Dr Yulia Cherdantseva
(hi/ei)
Darllenydd mewn Systemau Diogelwch a Gwybodaeth Seiber
Yr Ysgol Cyfrifiadureg a Gwybodeg
- Ar gael fel goruchwyliwr ôl-raddedig
Trosolwyg
Mae Dr Yulia Cherdantseva yn Ddarllenydd yn yr Ysgol Cyfrifiadureg a Gwybodeg ym Mhrifysgol Caerdydd. Hi yw Cyfarwyddwr Canolfan Ragoriaeth Academaidd mewn Addysg Seiberddiogelwch (ACE-CSE) Prifysgol Caerdydd.
Mae Dr Cherdantseva yn gyd-gyfarwyddwr y Sefydliad Arloesi Prifysgol Trawsnewid Digidol (DTUII) ochr yn ochr â'r Athro Pete Burnap (COMSC) a'r Athro Tim Edwards (CARBS).
Mae Dr Cherdantseva yn aelod o Fwrdd Gweithredol / Golygyddol prosiect CyBOK , prosiect cenedlaethol a ariennir gan y Rhaglen Seiberddiogelwch Genedlaethol sy'n canolbwyntio ar godio'r wybodaeth seiberddiogelwch.
Mae Dr Cherdantseva yn aelod gweithgar o Ganolfan Ymchwil Seiberddiogelwch Caerdydd, sy'n cael ei chydnabod gan NCSC ac EPSRC fel Canolfan Ragoriaeth Academaidd mewn Ymchwil Seiberddiogelwch. Yn 2015-2016, bu'n gweithio fel ymchwilydd arweiniol ar y prosiect "Rheoli Goruchwylio a Chaffael Data Systemau Seiberddiogelwch Bywyd Seiberddiogelwch (SCADA-CSL)" a ariannwyd gan Grŵp Airbus Endeavr Cymru a Llywodraeth Cynulliad Cymru, lle datblygodd estyniad graffigol newydd SCADA Seiberddiogelwch, Diogelwch a Risg (SCADA CSSR) ar gyfer BPMN 2.0 a model dibyniaeth ffurfweddadwy o system SCADA. Yn 2020-2021, arweiniodd brosiect a ariannwyd gan NCSC a RISCS, a oedd yn canolbwyntio ar wneud penderfyniadau seiberddiogelwch ar gyfer BBaChau a arweiniodd at ddatblygu'r Canllaw Arfer Gorau i BBaChau mewn Gwneud Penderfyniadau Buddsoddi Seiberddiogelwch (ar gael yn Gymraeg a Saesneg). Yn 2021, dyfarnwyd grant EPSRC iddi ar gyfer datblygu fframwaith ar gyfer llyfrau chwarae seiberddiogelwch gwybodus a chyfoethog metrig ar gyfer gwella gwytnwch CNI. Mae prototeip yr offeryn a ddatblygwyd yn y prosiect hwn sy'n cefnogi dyluniad llyfrau chwarae seiberddiogelwch ar gael i'w hadolygu gan y cyhoedd.
Mae gan Dr Cherdantseva ddiddordeb gweithredol mewn addysg a hyfforddiant seiberddiogelwch ar bob lefel - ysgolion uwchradd, rhaglenni gradd israddedig ac ôl-raddedig, prosiectau ymchwil PhD a chyrsiau Datblygiad Proffesiynol Parhaus – mae hi wedi bod yn cymryd rhan ac yn arwain mentrau ar draws yr holl lefelau hyn. Mae Dr Cherdantseva yn angerddol am gydraddoldeb, amrywiaeth a chynhwysiant ym maes seiberddiogelwch – mae'n aelod o Bwyllgor Llywio'r CIISec, "Women in Cyber" ac o weithgor CREST ar Amrywiaeth. Mae cyhoeddiadau diweddar ar EDI mewn seiber yn cynnwys 'How you can help more women study cyber security' yn SC Magazine a 'More Women in Cyber Security: The Whys and the Hows' yng nghylchgrawn CIISec's Pulse (2020).
