Professor of Cybersecurity
School of Computing and Digital Technology - CDT
Paul Kearney is part-time Professor of Cybersecurity in the Cyber-Physical Systems Department of the School of Computing and Digital Technology.
Paul has had a long and varied career in research and development in industry, and has previously worked for British Aerospace (BAe), Sharp and British Telecom (BT). He has participated in numerous collaborative research projects, and served on committees and advisory and working groups.
After completing a BSc in Mathematical Physics at Liverpool University and a PhD in elementary particle theory at Durham University, Paul joined BAe Military Aircraft, working in a variety of roles and finishing as leader of a research and development group investigating intelligent on-board systems and advanced software engineering. After ten years, he joined Sharp Corporation’s then new European research lab in Oxford where he led a research group on Distributed Intelligent Systems. He joined BT in 1997, originally researching intelligent agents applied to workflow and other business systems, before being asked to form a new security research team around 2001. He has worked in cybersecurity and related research ever since, spending many years as Chief Security Researcher in BT's Research and Innovation department.
- Part of the leadership team of the Cyber-Physical Systems Research Group, aiming to make BCU a recognized centre of excellence in the field
- Leading and contributing to bids for external research and innovation funding
- Participation in externally-funded research and innovation projects. Paul led BCU’s team within the recently-completed RED-Alert Horizon2020 project, and was previously involved in Big Data Corridor. He is Lead Academic in a Knowledge Transfer Partner (KTP) project with Birmingham-based company, METCloud.
- Supervision of PhD students
- Building links with partners in industry and commerce. Paul is an active contributor to the work of the IoT Security Foundation
Areas of Expertise
- Cybersecurity analytics and AI applied to cybersecurity operations
- Security for the Internet of Things
- Model-based secure systems engineering
- PhD in elementary particle physics from Durham University
- BSc in Mathematical Physics from Liverpool University
- Full member of the Chartered Institute of Information Security (MCIIS)
- Member of the Association for Computing Machinery (ACM)
- Security and trust architecture for large-scale dynamic IoT systems
- Reference security and trust architecture for large-scale dynamic IoT systems
- Model-based security risk assessment
- Cybersecurity analytics
- Monitoring cybersecurity in the Smart Home
Director of studies for the following PhD students:
- Mujahid Muhammad, researching security for Vehicle-to-Vehicle communications
- Carolina Adaros Boye, researching continuous cybersecurity risk management in industrial IoT and control systems
- Thomas Nagunwa, researching application of machine learning to detection of phishing web sites
and Second Supervisor for:
- Akinola Siyanbola, researching semantic modelling of cyberattacks and how to prevent them
Collins, P D B and Kearney P. J. (1984). Regge theory and QCD in large-angle scattering in Zeitschrift für Physik C 22, 277 (1984)
Kearney , P J and Hunt, B (1986). A graphical aid to IKBS program development in Proceedings of the AGARD AMP Symposium on Information Management and Decision Making in Advanced Airborne Weapon System, Toronto, 1986
Kearney , P J (1988). The representation and application of tactical knowledge in Proceedings of the AGARD Avionics Panel Symposium on Near Real-Time Aspects in Air Battle Management, Copenhagen, 1988
Kearney , P J (1991). TMA: a research study in personal time management, Proceedings of the 10th UK Planning SIG Workshop, Cambridge, 1991
Kearney, P J (1992). Experiments in multi-agent system dynamics in Artificial Social Systems: 4th European Workshop on Modelling Autonomous Agents in a Multi-Agent World, MAAMAW’92 (Eds Castelfranchi, C and Werner, E) Lecture Notes in AI 830, Springer-Verlag (1994).
Kearney, P J, Sehmi A and Smith, R M (1994). Emergent behaviour in a multi-agent economic simulation in 11th European Conference on Artificial Intelligence, ECAI’94, Proceedings (Ed Cohn, A G), Wiley.
Gibbins, P F, Kearney, P J, Sehmi, A and Smith, R M (1994), Intelligent agents in multimedia systems, Sharp Technical Journal, 60, December 1994.
Sehmi, A, Kearney, P J, Smith, R M and Gibbins P F (1994). Support for distributed multi-agent systems in CKBS’94: Proceedings of the Second International Working Conference on Cooperating Knowledge Based Systems (Ed Deen, S M) DAKE Centre, University of Keele.
