Tag: School of Computing

Double funding success for Napier cyber security ventures

Backing for TrueDeploy and Trustd from the CyberASAP programme

TWO projects from Edinburgh Napier’s School of Computing have won funding from a programme which develops innovative cyber security ideas for the commercial market.

TrueDeploy and Trustd are being supported by CyberASAP, which is itself funded by the UK Department for Digital, Culture, Media and Sport working with Innovate UK.

CyberASAP creates a pipeline to commercialise innovations from university labs, providing academics with the expertise, knowledge and training needed to convert their research into technologies, products and services.

The University’s TrueDeploy project, which is developing innovative technology to bring trust and transparency to the software supply chain, has already received backing from Scottish Enterprise as part of its High Growth Spin-out Programme. Now it has been awarded £31,973 for the next four months as part of CyberASAP phase one.

The dominance of open-source software and the interconnectedness of software between organisations has raised cybersecurity risks in the software supply chain.

Potentially ruinous attacks can occur when a threat actor infiltrates and compromises software being developed by a software vendor in the long chain that exists from code being written to it being distributed to a customer.

TrueDeploy aims to bring trust to the software supply chain with a novel combination of blockchain, credential management and access control technologies.

Research student Pavlos Papadopoulos, who leads the TrueDeploy technical team, said: “We greatly appreciate Innovate UK’s support and the opportunity to participate in the Cyber security Academic Startup Accelerator Programme 2022-23.

“In the next few months, during this programme, we will investigate more deeply TrueDeploy’s value proposition, validate our chosen market, and develop our novel solution further in combination with the Scottish Enterprise High Growth Spin-out Programme’s continuous support.”

Web3 is an idea for a new iteration of the World Wide Web based on blockchain technology, which incorporates concepts including token-based economics and decentralised applications (DApps).

While an effective way for users to control their own data and digital assets, Web3 has not been widely adopted yet due to the complexity of managing users’ wallets which allows them to access these DApps.

The “Trustd: Decentralised, trustworthy, and reliable digital assets custody solution” project is working to address the inherent challenges in establishing security protection for users’ wallets, and has been awarded £29,365 as part of CyberASAP phase one.

School of Computing lecturer Dr Zakwan Jaroucheh said: “Participation in CyberASAP is a great opportunity.  It will allow us to validate our value proposition and the market need for a decentralised digital assets custodial solution to advance Web3 mass adoption.”

Enterprise backing for project to protect software supply chain

New cyber security venture from School with record of successful spin-outs

A NEW Edinburgh Napier project aims to bring trust and transparency to the software supply chain, as the School of Computing continues its drive to translate innovative research into real world impact.

The TrueDeploy venture has received £73,418 funding from Scottish Enterprise, as part of its High Growth Spin-out Programme (HGSP), to help develop the project’s innovative technology.

In setting its sights on the multi-billion pound industry to secure software development supply chains, TrueDeploy is following in the footsteps of Edinburgh Napier cyber security spin-outs ZoneFox, Symphonic Software, Cyan Forensics and MemCrypt which have already successfully made the leap from research lab to market.

The software supply chain relates to the development and supply of software for use across all organisations and systems. This supply chain needs to be managed by organisations that use software due to regulatory requirements and the obligations to ensure their systems are not compromised.

Recent high-profile cyber-attacks, including SolarWinds, Kaseya, and NotPetya, have cost companies and nation-states billions of dollars. Each of these attacks had the same underlying issue, in that they were possible because a threat actor managed to infiltrate and compromise software that was being developed by a software vendor in the long chain that exists from code being written to it being distributed to a customer.

Potential future spin-out TrueDeploy, which aims to resolve these issues by bringing transparency to the software supply chain, has been developed by a technical team led by research student Pavlos Papadopoulos.

He is working alongside the School of Computing’s Dr Nick Pitropakis and seasoned cyber security innovator Professor Bill Buchanan. The technical team will be supported on the project by a core business team of Nanik Ramchandani (Imagine Ventures) and Matthew Burdge (Business Development & Relationship Manager, School of Computing).

With Scottish Enterprise’s support, the team is aiming to develop their innovative technology over the next nine months.

Pavlos Papadopoulos, whose research work is focused on privacy-preserving systems around trust and identity, said: “We are thankful to Edinburgh Napier and Scottish Enterprise for their continuous support.

“This funding is the first step in bringing this innovation to reality.”

Nanik Ramchandani added: “We sincerely appreciate the support provided by Scottish Enterprise to the start-up ecosystem in Scotland.

