Dr Yulia Cherdantseva
I am a lecturer at the National Software Academy at Cardiff University. I am also an enthusiastic researcher specialising in Cyber Security, Secure Business Process Design and Risk Assessment. My research interests include (1) Cyber Security in Corporate Information Systems and in Industrial Control Systems (ICS) and SCADA systems, (2) Information Assurance and Security, (3) Design/Modelling of Safe and Secure Systems, (4) Domain-Specific Extensions of Business Process Modelling Languages, (5) Security, Risk and Safety Modelling in Business Processes, (6) Risk Management and Risk Assessment, (7) and Cyber Security Knowledge Representation and Visualisation. My education and research skills are reinforced by my diverse work experience.
In my PhD research project, I developed a Reference Model of Information Assurance & Security (RMIAS), which captures the inter-dependencies between information, people, processes, legal factors, risks and control actions. The RMIAS (wiki) is used by the research community independently of myself for framing information security in the research on secure business process modelling and SCADA systems, it is also used in training matrials on information security.
Based on the RMIAS, I developed a security modelling extension for BPMN 2.0 titled Secure*BPMN. The extension enables the depiction in business process models of such information as security goals and their criticality (risks), control actions/countermeasures, information characteristics and access permissions. The extension is designed to facilitate the communication about security in multi-disciplinary teams including business, technical, legal, HR and other domain experts. The extension is supported by stencils for Microsoft Visio and OmniGraffle.
- PhD in Computer Science & Informatics, Cardiff University, UK
- MSc (Hons) in Business Information Systems Design, Russia
Honours and awards
- PhD scholarship from the School of Computer Science & Informatics, Cardiff University, 2010 -2014
- Since November 2014, I have been working as a research associate on the research project “Supervisory Control and Data Acquisition Systems Cyber Security Lifecycle (SCADA-CSL)” which is funded by the Airbus Group Endeavr Wales and the Welsh Assembly Government
Since 2016, I am teaching two modules Database Systems and Cyber Security at the National Software Academy to Year 2 undergradute students.
In 2010-2014, I assisted with teaching the following modules:
- CMT602 - SQL
- CMO1102 - Web Applications
- CMO240 - System Design (Group Project)
- CMO206 - Software Engineering
- CMO383 - Management Decision Making
- CMO381 - Information Assurance
My main research interest is in the design of secure information systems. More specifically, I am interested in the modelling of secure intra- and inter-organisational business processes. I also research SCADA/ICS cyber security and risk assessment methodologies.
My other research interests are:
- Conceptual and Reference Models of Information Security and Information Assurance
- Evolution of Conceptual and Reference Models of Information Security/Assurance
- Definitions of Information Security/Assurance
- Business Process Modelling (BPMN, UML, IDEF)
- Complex Inter-Organisational Business Processes
- Incorporation of Security, Safety and Risk information into Business Process Models
- Cyber Security in SCADA and ICS systems