Our Groups

Next Generation Web Research

Despite its explosive growth over the last decade, the Web remains essentially a tool to allow people to access information. Semantic Technology extends this by making web-based information much more amenable to computer processing.

The Next Generation Web Research team is engaged in a programme of activities involving the application of semantic technology to business opportunities from long term research through to application-focussed work with BT LOBs and external customers.

Particular application areas include

• enhanced Business Intelligence and Knowledge Management;
• Semantic Information Integration allowing seamless access to an organisation's heterogeneous data silos;
• Next-generation Service-oriented architectures which will offer a far greater degree of automation than is possible with current service-oriented technology.

ICT Infrastructure Virtualisation

IT services delivered over wide-area networks have the potential to radically change the way business is conducted both locally and globally. We are exploring architectures and technologies to realise future service oriented systems. Our particular focus is on management, which represents the outstanding challenge in networked ICT services - both in terms of cost and the ability to respond flexibly to customer demands and a dynamic business environment.

Particular problems being addressed include:

• Role of Service Level Agreements in automated management across organisational boundaries
• Automated management of IT resources (processing and storage)
• Application level message processing to allow routing or transformation of information within or between applications
• Commercial application of Grid technologies
• Interoperable and open approaches to systems management
• Contribution to the IT resources architecture of BT's 21st Century Network

Convergence is a strong theme in our work. As well as convergence of IT and wide-area networking, we are exploring the possibilities in the space where ICT and mobility meet. This convergence is happening but it's more than simply services working across devices - the industries behind those services will also be forced to change the way they define, develop, deploy and operate services. Such fundamental changes in industry structures often break deep-seated assumptions about the value of propositions. Just as digital imaging revealed that end users value the taking of photographs more than their viewing, convergence may show that users perceive value in unexpected aspects of the converged service value chain.

We see the Web 2.0 / mash-up approach crossing over into the mobile area despite resistance from the incumbent stakeholders. We are exploring the opportunities and ensuring BT Group is aware of the opportunities it represents both for the consumer and enterprise markets.

OSS Research

The OSS Research Group carries out research into state of the art technologies in architecting next generation Operational Support Systems (OSS) in order to :

• Provide a world class customer experience of BT's Products and Services
• Radically reduce the costs of developing and integrating OSS systems for existing and new products and services
• Radically decrease the time to market for new services and products, with rapid incorporation of the most appropriate support systems capability
• enable efficient management of products and services right through the product lifecycle from inception to delivery to decommissioning
• Investigate radical alternatives for managing products and services, by employing technologies such as Open Source, Policy Management, and Model Driven Architectures, as well advanced Service Oriented Architectures.

Key activities include:

• Product and Service Assembly (PSA)
• Open Source OSS Propositions
• NG Product Lifecycle Management (PLM)
• Virtualised Resource Management (Total ICT Virtualisation)
• ICT Billing
• ICT Audit
• ICT Root Cause Analysis
• and, Open Systems Innovation Platform.

The OSS Research group, to date has filed 13 patents and has published widely in international conferences, journals as well as BT technology journal and BT Innovation journals. The OSS Group continues to be instrumental to defining technology and architectural roadmaps for key stakeholders in BT Global Services, as well as enabling key quantifiable innovation dividend into the business.

The OSS Research Group has won nine Industry and BT awards for innovation and delivery. In the last 12 months overall wins and finalist places included IET 2006 - finalist for best telco innovation, World Communication Awards 2007- highly commended managed service innovation, 2007 Frost and Sullivan Awards - best managed service innovation, 2007 BT Innovation Awards- winner of the best 21CN Innovation and two further finalists including Best Customer Experience, 2007 Telemanagement Forum Best Catalyst Award, 2007 International Semantic Web Challenge Finalist, individual GCTO award for delivering results, finalist in the 2007 IET awards, and the group has also been entered in the 2007 Infovision awards.

Information Security Research

The Information Security Research Group undertakes research into the range of issues related to the identification and treatment of Risks to the Enterprise. The areas covered include security, operational and business risk and their relationships and the ever changing actions that can be taken to treat these risks in the network and computer environments. As with any type of defence, it is a constantly moving problem as a result of criminals and people who wish to cause harm learning how to defeat the current defence methods and mitigate the effects caused when new technologies are introduced. Our group looks at a wide range of information risk and information security research areas including:

• The development of new risk modelling tools to enable better understanding of risk and the selection of the optimal countermeasures. This research includes methods for representing the information so that it can be of use to a range of users.
• The development of a framework for the understanding and management of security risk in the mobile environment to enable the selection of the most cost effective measures to treat the risk.
• Penetration testing of systems and components to ensure that they are operating as expected
• The detection of anomalous and unusual activity on networks and systems
• The detection of bot-nets and other types of malicious software and the actions that can be taken to mitigate their effects such as Distributed Denial-of-Service (DDoS^?)
• The forensic examination of computers, devices and components to determine what has occurred and whether they have operated as expected