Cyhoeddiad
2024
- Williams, L., Anthi, E., Cherdantseva, Y. and Javed, A. 2024. Leveraging gamification and game-based learning in cybersecurity education: Engaging and inspiring non-cyber students. Journal of The Colloquium for Information Systems Security Education 11(1) (10.53735/cisse.v11i1.186)
2023
- Shaked, A., Cherdantseva, Y., Burnap, P. and Maynard, P. 2023. Operations-informed incident response playbooks. Computers and Security 134, article number: 103454. (10.1016/j.cose.2023.103454)
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2023. A systematic method for measuring the performance of a cyber security operations centre analyst. Computers and Security 124, article number: 102959. (10.1016/j.cose.2022.102959)
2022
- Shaked, A., Cherdantseva, Y. and Burnap, P. 2022. Model-based incident response playbooks. Presented at: 17th International Conference on Availability, Reliability and Security, Vienna, Austia, 23-26 August 2022ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security. ACM pp. 1-7., (10.1145/3538969.3538976)
- Shaked, A., Cherdantseva, Y. and Burnap, P. 2022. Model-based incident response playbooks. Presented at: ARES 2022: The 17th International Conference on Availability, Reliability and Security, 23-26 August 2022ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security. New York: Association for Computing Machinery, (10.1145/3538969.3538976)
- Cherdantseva, Y., Burnap, P., Nadjm-Tehrani, S. and Jones, K. 2022. A configurable dependency model of a SCADA system for goal-oriented risk assessment. Applied Sciences 12(10), article number: 4880. (10.3390/app12104880)
2020
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2020. Cyber security operations centre concepts and implementation. In: Yaokumah, W. et al. eds. Modern Theories and Practices for Cyber Ethics and Security Compliance. IGI Global, pp. 88-104., (10.4018/978-1-7998-3149-5.ch006)
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2020. Challenges and performance metrics for security operations center analysts: a systematic review. Journal of Cyber Security Technology 4(3), pp. 125-152. (10.1080/23742917.2019.1698178)
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2020. Towards a framework for measuring the performance of a security operations center analyst. Presented at: IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020), Dublin, Ireland, 15-17 June 2020.
2018
- De Ribaupierre, H., Jones, K., Loizides, F. and Cherdantseva, Y. 2018. Towards gender equality in software engineering: the NSA approach. Presented at: GE’18:IEEE/ACM 1st International Workshop on Gender Equality in Software Engineering, Gothenburg, Sweden, 28 May 2018GE’18: GE’18:IEEE/ACM 1st International Workshop on Gender Equality in Software Engineering. New York: ACM pp. 10-13., (10.1145/3195570.3195579)
2017
- Eden, P., Blyth, A., Jones, K., Soulsby, H., Burnap, P., Cherdantseva, Y. and Stoddart, K. 2017. SCADA system forensic analysis within IIoT. In: Thames, L. and Schaefer, D. eds. Cybersecurity for Industry 4.0: Analysis for Design and Manufacturing. Springer Series in Advanced Manufacturing, pp. 73-101., (10.1007/978-3-319-50660-9_4)
- Burnap, P., Cherdantseva, Y., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K. 2017. Determining and sharing risk data in distributed interdependent systems. IEEE Computer 50(4), pp. 72-79. (10.1109/MC.2017.108)
2016
- Cherdantseva, Y., Rana, O., Ivins, W. and Hilton, J. 2016. A multifaceted evaluation of the reference model of information assurance and security. Computers and Security 63, pp. 45-66. (10.1016/j.cose.2016.09.007)
- Eden, P., Blyth, A., Burnap, P., Cherdantseva, Y., Jones, K., Soulsby, H. and Stoddart, K. 2016. Forensic readiness for SCADA/ICS incident response. Presented at: 4th International Symposium for ICS & SCADA Cyber Security Research, Queen's University Belfast, Belfast, UK, 23-25 August 2016.
- Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K. 2016. A review of cyber security risk assessment methods for SCADA systems. Computers and Security 56, pp. 1-27. (10.1016/j.cose.2015.09.009)
2015
- Eden, P., Blyth, A., Burnap, P., Cherdantseva, Y., Jones, K., Hugh, S. and Kristan, S. 2015. A cyber forensic taxonomy for SCADA systems in critical infrastructure. Presented at: The 10th International Conference on Critical Information Infrastructures Security 2015 (CRITIS 2015), Berlin, Germany, 5-7 October 2015.
2014
- Cherdantseva, Y. 2014. Secure*BPMN - a graphical extension for BPMN 2.0 based on a reference model of information assurance & security. PhD Thesis, Cardiff University.
2012
- Cherdantseva, Y., Hilton, J. C. and Rana, O. F. 2012. Towards SecureBPMN - Aligning BPMN with the information assurance and security domain. Presented at: 4th International Workshop, BPMN 2012,, Vienna, Austria, 12-13 September 2012 Presented at Mendling, J. and Weidlich, M. eds.Business Process Model and Notation: 4th International Workshop, BPMN 2012, Vienna, Austria, September 12-13, 2012. Proceedings, Vol. 125. Lecture Notes in Business Information Processing Springer pp. 107-115., (10.1007/978-3-642-33155-8_9)
Articles
- Williams, L., Anthi, E., Cherdantseva, Y. and Javed, A. 2024. Leveraging gamification and game-based learning in cybersecurity education: Engaging and inspiring non-cyber students. Journal of The Colloquium for Information Systems Security Education 11(1) (10.53735/cisse.v11i1.186)
- Shaked, A., Cherdantseva, Y., Burnap, P. and Maynard, P. 2023. Operations-informed incident response playbooks. Computers and Security 134, article number: 103454. (10.1016/j.cose.2023.103454)
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2023. A systematic method for measuring the performance of a cyber security operations centre analyst. Computers and Security 124, article number: 102959. (10.1016/j.cose.2022.102959)
- Cherdantseva, Y., Burnap, P., Nadjm-Tehrani, S. and Jones, K. 2022. A configurable dependency model of a SCADA system for goal-oriented risk assessment. Applied Sciences 12(10), article number: 4880. (10.3390/app12104880)
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2020. Challenges and performance metrics for security operations center analysts: a systematic review. Journal of Cyber Security Technology 4(3), pp. 125-152. (10.1080/23742917.2019.1698178)
- Burnap, P., Cherdantseva, Y., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K. 2017. Determining and sharing risk data in distributed interdependent systems. IEEE Computer 50(4), pp. 72-79. (10.1109/MC.2017.108)
- Cherdantseva, Y., Rana, O., Ivins, W. and Hilton, J. 2016. A multifaceted evaluation of the reference model of information assurance and security. Computers and Security 63, pp. 45-66. (10.1016/j.cose.2016.09.007)
- Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H. and Stoddart, K. 2016. A review of cyber security risk assessment methods for SCADA systems. Computers and Security 56, pp. 1-27. (10.1016/j.cose.2015.09.009)
Book sections
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2020. Cyber security operations centre concepts and implementation. In: Yaokumah, W. et al. eds. Modern Theories and Practices for Cyber Ethics and Security Compliance. IGI Global, pp. 88-104., (10.4018/978-1-7998-3149-5.ch006)
- Eden, P., Blyth, A., Jones, K., Soulsby, H., Burnap, P., Cherdantseva, Y. and Stoddart, K. 2017. SCADA system forensic analysis within IIoT. In: Thames, L. and Schaefer, D. eds. Cybersecurity for Industry 4.0: Analysis for Design and Manufacturing. Springer Series in Advanced Manufacturing, pp. 73-101., (10.1007/978-3-319-50660-9_4)
Conferences
- Shaked, A., Cherdantseva, Y. and Burnap, P. 2022. Model-based incident response playbooks. Presented at: 17th International Conference on Availability, Reliability and Security, Vienna, Austia, 23-26 August 2022ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security. ACM pp. 1-7., (10.1145/3538969.3538976)
- Shaked, A., Cherdantseva, Y. and Burnap, P. 2022. Model-based incident response playbooks. Presented at: ARES 2022: The 17th International Conference on Availability, Reliability and Security, 23-26 August 2022ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security. New York: Association for Computing Machinery, (10.1145/3538969.3538976)
- Agyepong, E., Cherdantseva, Y., Reinecke, P. and Burnap, P. 2020. Towards a framework for measuring the performance of a security operations center analyst. Presented at: IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020), Dublin, Ireland, 15-17 June 2020.
