Carsten Maple

Carsten Maple
University of Warwick

About

257
Publications
59,132
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,060
Citations

Publications

Publications (257)
Preprint
A key task in managing distributed, sensitive data is to measure the extent to which a distribution changes. Understanding this drift can effectively support a variety of federated learning and analytics tasks. However, in many practical settings sharing such information can be undesirable (e.g., for privacy concerns) or infeasible (e.g., for high...
Article
Data-driven technologies have improved the efficiency, reliability and effectiveness of healthcare services, but come with an increasing demand for data, which is challenging due to privacy-related constraints on sharing data in healthcare contexts. Synthetic data has recently gained popularity as potential solution, but in the flurry of current re...
Preprint
Statistical heterogeneity is a measure of how skewed the samples of a dataset are. It is a common problem in the study of differential privacy that the usage of a statistically heterogeneous dataset results in a significant loss of accuracy. In federated scenarios, statistical heterogeneity is more likely to happen, and so the above problem is even...
Chapter
Machine learning models have been instrumental in making decisions across domains, like mortgage lending and risk assessment in finance. However, these models have been found susceptible to biases, causing unfair decisions for a specific group of individuals. Such bias is generally based on some protected (or sensitive) attributes, such as age, sex...
Preprint
Full-text available
We present a dependency model tailored to the context of current challenges in data strategies and make recommendations for the cybersecurity community. The model can be used for cyber risk estimation and assessment and generic risk impact assessment.
Article
Full-text available
Internet-of-Things (IoT) refers to low-memory connected devices used in various new technologies, including drones, autonomous machines, and robotics. The article aims to understand better cyber risks in low-memory devices and the challenges in IoT risk management. The article includes a critical reflection on current risk methods and their level o...
Preprint
Full-text available
Data-driven technologies have improved the efficiency, reliability and effectiveness of healthcare services, but come with an increasing demand for data, which is challenging due to privacy-related constraints on sharing data in healthcare contexts. Synthetic data has recently gained popularity as potential solution, but in the flurry of current re...
Article
Digital health solutions hold promise for enhancing healthcare delivery and patient outcomes, primarily driven by advancements such as machine learning, artificial intelligence, and data science, which enable the development of integrated care systems. Techniques for generating synthetic data from real datasets are highly advanced and continually e...
Preprint
Full-text available
Modern financial institutions rely on data for many operations, including a need to drive efficiency, enhance services and prevent financial crime. Data sharing across an organisation or between institutions can facilitate rapid, evidence-based decision making, including identifying money laundering and fraud. However, data privacy regulations impo...
Article
Full-text available
Objective Establish a relationship between digital health intervention (DHI) and health system challenges (HSCs), as defined by the World Health Organization; within the context of hazard identification (HazID), leading to safety claims. To improve the justification of safety of DHIs and provide a standardised approach to hazard assessment through...
Conference Paper
Full-text available
Space systems are continuously under cyber attack. Minimum cybersecurity design requirements are necessary to preserve our access to space. This paper proposes a scalable, ex-tensible method for developing minimum cyber design principles and subsequent requirements for a space system based on any given mission priority. To test our methodology, we...
Preprint
Since its implementation in May 2018, the General Data Protection Regulation (GDPR) has prompted businesses to revisit and revise their data handling practices to ensure compliance. The privacy policy, which serves as the primary means of informing users about their privacy rights and the data practices of companies, has been significantly updated...
Article
Full-text available
Additive Manufacturing (AM) offers revolutionary design capabilities but introduces cybersecurity vulnerabilities due to its digital integration. While existing research focuses on cyber threats, a significant gap exists in addressing physical and cyber risks. The current research focuses on cyber threats, but more attention needs to be paid to add...
Article
Full-text available
Certificateless Proxy Signature (CLPS) offers a comprehensive authentication mechanism to ensure the optimal solutions from modern forgery attacks in Industrial Internet of Things (IIoTs) environment. CLPS is part of certificateless public key cryptography (CL-PKC) and has the benefits of eradicating many issues like key distribution problem. Altho...
