Within the next few years the number of devices connected to each other and the Internet will outnumber humans by almost 5:1. These connected devices will underpin everything from healthcare to transport to energy and manufacturing. At the same time, this growth is not just in the number or variety of devices, but also in the ways they communicate and share information with each other, building hyper-connected cyber-physical infrastructures that span most aspects of people's lives. For the UK to maximise the socio-economic benefits from this revolutionary change we need to address the myriad trust, identity, privacy and security issues raised by such large, interconnected infrastructures. Solutions to many of these issues have previously only been developed and tested on systems orders of magnitude less complex in the hope they would 'scale up'. However, the rapid development and implementation of hyper-connected infrastructures means that we need to address these challenges at scale since the issues and the complexity only become apparent when all the different elements are in place. There is already a shortage of highly skilled people to tackle these challenges in today's systems with latest estimates noting a shortfall of 1.8M by 2022. With an estimated 80Bn malicious scans and 780K records lost daily due to security and privacy breaches, there is an urgent need for future leaders capable of developing innovative solutions that will keep society one step ahead of malicious actors intent on compromising security, privacy and identity and hence eroding trust in infrastructures. The Centre for Doctoral Training (CDT) 'Trust, Identity, Privacy and Security - at scale' (TIPS-at-Scale) will tackle this by training a new generation of interdisciplinary research leaders. We will do this by educating PhD students in both the technical skills needed to study and analyse TIPS-at-scale, while simultaneously studying how to understand the challenges as fundamentally human too. The training involves close involvement with industry and practitioners who have played a key role in co-creating the programme and, uniquely, responsible innovation. The implementation of the training is novel due to its 'at scale' focus on TIPS that contextualises students' learning using relevant real-world, global problems revealed through project work, external speakers, industry/international internships/placements and masterclasses. The CDT will enrol ten students per year for a 4-year programme. The first year will involve a series of taught modules on the technical and human aspects of TIPS-at-scale. There will also be an introductory Induction Residential Week, and regular masterclasses by leading academics and industry figures, including delivery at industrial facilities. The students will also undertake placements in industry and research groups to gain hands-on understanding of TIPS-at-scale research problems. They will then continue working with stakeholders in industry, academia and government to develop a research proposal for their final three years, as well as undertake internships each year in industry and international research centres. Their interdisciplinary knowledge will continue to expand through masterclasses and they will develop a deep appreciation of real-world TIPS-at-scale issues through experimentation on state-of-the-art testbed facilities and labs at the universities of Bristol and Bath, industry and a city-wide testbed: Bristol-is-Open. Students will also work with innovation centres in Bath and Bristol to develop novel, interdisciplinary solutions to challenging TIPS-at-scale problems as part of Responsible Innovation Challenges. These and other mechanisms will ensure that TIPS-at-Scale graduates will lead the way in tackling the trust, identity, privacy and security challenges in future large, massively connected infrastructures and will do so in a way that considers wider sosocial responsibility.

The security of many cryptographic protocols in use today relies on the computational hardness of mathematical problems such as integer factorization. These problems can be solved using quantum computers, and therefore most of our security infrastructures will become completely insecure once quantum computers are built. Post-quantum cryptography aims at developing security protocols that will remain secure even after quantum computers are built. The biggest security agencies in the world including GCHQ and the NSA (the American National Security Agency) have recommended a move towards post-quantum protocols, and the new generation of cryptographic standards will aim at post-quantum security. Driven by the need to upgrade our cybersecurity infrastructures, many cryptographic algorithms have recently been developed which are claimed to offer post-quantum security. These proposals are based on a few distinct mathematical problems which are hoped to remain difficult for quantum computers, including lattice problems, multivariate polynomial system solving, coding theory problems, isogeny problems, and the security of cryptographic hash functions. Unfortunately, many of these problems, and more importantly the cryptographic algorithms that are built on top of them, have not been subject to a thorough security analysis yet, therefore leaving us with a risk to oversee major weaknesses in algorithms to be deployed in security applications. In this fellowship, we will develop breakthrough cryptanalysis techniques to analyse the security of post-quantum cryptography candidate algorithms, and determine which algorithms may or may not be further considered for digital security applications. Using the insight gained through cryptanalysis, we will then develop new post-quantum cryptographic algorithms offering better security, efficiency and functionality properties in applications.

