Dr Yulia Cherdantseva
I am a young enthusiastic researcher specialising in Cyber Security and Secure Business Process Design, and with experience in commercial software development. My research interests include (1) Cyber Security in Corporate Information Systems and in Industrial Control Systems (ICS) and SCADA systems, (2) Information Assurance and Security, (3) Design/Modelling of Safe and Secure Systems, (4) Domain-Specific Extensions of Business Process Modelling Languages, (5) Security, Risk and Safety Modelling in Business Processes, (6) Risk Management and Risk Assessment, (7) and Cyber Security Knowledge Representation and Visualisation. My education and research skills are reinforced by my diverse work experience.
In my PhD research project, I developed a Reference Model of Information Assurance & Security (RMIAS), which captures the inter-dependencies between information, people, processes, legal factors, risks and control actions. The RMIAS (wiki) is used by the research community independently of myself for framing information security in the research on secure business process modelling and SCADA systems, it is also used in training matrials on information security.
Based on the RMIAS, I developed a security modelling extension for BPMN 2.0 titled Secure*BPMN. The extension enables the depiction in business process models of such information as security goals and their criticality (risks), control actions/countermeasures, information characteristics and access permissions. The extension is designed to facilitate the communication about security in multi-disciplinary teams including business, technical, legal, HR and other domain experts. The extension is supported by stencils for Microsoft Visio and OmniGraffle.
- PhD in Computer Science & Informatics, Cardiff University, UK
- MSc (Hons) in Business Information Systems Design, Russia
Honours and awards
- PhD scholarship from the School of Computer Science & Informatics, Cardiff University, 2010 -2014
Previous academic positions
- Since November 2014, I have been working as a research associate on the research project “Supervisory Control and Data Acquisition Systems Cyber Security Lifecycle (SCADA-CSL)” which is funded by the Airbus Group Endeavr Wales and the Welsh Assembly Government
I am not teaching at the moment, but I have been enjoying teaching in 2010-2014, when I assisted with the following modules:
- CMT602 - SQL
- CMO1102 - Web Applications
- CMO240 - System Design (Group Project)
- CMO206 - Software Engineering
- CMO383 - Management Decision Making
- CMO381 - Information Assurance
My main research interest is in the design of secure information systems. More specifically, I am interested in the modelling of secure intra- and inter-organisational business processes. I also research SCADA/ICS cyber security and risk assessment methodologies.
My other research interests are:
- Conceptual and Reference Models of Information Security and Information Assurance
- Evolution of Conceptual and Reference Models of Information Security/Assurance
- Definitions of Information Security/Assurance
- Business Process Modelling (BPMN, UML, IDEF)
- Complex Inter-Organisational Business Processes
- Incorporation of Security, Safety and Risk information into Business Process Models
- Cyber Security in SCADA and ICS systems