Security Architectures Research

As BT grows its converged networked services business, research on IT Security contributes to meeting our vision of BT becoming the world leader in secure and high-performing network-centric ICT solutions. Security Architectures research at BT aims to facilitate such growth by producing new solution concepts, by investigating technology choices, by producing interoperable security profiles, and by developing design patterns and best-practice guidance as well as prototypes serving as showcases of innovation based on the convergence of Service Oriented Architecture (SOA), Grid Computing and Web Services technologies. Currently our research focuses on the following aspects:

• Federating identities across security/administrative domains. We produce novel security solutions, policies and protocols for enabling the just-in-time federation of distinct and autonomous security / administrative domains that may be limited to the duration of a mission-critical activity.
• Autonomic security policy management and enforcement. We produce novel techniques and technology for automating security policy management for service provision and enabling, on the one hand, the automatic deployment of policies across different security domains, and, on the other hand, the automatic adaptation of policy enforcement and infrastructure configuration in response to contextual changes.
• Secure service management. We research extensions of emerging application virtualisation technology and service management protocols in order to: (a) secure service management, and (b) achieve an appropriate abstraction of security enforcement mechanisms therefore, enabling services making security policy decisions to control security enforcement over diverse execution environments.
• Dynamic Security Perimeters. Our research brings about a new perspective to deperimeterization; by showing how the configuration of content-sensitive security firewalls, of service gateways and of application-level security enforcement points can be coordinated and adapted in real time in order to create a virtualised dynamic security perimeter upon the aggregation of manageable security enforcement points across the converged network.

Enterprise Risk Research

Approaches based on risk management are now seen as best practice for most aspects of enterprise governance. Many regulations and standards demand that effective risk management systems are in place, and auditors and certification bodies assess compliance on this basis. This emphasis recognises firstly that we live in an uncertain world, and secondly that it is neither affordable nor practical to guard against every possible adverse eventuality. Risk Management is about manipulating the probabilities of possible outcomes in a given situation. The risk associated with a given outcome is a combination of measures of likelihood and (un)desirability (or 'impact') of the outcome. In some disciplines (e.g. security and business continuity), the emphasis is on reducing the probabilities of undesirable outcomes, whereas in others (e.g. investment in the stock market) it is on increasing the probability of desirable ones.

At 'design time', risk management involves making investment decisions about whether and how to take steps to alter one or both of these properties. The reduction in risk expected from introduction of a control must be weighed against the costs, including less tangible factors such as reduction in productivity or convenience. At 'run-time' risk management involves assessing the effectiveness of the controls and altering policies governing their operation as appropriate. Again there is a trade-off involved in this decision. For example, reducing the risk of disruption to a process may involve reserving additional resources or running at a slower rate. Such trade-offs depend on an enterprise's preference for certainty at the expense of the possibility of range of outcomes including ones with greater profit and loss. This preference is generally known as 'risk appetite'. Except in topics such as credit card fraud, where statistical information can be used to predict the future with a high degree of confidence, risk management is currently a matter for subjective judgement.

Existing approaches provide a framework for making decisions, but the decisions themselves rely on expert knowledge, experience and judgement. Furthermore, they typically address risks individually, whereas in reality they are linked by complex networks of dependencies. Our work adopts a model-driven approach and is aimed at putting risk management on a scientific footing and at providing automated support in the form of software tools. We have mainly focused on security and continuity risks, but believe the approach can be generalised. The 'virtual research team' is led by Paul Kearney and includes personnel from the Information Security and OSS research teams and students and academics at ETH Zurich, UCL, the Open University and Cambridge University. We are funded by the ICT venture, the Strategic Research Programme, BT Global Services (for work on the Resilient Enterprise) and the European Commission's FP 7 programme (for participation in the MASTER and iNTeg-Risk collaborative projects).

Future Technologies

The Future Technologies Group (FTG), led by Mark Shackleton, focuses on performing strategic and applied research in the areas of Adaptive Systems and Adaptive Interfaces (collectively: “Adaptive ICT”).

The first principal area, Adaptive Systems, includes research in the field of Autonomic Computing and Nature-Inspired Systems. “Autonomic Computing” is motivated by critical business issues which relate to the reliability and cost of ICT deployment and maintenance. Traditional engineering methodologies offer only incremental benefits, whereas autonomic (i.e. self-managing) solutions offer the potential for radical improvements.

The second principal area, Adaptive Interfaces, encompasses research employing “adaptive” technologies such as community web 2.0 feedback mechanisms, visual programming metaphors and nature-inspired or lightweight “bottom-up” architectures and design principles. These techniques have resulted in IPR and applications such as Hubbub, BT Rules and Recommender services, all of which have demonstrated innovative aspects and commercial relevance to the business.

FTG also leads the “Green ICT” task force which has defined a number of activities in the “sustainability research” domain to underpin future BT services in this area, seeking to create associated intellectual capital within R&V. Green ICT, also called “Clean ICT” or “Sustainable ICT”, promises significant future commercial opportunities for BT as the world moves towards a “low carbon economy”. The research is currently investigating several topics, including quantitative modelling of home-versus-office working tradeoffs w.r.t. energy and carbon reduction, calculating ICT Service carbon footprints and energy costs, Smartgrid and Network energy reduction.