Kearney, P J (1995). Intelligent agents and personal electronics in proceedings of Unicom Agent Software seminar London, April 1995. To be published in book form by John Wiley. This paper was also presented at the IEE Professional Group C10 Colloquim on Developments in Personal Systems, June 1995. Digest No: 1995/140
Kearney, P J (1996). Personal agents: A walk on the client side Real-World Applications of Intelligent Agent Technology seminar London, June 1996, Unicom. This paper will also be presented at the IBC Seminar on Intelligent Agents, London June 1996. An earlier version was presented at the IEE Professional Group C3 Colloquim on Intelligent Agents and their applications, April 1996. Digest No: 1996/101
Kearney, P J and O’Brien, P D (1999). The Emerging Enterprise, themed issue of the BT Technology Journal, Vol. 17 No. 4, October 1999 (guest editors)
Swaby, M, Dew, O and Kearney (1999), P J. Model based construction of collaborative systems, BT Technology Journal, Vol. 17 No. 4, October 1999
Kearney, P J and Merlat, W (1999). Modelling market-based decentralised management systems, BT Technology Journal, Vol. 17 No. 4, October 1999
Smith R E, Kearney, P J and Merlat, W (1999). Evolutionary adaptation in autonomous agent systems – a paradigm for the emerging enterprise, BT Technology Journal, Vol. 17 No. 4, October 1999
Smith R E, Bonacina, C., Kearney, P J and Merlat, W (2000). Embodiment of Evolutionary computation in General Agents, Evolutionary Computation, Vol. 8, No.4, Winter 2000.
Kearney, P J, Stark, J. (2000) Decentralised Management of Business Process Networks, Proceedings of the 'Complexity and Complex Systems in Industry' conference, held in September 2000 at Warwick University.
Kearney, P J, Smith R E, Bonacina, C., Eymann, T. (2000), Integration of computational models inspired by economics and genetics, BT Technology Journal Vol. 18, No. 4 October 2000
Kearney, P J, Borrajo, D. (2000), An R&D Road Map for AI Planning applied to Workflow Management, presented at the EB 2000 Conference, Madrid
Rodriguez-Moreno, M D, Kearney, P J (2001), Let's see What Happen if we Integrate AI Planning with Workflow, Proceedings of ES2001, the 21st SGES International Conference on Knowledge Based Systems and Applied AI, Cambridge, December 2001. pp: 299-312. ISBN: 1852335351, Pub. Springer Verlag
Milham, D, Evans, D, Adam Clarke, A, Kearney P J (2002), e2 OSS: e-nabling Service Provider Value Chains, EURESCOM P1106 Summit
Clarke, A, Kearney, P J, Griffiths, S P (2002), B2B Trust Service Provider: Concept Demonstrator, First Internal iTrust Workshop On Trust Management In Dynamic Open Systems, Glasgow, Scotland
Rodriguez-Moreno, M D, Kearney, P J (2002), Integrating AI planning techniques with workflow management systems, Knowledge-Based Systems 15 (2002) 285-291
Caire G, Coulier W, Garijo F, Gomez-Sanz J, Pavon J, Leal, F, Chainho, P, Kearney P, Stark, J, Evans, R, Massonet P (2002), M Agent Oriented Analysis Using Message/UML, in Agent-Oriented Software Engineering II of Lecture Notes in Computer Science, Springer.
Kearney, P J, Brigaud, G. (2003), Untangling Web Service Security, BT Retail white paper
Caire G, Coulier W, Garijo F, Gomez-Sanz J, Pavon J, Kearney P, Massonet P (2003), MESSAGE: A methodology for the development of agent-based applications, in Methodologies And Software Engineering For Agent Systems ed. Bergenti F, Gleizes M-P, Zamponelli F, pub. Kluwer Academic Publishing (New York).