- De Ribaupierre, H., Jones, K., Loizides, F. and Cherdantseva, Y. 2018. Towards gender equality in software engineering: the NSA approach. Presented at: GE’18:IEEE/ACM 1st International Workshop on Gender Equality in Software Engineering, Gothenburg, Sweden, 28 May 2018GE’18: GE’18:IEEE/ACM 1st International Workshop on Gender Equality in Software Engineering. New York: ACM pp. 10-13., (10.1145/3195570.3195579)
- Eden, P., Blyth, A., Burnap, P., Cherdantseva, Y., Jones, K., Soulsby, H. and Stoddart, K. 2016. Forensic readiness for SCADA/ICS incident response. Presented at: 4th International Symposium for ICS & SCADA Cyber Security Research, Queen's University Belfast, Belfast, UK, 23-25 August 2016.
- Eden, P., Blyth, A., Burnap, P., Cherdantseva, Y., Jones, K., Hugh, S. and Kristan, S. 2015. A cyber forensic taxonomy for SCADA systems in critical infrastructure. Presented at: The 10th International Conference on Critical Information Infrastructures Security 2015 (CRITIS 2015), Berlin, Germany, 5-7 October 2015.
- Cherdantseva, Y., Hilton, J. C. and Rana, O. F. 2012. Towards SecureBPMN - Aligning BPMN with the information assurance and security domain. Presented at: 4th International Workshop, BPMN 2012,, Vienna, Austria, 12-13 September 2012 Presented at Mendling, J. and Weidlich, M. eds.Business Process Model and Notation: 4th International Workshop, BPMN 2012, Vienna, Austria, September 12-13, 2012. Proceedings, Vol. 125. Lecture Notes in Business Information Processing Springer pp. 107-115., (10.1007/978-3-642-33155-8_9)
Thesis
- Cherdantseva, Y. 2014. Secure*BPMN - a graphical extension for BPMN 2.0 based on a reference model of information assurance & security. PhD Thesis, Cardiff University.
Ymchwil
Research Interests
My main research interest is in the design of secure information systems. More specifically, I am interested in the modelling of secure intra- and inter-organisational business processes. I also research SCADA/ICS cyber security and risk assessment methodologies.
My other research interests are:
- Conceptual and Reference Models of Information Security and Information Assurance
- Evolution of Conceptual and Reference Models of Information Security/Assurance
- Definitions of Information Security/Assurance
- Business Process Modelling (BPMN, UML, IDEF)
- Complex Inter-Organisational Business Processes
- Incorporation of Security, Safety and Risk information into Business Process Models
- Cyber Security in SCADA and ICS systems
Addysgu
Teaching Duties
I am not teaching at the moment, but I have been enjoying teaching in 2010-2014, when I assisted with the following modules:
- CMT602 - SQL
- CMO1102 - Web Applications
- CMO240 - System Design (Group Project)
- CMO206 - Software Engineering
- CMO383 - Management Decision Making
- CMO381 - Information Assurance
Bywgraffiad
EDUCATION
- PhD in Computer Science & Informatics, Cardiff University, UK
- MSc (Hons) in Business Information Systems Design, Russia
Anrhydeddau a dyfarniadau
- PhD scholarship from the School of Computer Science & Informatics, Cardiff University, 2010 -2014
Meysydd goruchwyliaeth
Goruchwyliaeth gyfredol
Iryna Bernyk
Arddangoswr Graddedig