“This support will help us identify the ideal commercial opportunity for TrueDeploy’s ground-breaking innovation.”

Victoria Carmichael, director of strategic investment at Scottish Enterprise, said: “Cyber security is a major issue facing society today and this project has the potential to be hugely impactful.

“Our High Growth Spin-out Programme helps turn innovative university research into successful business ventures. To date we’ve supported four cyber security spin outs from Edinburgh Napier, with TrueDeploy becoming the fifth, which speaks volumes about the university’s academic and commercial capabilities.”

Fiona Mason, Head of Business Engagement and IP Commercialisation at Edinburgh Napier, said: “We are thrilled to receive this recognition from Scottish Enterprise on another exciting venture arising from our cyber group.

“The project has benefitted from seed funding, and the inventor has worked closely with both the Business Development support, Matthew Burdge, and our Royal Society-funded Entrepreneur-in Residence, Jamie Graves, to develop the project to the high standard required by SE.

“We value the long-term platform the funding provides, both in terms of project development but also the access to networks, training and mentoring support.”

Game-changer? New spin-out will tackle the ransomware threat

Memcrypt aims to repeat earlier University cybersecurity success stories

Edinburgh Napier’s School of Computing has revealed plans to spin out a business dedicated to tackling the multi-billion pound ransomware market.

Memcrypt follows earlier University cybersecurity ventures ZoneFox, Symphonic Software and Cyan Forensics in making the leap from research lab to the market.

Ransomware – malware that encrypts files, giving the attacker scope to demand a ransom to restore access – is increasingly becoming the attack of choice for cyber criminals as it has a high chance of financial return coupled with a low chance of detection, and the threat is increasing daily.

However, the University’s cryptography experts are developing new methods of detecting ransomware as it runs. This will provide new ways of stopping the ransomware from infecting systems before it has a chance to spread.

The team’s work is part of Innovate UK’s CyberASAP programme accelerator, and is also supported more recently by Scottish Enterprise’s High Growth Spin-out Programme – the early stage growth challenge fund.

Memcrypt has evolved around a technical team of Professor Bill Buchanan, Dr Peter McLaren, Dr Owen Lo and Dr Gordon Russell, and a core business team of Dia Banerji (Imagine Ventures Ltd) and Matt Burdge (the Business Development and Relationship Manager supporting the School of Computing), as the University seeks to repeat earlier successes in converting ground-breaking research into high impact spin-outs.

Threat analytics spin-out ZoneFox has since been acquired by US giant Fortinet, and Symphonic Software and Cyan Forensics have also scaled up to become players in the international marketplace.

At the heart of Memcrypt lies Dr Peter McLaren’s PhD work, the first to discover the presence of the key schedule of a popular encryption method – ChaCha20 – within running memory on the computer.  Another team member, Dr Owen Lo, earlier showed that encryption keys could be discovered just by listening to the electrical noise created by a device.

Dr McLaren said: “The core of our approach is to search for things that look completely random with memory, and mark these as suspicious.”

Dia Banerji said: “Ransomware attacks can have a debilitating effect on businesses, often leading to loss in revenue, falling share prices and reputational losses. We aim to better protect those at risk, and work with law enforcement agencies on improving their responses to these attacks.”

PGP Academic – Bill Buchanan (Dr), lecturer in the School of Computing

Professor Bill Buchanan (above), who played a key role in the research which paved the way for Edinburgh Napier’s earlier cybersecurity spin-out successes, added: “Ransomware affects virtually every market sector, and can affect every size of company. While building our company in Edinburgh, we aim to scale on an international basis.”

Fiona Mason, Head of Business Engagement and IP Commercialisation at the University, said: “We are delighted that our emerging spin-outs are recognised by CyberASAP and by Scottish Enterprise.

“Our success here is testament to the entrepreneurship, commitment and creativity of the University’s academic staff and students, supported by our talented Business Engagement and IP team in the Research Innovation and Enterprise Office who worked tirelessly to bring these opportunities to life.

“Over the last 10 years, our School of Computing has achieved three successful cyber spin-outs; ZoneFox in 2010, Symphonic in 2013 and Cyan Forensics in 2017.

“All of these spin-outs are currently in operation and growing, with ZoneFox having been acquired by the NASDAQ-listed US company Fortinet. This success is further highlighted in a UK government-backed report from The London Office for Rapid Cybersecurity Advancement (LORCA), which listed Edinburgh Napier in the top six universities that have contributed to the cybersecurity spin-out ecosystem.

“We believe Memcrypt will be our next game-changer.”