Kearney P J, Chapman J, Edwards N, Gifford M, He L (2004), An overview of web services security, BTTJ January 2004
Kearney, PJ (2004) ‘Message-level security for web services’, Information Security Technical Report Vol 9 No. 3, 2004, pub. Elsevier
Dimitrakos, T (BT), Golby, D (BAe Systems), Kearney, P (BT) (2004), Towards a Trust and Contract Management Framework for Dynamic Virtual Organisations, Proc. eChallenges 2004, Vienna, Austria, 27-29 Oct 2004
Kearney, PJ (2004), ‘Web Services Security: Challenges and opportunities’, , Marcus Evans Conference on Web Services Opportunities in the Telecom Industry, London, 21st-23rd June 2004
Kearney, PJ (2005), ‘Trust and security in dynamically-aggregated web services’, CASSIS Workshop, Nice, March 2005
Bowden, C et al (2005), 'Research and Development for Cyber Trust and Crime Prevention: A Collective Service Providers and Vendors View', published on IAAC (Information Assurance Advisory Council) web site December 2005
Kearney, PJ and K Bosworth, K, ed. (2005), BT Technology Journal themed issue on Identity Management, ed. (BTTJ Vol 23 No. 4) Oct. 2005
Kearney, PJ, ‘Trust and Security in Virtual Organisations’, in BTTJ Vol 24 No. 2, July 2006
Baldwin, A, Beres, Y, Shiu, S and Kearney, P (2006), ‘A model-based approach to trust, security and assurance’, , in BTTJ Vol 24 No. 4, October 2006
Kearney, P and Brügger, L (2007) ‘A risk-driven security analysis method and modelling language’, in BTTJ Vol 25 No. 1
Kearney, PJ, ed. (2007), BT Technology Journal themed issue on Operational Risk Management, ed. (BTTJ Vol 25 No. 1) Jan 2007
Sasse, MA, (UCL), Ashenden, D & Lawrence, D (Cranfield University), Coles-Kemp, L (RHUL), Fléchais, I (Oxford University), Kearney, P (BT) (2007), ‘Human Vulnerabilities in Security Systems’, CyberSecurity KTN Human Factors Working Group White Paper
Kearney, P and Dimitrakos, T (2007), ‘Secure exposure and composition of web services’, RSA Europe conference, London, October 2007
Brücker, AD, Brügger, L, Kearney, P, Wolff, B (2010) “Verified firewall policy transformations for test case generation”, ICST2010 (Third Conference on Software Testing, Verification and Validation, Paris, April 2010
Kearney, P (2010), ‘Security: the Human Factor’, pub IT Governance
Kearney, P (2011), “Securing Critical Infrastructure from Disruptive Technologies””, CNi Conference at the Counter-Terror Expo, London, April 2011
Brücker, AD, Brügger, L, Kearney, P, Wolff, B (2011) “An Approach to Modular and Testable Security Models of Real-world Health-Care Applications”, to be published at ACM SACMAT 2011
Kearney, PJ (2011) ‘The Rise of Hacktivists’, BT Global Services Secure Thinking and Let’s Talk Security blog sites
Kearney, PJ (2011) ‘Meeting security compliance challenges at affordable cost’, ISF World Congress, Berlin, September 2011
Kearney, PJ (2011) ‘How can the growing challenges of compliance be met at affordable cost?’, Series of articles based on the ISF paper published on the BT Global Services Secure Thinking and Let’s Talk Security blog sites and in integrated form as a white paper.
CSIT (2012) ‘Report on Belfast 2012: World Cyber Security Technology Research Summit’, (Paul Kearney contributed to the section on Adaptive Cyber Security Technology)
Pavlidis, M, Mouratidis, H, Islam, S, Kearney, P (2012) ‘Dealing with Trust and Control A Meta-Model for Trustworthy Information Systems Development’, Sixth International Conference on Research Challenges in Information Science, May 16-18 2012, Valencia, Spain (RCIS 2012)
Kearney, PJ (2012) ‘How real is the cyber-threat?’ Community Resilience Current Issues conference, 4th Annual Community Resilience Week, Edinburgh, 20th March 2012
Kearney, PJ (2012) ‘Tossing the Cyber: Community Resilience in Edinburgh’, BT Global Services Secure Thinking and Let’s Talk Security blog sites
Kearney, P, Sinclair, D and Wagner, S (2012) ‘Security Design Patterns in the MASTER Workbench’, CyberPatterns 2012, Abingdon, UK, 9-10 July 2012. Extended and updated papers published as “Cyberpatterns: Unifiying Design Patterns with Security and Attack Patterns”, Ed. Clive Blackwell and Hong Zhu, Springer, ISBN: 978-3-319-04446-0 (Print) 978-3-319-04447-7 (Online), 2014
Kearney, PJ (2012) ‘Towards a C2I Platform for Combating the Cyber-threat’, Keynote talk at Workshop on Information Security Theory and Practice (WISTP) 2012, Royal Holloway, Egham, UK, 20-22 June 2012, Proceedings published as “Information Security Theory and Practice. Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems”, Ed Askoxylakis, Pöhls and Posegga, pub Springer, Security and Cryptology Series, ISBN 978-3-642-30955-7, 2012
Kearney, PJ (2012) ‘Of blunt instruments and sharp practices’, BT Global Services Secure Thinking and Let’s Talk Security blog sites
