b) a state-of-the-art integrated social science/engineering methodology that can be generalised to address different sectors and scenarios, and c) an interactive demonstrator simulation that operationalises the otherwise nebulous concept of resilience for a wide range of decision makers and stakeholders.Current reports from the Institute for Public Policy Research, the Institution of Civil Engineers, the Council for Science and Technology, and the Cabinet Office are united in their assessment that achieving and sustaining resilience is the key challenge facing the UK's critical infrastructure. They are also unanimous in their assessment of the main issues. First, there is agreement on the main threats to national infrastructure: i) climate change; ii) terrorist attacks; iii) systemic failure. Second, the complex, disparate and interconnected nature of the UK's infrastructure systems is highlighted as a key concern by all. Our critical infrastructure is highly fragmented both in terms of its governance and in terms of the number of agencies charged with achieving and maintaining resilience, which range from national government to local services and even community groups such as local resilience forums. Moreover, the cross-sector interactions amongst different technological systems within the national critical infrastructure are not well understood, with key inter-dependencies potentially overlooked. Initiatives such as the Cabinet Office's new Natural Hazards Team are working to address this. The establishment of such bodies with responsibility for oversight and improving joined up resilience is a key recommendation in all four reports. However, such bodies currently lack two critical resources: (1) a full understanding of the resilience implications of our current and future infrastructural organisation; and (2) vehicles for effectively conveying this understanding to the full range of relevant stakeholders for whom the term resilience is currently difficult to understand in anything other than an abstract sense. The Resilient Futures project will engage directly with this context by working with relevant stakeholders from many sectors and governance levels to achieve a step change in both (1) and (2). To achieve this, we will focus on future rather than present UK infrastructure. This is for a two reasons. First, we intend to engender a paradigm shift in resilience thinking - from a fragmented short-termism that encourages agencies to focus on protecting their own current assets from presently perceived threats to a longer-term inter-dependent perspective recognising that the nature of both disruptive events and the systems that are disrupted is constantly evolving and that our efforts towards achieving resilience now must not compromise our future resilience. Second, focussing on a 2030/2050 time-frame lifts discussion out of the politically charged here and now to a context in which there is more room for discussion, learning and organisational change. A focus on *current resilience* must overcome a natural tendency for the agencies involved to defend their current processes and practices, explain their past record of disruption management, etc., before the conversation can move to engaging with potential for improvement, learning and change.

Cloud computing promises to revolutionise how companies, research institutions and government organisations, including the National Health Service (NHS), offer applications and services to users in the digital economy. By consolidating many services as part of a shared ICT infrastructure operated by cloud providers, cloud computing can reduce management costs, shorten the deployment cycle of new services and improve energy efficiency. For example, the UK government's G-Cloud initiative aims to create a cloud ecosystem that will enable government organisations to deploy new applications rapidly, and to share and reuse existing services. Citizens will benefit from increased access to services, while public-sector ICT costs will be reduced. Security considerations, however, are a major issue holding back the widespread adoption of cloud computing: many organisations are concerned about the confidentiality and integrity of their users' data when hosted in third-party public clouds. Today's cloud providers struggle to give strong security guarantees that user data belonging to cloud tenants will be protected "end-to-end", i.e. across the entire workflow of a complex cloud-hosted distributed application. This is a challenging problem because data protection policies associated with applications usually require the strict isolation of certain data while permitting the sharing of other data. As an example, consider a local council with two applications on the G-Cloud: one for calculating unemployment benefits and one for receiving parking ticket fines, with both applications relying on a shared electoral roll database. How can the local council guarantee that data related to unemployment benefits will never be exposed to the parking fine application, even though both applications share a database and the cloud platform? The focus of the CloudSafetNet project is to rethink fundamentally how platform-as-a-service (PaaS) clouds should handle security requirements of applications. The overall goal is to provide the CloudSafetyNet