Article
The widespread adoption and success of Machine Learning (ML) technologies depend on thorough testing of the resilience and robustness to adversarial attacks. The testing should focus on both the model and the data. It is necessary to build robust and resilient systems to withstand disruptions and remain functional despite the action of adversaries,...
Article
Full-text available
Electric vehicles (EVs) are becoming more popular due to environmental consciousness. The limited availability of charging stations (CSs), compared to the number of EVs on the road, has led to increased range anxiety and a higher frequency of CS queries during trips. Simultaneously, personal data use for analytics is growing at an unprecedented rat...
Article
Full-text available
As threat vectors and adversarial capabilities evolve, Cloud-Assisted Connected and Autonomous Vehicles (CCAVs) are becoming more vulnerable to cyberattacks. Several established threat analysis and risk assessment (TARA) methodologies are publicly available to address the evolving threat landscape. However, these methodologies inadequately capture...
Article
Full-text available
Cloud-Assisted Connected and Autonomous Vehicles (CCAV) are set to revolutionise road safety, providing substantial societal and economic advantages. However, with the evolution of CCAV technology, security and privacy threats have increased. Although several studies have been published around the threat and risk estimation aspects of CCAV, limited...
Article
Full-text available
Self-sovereign identity (SSI) is an emerging and promising concept that enables users to control their identity while enhancing security and privacy compared to other identity management (IDM) approaches. Despite the recent advancements in SSI technologies, federated identity management (FIDM) systems continue to dominate the IDM market. Selecting...
Preprint
Full-text available
National Electronic Identity System (NeIDS) has become crucial for verifying the identities of citizens and granting access to digital services in public and private domains. However, implementing NeIDS has raised concerns about security, privacy, and exclusion. Furthermore, conducting a comprehensive risk assessment for NeIDS is challenging, as it...
Article
Full-text available
Federated Learning (FL) is a distributed Deep Learning (DL) technique that creates a global model through the local training of multiple edge devices. It uses a central server for model communication and the aggregation of post-trained models. The central server orchestrates the training process by sending each participating device an initial or pr...
Article
Full-text available
We provide a practical implementation of a free space optical quantum key distribution (FSO-QKD) system within a vehicle-to-infrastructure (V2I) application developed under the Innovate UK AirQKD project. The FSO-QKD system provides the quantum secure encryption keys that serve as the foundation for secure communications throughout the V2I applicat...
Article
Full-text available
Cyber threats and vulnerabilities present an increasing risk to the safe and frictionless execution of business operations. Bad actors (“hackers”), including state actors, are increasingly targeting the operational technologies (OTs) and industrial control systems (ICSs) used to protect critical national infrastructure (CNI). Minimisations of cyber...
Chapter
Additive manufacturing (AM) offers numerous benefits, such as manufacturing complex and customised designs quickly and cost-effectively, reducing material waste, and enabling on-demand production. However, several security challenges are associated with AM, making it increasingly attractive to attackers ranging from individual hackers to organised...
Article
An external disruptor to a manufacturing process (e.g., a supply chain failure, or a cyber‐attack) can affect more than a factory's output; it can have wider societal concerns, raising the issue of industrial resilience at different levels. In this work, manufacturing resilience is revisited, reviewing the applicability of the resilience concept to...
Conference Paper
Full-text available
Foundational identity systems (FIDS) have been used to optimise service delivery and inclusive economic growth in developing countries. As developing nations increasingly seek to use FIDS for the identification and authentication of identity (ID) holders, trustworthy interoperability will help to develop a cross-border dimension of e-Government. De...
Conference Paper
Full-text available
Supporting universal access to legal identity has emerged as a prominent global objective, garnering significant investment from governments, NGOs, research institutes, and companies. To accelerate ID registration processes, governments employ various programs, such as setting up temporary registration centers or visiting remote villages equipped w...
Conference Paper
Full-text available
The major vehicle manufacturers deploy Over-the-Air (OTA) software update technology for their vehicle systems. In this research, we review the literature on the cybersecurity of the OTA software update mechanism. This allowed the derivation of a high-level reference architecture for the OTA system. The architecture and review guided the analysis o...