Kearney, PJ (2013) ‘Should you get your retaliation in first?’, BT Global Services Let’s Talk Security blog site
Cui, Z, Herwono, I, Kearney, PJ (2013) ‘Multi-stage Attack Modelling’, CyberPatterns 2013, Abingdon UK, 8-9 July 2013
Kearney, PJ (2013) ‘Multi-Stage Attack Modelling: your new weapon against sophisticated cyber attacks’, BT Global Services Let’s Talk Security blog site, 16 August 2013
Pavlidis, M, Islam, S, Mouratidis, H, Kearney, P (2014) ‘Modeling Trust Relationships for Developing Trustworthy Information Systems’, International Journal of Information Systems Modeling and Design 5(1), 25-48, January-March 2014
Ed Paul Kearney (BT) and Zeta Dooly (2015) "Business Cases and Innovation Paths", Report of Working Group 3 of the EU Network and Information Security Platform. (Issue 1.1), May 2015
Kenny Doyle, Zeta Dooly and Paul Kearney (2015) ‘What’s So Unique About Cyber Security?’, 4th Cybersecurity & Privacy Innovation Forum 2015, Brussels, April 2015. Revised selected papers pub by Springer as Cyber Security and Privacy, Communications in Computer and Information Science 530, ISBN 978-3-319-25360-2, Ed. Frances Cleary and Massimo Felici
Paul Kearney (2015) ‘Three reasons we really need innovation in cyber security’. BT Global Services Let’s Talk Security blog site, 20 August 2015
Paul Kearney (2015) ‘Breaking down barriers to security innovation’ BT Global Services Let’s Talk Security blog site, 10 September 2015
EU NIS Platform WG3 (2015), “Cybersecurity Strategic Research Agenda – SRA”, Peer reviewed publication of the European Network and Information Security Platform, August 2015, Paul Kearney is named as a contributing author
Elaine Cook and Paul Kearney (2015), “Security Challenges and Cybercrime: Securing the Internet of Things”, Journal of the Institute of Telecommunications Professionals, Vol 9 Part 4
Prpl Foundation Security Working Group (2016), “Security Guidance for Critical Areas of Embedded Computing”, Peer reviewed publication of the prpl Foundation, January 2016
ECSO (2016), “European Cybersecurity Strategic Research and Innovation Agenda (SRIA) for contractual Public-Private-Partnership (cPPP)”, June 2017, Paul Kearney is named as a contributing author
IoT Security Foundation (2016), “Connected Consumer Products Best Practices Guidelines Release 1.0”, December 2016, https://iotsecurityfoundation.org/best-practice-guidelines/, Paul Kearney is named as a contributing author
ECSO WG6 (Strategic Research and Innovation Agenda) (2017), “Input to Horizon 2020 Work Programme 2018-2020”, January 2017, Paul Kearney was a major contributor and joint editor of the section on Transversal Infrastructures.
Horizon 2020 Protection and Security Advisory Group (PASAG) (2017), “PASAG Working Group 1: Leveraging R&D&I to develop capability and enhance security industry sub-sectors”, January 2017, Paul Kearney is named as a contributing author
Kearney, Paul (2020) IoT Security: experience is an expensive teacher. In: Internet of Things: from Data to Insight. Wiley, pp. 107-120. ISBN ISBN: 978-1-119-54526-2
Muhammad, Mujahid and Kearney, Paul and Aneiba, Adel and Kunz, Andreas (2020) Efficient Distribution of Key Chain Commitments for Broadcast Authentication in V2V Communications. IEEE Conference on Vehicular Technology (VTC). (In Press)
Adaros-Boye, Carolina and Kearney, Paul and Josephs, Mark (2020) Continuous Risk Management for Industrial IoT: a Methodological View. In: 14th International Conference on Risk and Security of Internet and Systems, 29th to 31st of October, 2019, Hammamet, Tunisia.
Adaros Boye, Carolina and Kearney, Paul and Josephs, Mark (2018) Cyber-risks in the Industrial Internet of Things (IIoT): towards a method for continuous assessment. In: 21st Information Security Conference ISC 2018, 9 to 12 September, 2018, Guildford.
Ghirardello, Kevin and Maple, Carsten and Ng, Daniel and Kearney, Paul (2018) Cyber Security of Smart Homes: Development of a Reference Architecture for Attack Surface Analysis. In: Living in the Internet of Things: A PETRAS, IoTUK & IET Conference, Forum & Exhibition, 28th-29th March 2018, London, UK.
Wang, Xiao-Si and Herwono, Ian and Di Cerbo, Francesco and Kearney, Paul and Shackleton, Mark (2018) Enabling Cyber Security Data Sharing for Large-scale Enterprises Using Managed Security Services. In: 4th IEEE Workshop on Security and Privacy in the Cloud, 30th May 2018, Beijing, China.
Ghahremanlou, Lida and Tawil, Abdel-Rahman H. and Kearney, Paul and Zhao, Xia and Nevisi, Hossein and Abdallah, Ali E. (2018) A Survey of Open Data Platforms in Six UK Smart City Initiatives. The Computer Journal. ISSN Online ISSN 1460-2067 Print ISSN 0010-4620