The EPSRC Quantum Computing and Simulation Hub will enable the UK to be internationally leading in Quantum Computing and Simulation. It will drive progress toward practical quantum computers and usher in the era where they will have revolutionary impact on real-world challenges in a range of multidisciplinary themes including discovery of novel drugs and new materials, through to quantum-enhanced machine learning, information security and even carbon reduction through optimised resource usage. The Hub will bring together leading quantum research teams across 17 universities, into a collaboration with more than 25 national and international commercial, governmental and academic entities. It will address critical research challenges, and work with partners to accelerate the development of quantum computing in the UK. It will foster a generation of UK-based scientists and engineers equipped with the new skill sets needed to make the UK into a global centre for innovation as the quantum sector emerges. The Hub will engage with government and citizens so that there is a wide appreciation of the potential of this transformative technology, and a broad understanding of the issues in its adoption. Hub research will focus on the hardware and software that will be needed for future quantum computers and simulators. In hardware we will advance a range of different platforms, encompassing simulation, near term quantum computers, and longer term fully scalable machines. In software the Hub will develop fundamental techniques, algorithms, new applications and means to verify the correct operation of any future machine. Hardware and software research will be closely integrated in order to provide a full-stack capability for future machines, enabled by the broad expertise of our partners. We will also study the architecture of these machines, and develop emulation techniques to accelerate their development. Success will require close engagement with a wide range of commercial and government organisations. Our initial partners include finance (OSI), suppliers (Gooch & Housego, Oxford Instruments, E6), integrators and developers (OQC, QM, CQC, QxBranch, D-Wave), users from industry (Rolls-Royce, Johnson Matthey, GSK, BT, BP, TrakM8, Airbus, QinetiQ) and government (DSTL, NCSC), and other research institutions (NPL, ATI, Heilbronn, Fraunhofer). We will build on this strong network using Industry Days, Hackathons and targeted workshops, authoritative reports, and collaborative projects funded through the Hub and partners. Communications and engagement with the community through a range of outreach events across the partnership will inform wider society of the potential for quantum computing, and we will interact with policy makers within government to ensure that the potential benefits to the UK can be realised. The Hub will train researchers and PhD students in a wide range of skills, including entrepreneurship, intellectual property and commercialisation. This will help deliver the skilled workforce that will be required for the emerging quantum economy. We will work with our partners to deliver specific training for industry, targeting technical, commercial and executive audiences, to ensure the results of the Hub and their commercial and scientific opportunities are understood. The Hub will deliver demonstrations, new algorithms and techniques, spinout technologies, and contribute to a skilled workforce. It will also engage with potential users, the forthcoming National Centre for Quantum Computing, the global QC community, policy makers and the wider public to ensure the UK is a leader in this transformative new capability.

