Kent awarded EPSRC funding to study cyber security risks for mobility-as-a-service (MaaS)


Professor Shujun Li from the School of Computing and Director of the Institute of Cyber Security for Society (iCSS) will work with researchers at Cranfield University to look into the cyber security risks posed by a digitally enabled, low-carbon mobility-as-a-service (MaaS) ecosystem. The project, titled “Mobility as a service: MAnaging Cybersecurity Risks across Consumers, Organisations and Sectors (MACRO)”, is funded by the Engineering and Physical Sciences Research Council (EPSRC), part of UK Research and Innovation (UKRI), and will run for two years.

Mobility-as-a-service (MaaS) offers travellers a unified service that combines various forms of transport from a single point of delivery. MaaS carries the potential to reduce traffic congestion, improve customer convenience and reduce social inequalities and carbon emissions through the use of public transport.

Ensuring success for MaaS will require a single application to plan and conduct journeys, a software system allowing multiple providers and AI-based analytics allowing journey and resource optimisation. All these interactions are susceptible to a wide range of cyber attacks, which can affect different stakeholders of the ecosystems. The complexity of the MaaS ecosystem, including customers, transportation providers and data providers, and its dependence on the data, creates unique challenges from a cyber-security perspective.

The project is led by Dr Nazmiye Ozkan, Senior Lecturer in Energy Economics and Head of Centre for Energy Systems and Strategy at the Cranfield University. Professor Shujun Li will lead the work package on Modelling Cyber Security Risks and contribute to other work packages. The project team will work closely with a number of supporting bodies including University of Bath, Oxfordshire County Council, Kent County Council, South East Midlands Local Enterprise Partnership and Transport for the South East.

Professor Shujun Li said: “I am very pleased to have the opportunity to work with my collaborators from Cranfield University. The UK Government’s ambitions to reach net zero carbon emissions by 2050 and other governments’ similar goals mean that MaaS becomes an important component of this long-term vision. The complicated data flows and interactions between different stakeholders of a MaaS ecosystem requires careful consideration of various cyber security and privacy risks and development of corresponding solutions, including new tools, techniques, policies and procedures. By following a modelling-based approach, the project will produce useful tools and information for governments, transport service providers and travellers to co-develop healthy MaaS ecosystems.”

The Institute of Cyber Security for Society (iCSS) represents the University of Kent as one of only 19 universities in the UK recognised as Academic Centres of Excellence in Cyber Security Research (ACE-CSR) by the National Cyber Security Centre (NCSC, part of GCHQ) and Engineering and Physical Sciences Research Council (EPSRC).