Article
Full-text available
The evolution of Connected and Autonomous Vehicles (CAVs) promises improvements in our travel experience and the potential to enhance road safety and reduce environmental impact. This will be utilising highly diverse traffic environments that enable several advanced mobility applications. A secure, efficient, reliable, and resilient communications...
Preprint
Full-text available
This report examines Artificial Intelligence (AI) in the financial sector, outlining its potential to revolutionise the industry and identify its challenges. It underscores the criticality of a well-rounded understanding of AI, its capabilities, and its implications to effectively leverage its potential while mitigating associated risks. The potent...
Article
Full-text available
Quantum‐based technologies will provide system engineers with new capabilities for securing data communications. The UK AirQKD project has implemented a Free‐Space Optical Quantum Key Distribution (QKD) system to enable the continuous generation of symmetric encryption keys. One of the use cases for the generated keys is to secure Vehicle‐to‐Everyt...
Article
The growing integration of high-wattage Internet-of-Things (IoT)-enabled electrical appliances at the consumer end has created a new attack surface that an adversary can exploit to disrupt power grid operations. Specifically, dynamic load-altering attacks (D-LAAs), accomplished by an abrupt or strategic manipulation of a large number of consumer ap...
Article
Full-text available
The MedSecurance project focus on identifying new challenges in cyber security with focus on hardware and software medical devices in the context of emerging healthcare architectures. In addition, the project will review best practice and identify gaps in the guidance, particularly the guidance stipulated by the medical device regulation and direct...
Preprint
Full-text available
Additive manufacturing (AM) offers numerous benefits, such as manufacturing complex and customised designs quickly and cost-effectively, reducing material waste, and enabling on-demand production. However, several security challenges are associated with AM, making it increasingly attractive to attackers ranging from individual hackers to organised...
Preprint
Full-text available
Ontologies play a critical role in Semantic Web technologies by providing a structured and standardized way to represent knowledge and enabling machines to understand the meaning of data. Several taxonomies and ontologies have been generated, but individuals target one domain, and only some of those have been found expensive in time and manual effo...
Article
Full-text available
As the Ground Station as a Service (GSaaS) paradigm transforms space infrastructure operations, new attack surface emerges for malicious actors. While the space community generally refers to GSaaS as a singular model, there are several flavors of these systems. After a description of the general GSaaS network's basic structure, this paper presents...
Article
Full-text available
Security has been the most widely researched topic, particularly within IoT, and has been considered as the major hurdle in the adoption of different applications of IoT. When it comes to IoV, security is considered as the most inevitable component to ensure a safe and smooth driving experience. CAV is the new era of transportation, integrating int...
Article
Full-text available
Factory automation design engineers building the Smart Factory can use wireless 5G broadband networks for added design flexibility. 5G New Radio builds upon previous cellular communications standards to include technology for “massive machine-type communication” and “ultra-reliable and low-latency communication”. In this work, the authors augment a...
Article
Full-text available
Connected and autonomous vehicles (CAVs) can fulfill the emerging demand for smart transportation on a global scale. Such innovations for transportation can bring manyfold benefits, from fully autonomous driving services to proactive vehicle monitoring and traffic management. However, given the complexity involved in the deployment of CAVs, zero-to...
Article
Strategic investment(s) in vehicle automation technologies led to the rapid development of technology that revolutionised transport services and reduced fatalities on a scale never seen before. Technological advancements and their integration in Connected Autonomous Vehicles (CAVs) increased uptake and adoption and pushed firmly for the development...
Article
Full-text available
Autonomous robotic systems systems are both safety- and security-critical, since a breach in system security may impact safety. In such critical systems, formal verification is used to model the system and verify that it obeys specific functional and safety properties. Independently, threat modelling is used to analyse and manage the cyber security...
Article
Full-text available
Recently, many farmers have started using robots to help with labour-intensive harvesting operations and deal with labour shortage that was also a negative consequence of the recent COVID-19 pandemic. Intelligent harvesting robots make farming more efficient and productive. However, and like any other technology, intelligent harvesting robots come...