middleware, a novel PaaS platform that acts as a "safety net", protecting against security violations caused by implementation flaws in applications ("intra-tenant security") or vulnerabilities in the cloud platform itself ("inter-tenant security"). CloudSafetyNet follows a "data-centric" security model: the integrity and confidentiality of application data is protected according to data flow policies -- agreements between cloud tenants and the provider specifying the permitted and prohibited exchanges of data between application components. It will enforce data flow policies through multiple levels of security mechanisms following a "defence-in-depth" strategy: based on policies, it creates "data compartments" that contain one or more components and isolate user data. A small privileged kernel, which is part of the middleware and constitutes a trusted computing base (TCB), tracks the flow of data between compartments and prevents flows that would violate policies. Previously such information flow control (IFC) models have been used successfully to enhance programming language, operating system and web application security. To make such a secure PaaS platform a reality, we plan to overcome a set of research challenges. We will explore how cloud application developers can express data-centric security policies that can be translated automatically into a set of data flow constraints in a distributed system. An open problem is how these constraints can be tied in with trusted enforcement mechanisms that exist in today's PaaS clouds. Addressing this will involve research into new lightweight isolation and sand-boxing techniques that allow the controlled execution of software components. In addition, we will advance software engineering methodology for secure cloud applications by developing new software architectures and design patterns that are compatible with compartmentalised data flow enforcement.

Emergency services (Ambulance Service; Fire & Rescue Service) play a crucial role during flood response, as they participate in joint command-control structures and are central to rescue and relief efforts (Frost 2002). Emergency services are often legislated to meet defined response times. UK legislation requires that emergency responders comply with strict timeframes when reacting to incidents. Category 1 responders such as the Ambulance Service and the Fire & Rescue Service are required to reach 75% of 'Red 1' (high-priority, life-threatening incidents) in less than 8 and 10 minutes respectively from the time when the initial call was received. This includes blue-light incidents such as life-threatening and traumatic injury, cardiac arrest, road collisions, and individuals trapped by floodwaters. In 2015-16, only one England ambulance trust met the response time targets and 72.5% of the most serious (Red 1) calls were responded to within 8 minutes, against a legislative target of 75% (National Audit Office, 2017). Between 2007-2014, the highest percentage Scottish Ambulance Service achieved was 74.7% in 2013 (HEAT standard). Rising demand combined with inefficient call handling and dispatch systems are often cited as the reasons for missing the above targets. However, response times can also be affected by flood episodes which may limit the ability of emergency responders to navigate through a disrupted road network (as was the case during the widespread UK flooding in 2007). The impact of flooding on road networks is well known and is expected to get worse in a changing climate with more intense rainfall. For example, in Portland, USA under one climate change scenario, road closures due to flooding could increase time spent travelling by 10% (Chang et al. 2010). The impact of an increased number of flooding episodes, due to climate change, on road networks has also been modelled by for the Boston Metropolitan area, USA (Suarez et al., 2005). This study found that between 2000 and 2100 delays and trip-time losses could increase by 80% and 82% respectively. The Pitt Review (2008) suggested that some collaborative decision making during the 2007 event was hampered by insufficient preparation and a lack of information, and better planning and higher levels of protection for critical infrastructure are needed to avoid the loss of essential services such as water and power. More recently, the National Flood Resilience Review (HMG, 2016) exposes the extent to which a significant proportion of critical assets are still vulnerable to flooding in England and Wales. In particular, it highlights that the loss of infrastructure services can have significant impacts on people's health and wellbeing. This project will combine: (i) an established accessibility mapping approach; (ii) existing national flood datasets; and (iii) a locally tested, recent-expanded real-time flood nowcasting/forecasting system to generate accessibility mapping, vulnerability assessment and adaptation evaluation for various flood conditions and at both the national and city-region scale. The project will be delivered via three sequential Work Packages, including: (a) Mapping emergency service accessibility according to legislative timeframes; (b) Assessing the vulnerability of populations (care homes, hospices and schools); and (c) Evaluating adaptation strategies (e.g. positioning standby vehicles).