Recent reports from the Royal Society, the government Cybersecurity strategy, as well as the National Cyber Security Center highlight the importance of cybersecurity, in ensuring a safe information society. They highlight the challenges faced by the UK in this domain, and in particular the challenges this field poses: from a need for multi-disciplinary expertise and work to address complex challenges, that span from high-level policy to detailed engineering; to the need for an integrated approach between government initiatives, private industry initiatives and wider civil society to tackle both cybercrime and nation state interference into national infrastructures, from power grids to election systems. They conclude that expertise is lacking, particularly when it comes to multi-disciplinary experts with good understanding of effective work both in government and industry. The EPSRC Doctoral Training Center in Cybersecurity addresses this challenge, and aims to train multidisciplinary experts in engineering secure IT systems, tacking and interdicting cybercrime and formulating effective public policy interventions in this domain. The training provided provides expertise in all those areas through a combination of taught modules, and training in conducting original world-class research in those fields. Graduates will be domain experts in more than one of the subfields of cybersecurity, namely Human, Organizational and Regulatory aspects; Attacks, Defences and Cybercrime; Systems security and Cryptography; Program, Software and Platform Security and Infrastructure Security. They will receive training in using techniques from computing, social sciences, crime science and public policy to find appropriate solutions to problems within those domains. Further, they will be trained in responsible research and innovation to ensure both research, but also technology transfer and policy interventions are protective of people's rights, are compatible with democratic institutions, and improve the welfare of the public. Through a program of industrial internships all doctoral students will familiarize themselves with the technologies, polices and also challenges faced by real-world organizations, large and small, trying to tackle cybersecurity challenges. Therefore they will be equipped to assume leadership positions to solve those problems upon graduation.

Wireless access is an essential to the networks that underpin modern life, providing communications for people, vehicles, machines, infrastructure, and the wide variety of devices that will make up the Internet of Things (IoT). They will become increasingly important to support safe transportation and future healthcare. Society is increasingly vulnerable to network cyber attack, for motivations ranging from financial extortion through terrorist disruption to subversion. Cyber attacks can be mounted remotely through networks, making them attractive to malefactors who can operate safely and anonymously from anywhere in the world. Cyber defence and associated research has become critical, mainly directed at developing and rolling out technical encryption and authentication measures in the network protocols and embedding the essential processes in organisations. Nevertheless exploits continue as attackers discover new vulnerabilities that were not considered in the system design or arise through imperfect implementations. Fixing these requires updating both functionality and credentials of the network elements as threats emerge. By contrast cyber-attack via the wireless interface, exploiting vulnerabilities in the physical layer and lower layers of the protocol stack, has received much less attention. As network originated exploits become more difficult it can be expected that more attacks will be mounted through the "air interface". The means to develop and mount such attacks are increasingly available with the proliferation of low cost software-defined radio (SDR) platforms and open-source software, and the ubiquity of potentially hackable wireless terminals. More research on this problem is needed to find solutions to be retrospectively applied to existing systems, influence the next generation of wireless standards, raise awareness of the potential problems, and train engineers to develop and embed defensive capability in radio standards and products. Crucial will be the ability to change the physical layer functionality, right to the antenna, by changing system software. This is not possible with current equipment or indeed envisaged in the 5G. Apart from countering the security threat, such technology will be needed to enable the future adoption of Dynamic Spectrum Access (DSA), in which, rather than frequency bands being administratively licensed to specific users, spectrum will be allocated dynamically according to evolving demand in space and time. The project partners, Toshiba Research, Roke, University of Bristol, and GCHQ, share a vision of Secure Wireless Agile Networks (SWAN) to be developed in this research partnership. The project scope will include technical deliverables; the shaping of policy and standards; and the training and career development of the SWAN teams. The co-created 5-year programme will integrate academic and industrial teams in activities that address the following Research Challenges (RCs). 1. Threat Synthesis & Assessment: how can RF interfaces be attacked, beyond the threats envisaged in their design? 2. RF Cyber Detection & Defence: techniques to detect RF cyber attack and mitigate their effects. 3. Cyber Secure Radio Design: designing radios whose RF characteristics can be updated in the field to deal with new threats, which also enable DSA. 4. Secure Dynamic Spectrum Access: enabling technology for securely sharing spectrum for most efficient usage. The consequences of not addressing the above will potentially make the wireless channel an Open Attack Surface for cyber attack. SWAN's technological solutions will place the UK at the forefront of enabling the fundamental parameters and architectures of wireless systems to be adaptable to new spectrum and interface specifications; resilient to accidental or induced failures (such as jamming); and resistant to cyber-attack.