Preprint
Full-text available
The major vehicle manufacturers deploy Over-the-Air (OTA) software update technology for their vehicle systems. In this research, we review the literature on the cybersecurity of the OTA software update mechanism. This allowed the derivation of a high-level reference architecture for the OTA system. The architecture and review guided the analysis o...
Article
Full-text available
Mobile app developers are often obliged by regulatory frameworks to provide a privacy policy in natural comprehensible language to describe their apps’ privacy practices. However, prior research has revealed that: (1) not all app developers offer links to their privacy policies; and (2) even if they do offer such access, it is difficult to determin...
Article
Full-text available
The safe and efficient function of critical national infrastructure (CNI) relies on the accurate demand forecast. Cyber-physical system-based demand forecasting systems (CDFS), typically found in CNI (such as energy, water, and transport), are highly vulnerable to being compromised under false data injection attacks (FDIAs). The problem is that the...
Article
Full-text available
The initial access achieved by cyber adversaries conducting a systematic attack against a targeted network is unlikely to be an asset of interest. Therefore, it is necessary to use lateral movement techniques to expand access to different devices within the network to accomplish the strategic attack’s objectives. The pivot attack technique is widel...
Article
Full-text available
This report summarises the results from engagement with one of the DARE UK PRiAM project’s key stakeholders: the general public. The aim of DARE UK PRiAM has been work towards a standard privacy risk assessment framework for those seeking to operate a secure, trusted infrastructure environment within cross-council collaborative research networks. T...
Article
Full-text available
Trustworthy and collaborative data sharing and re-usage for approved research purposes can help to advance public health and patient care. Data and analytics systems are changing and new ways to share and access data are emerging, including the potential for greater federation of resources and services. These changes are bringing about new and evol...
Article
Full-text available
This report is Deliverable 3 (D3) “PRiAM Privacy Risk Framework Application Guide” of the DARE UK PRiAM project. The report is one in a series of four project reports, which focus on working towards standardisation of privacy risk assessment for cross-domain access and re-use of sensitive data for research purposes. This report describes how to aut...
Article
Full-text available
Sharing data for research, when carried out responsibly, can have huge public benefits. However, without appropriate protections in place, institutions risk losing the trust of individuals. Hence, privacy risk assessment should be baked into the decision-making processes for sharing or providing access to data. The current approaches for assessing...
Preprint
Full-text available
Recent research has shown that the security of power grids can be seriously threatened by botnet-type cyber attacks that target a large number of high-wattage smart electrical appliances owned by end-users. Accurate detection and localization of such attacks is of critical importance in limiting the damage. To this end, the paper proposes a novel t...
Preprint
Full-text available
Society requires assurances that sufficient levels of cybersecurity exist to reduce cyber-attack risk. Achieving cybersecurity goals for components, sub-systems, and systems will require appropriate security-focused processes. Furthermore, organisations will need to operate with enhanced security when supplying government and military systems. Syst...
Poster
Full-text available
This study explored the cybersecurity threats posed by the rising integration of high-wattage internet-of-things (IoT)- enabled devices (e.g., WiFi-enabled air conditioners, electric vehicles, etc.) into the operation of the power grid as a cyber physical system (CPS).
Article
Full-text available
Advances in edge computing are powering the development and deployment of Internet of Things (IoT) systems to provide advanced services and resource efficiency. However, large‐scale IoT‐based load‐altering attacks (LAAs) can seriously impact power grid operations, such as destabilising the grid's control loops. Timely detection and identification o...
Article
Full-text available
Recently there has been a surge of interest in adopting deep neural networks (DNNs) for solving the optimal power flow (OPF) problem in power systems. Computing optimal generation dispatch decisions using a trained DNN takes significantly less time when compared to conventional optimization solvers. However, a major drawback of existing work is tha...
Article
Full-text available
Recently there has been a surge of interest in adopting deep neural networks (DNNs) for solving the optimal power flow (OPF) problem in power systems. Computing optimal generation dispatch decisions using a trained DNN takes significantly less time when compared to conventional optimization solvers. However, a major drawback of existing work is tha...