About

The SEAD group investigated and developed systematic approaches for engineering secure, adaptive, and usable software systems in an increasingly complex and dynamic world. Their research spanned multiple areas of software engineering and was grounded in real-world application domains. They created automated techniques and tools to support all stages of software development — from analysis and design to implementation, testing, and maintenance.

Research Areas

Automated Software Engineering

The group developed tools for architecture repair, design composition, security analysis, code restructuring, program comprehension, and consistency management.

• In Requirements and Code, they produced a diff and patch tool to detect meaningful program changes and an automated approach for monitoring and diagnosing software requirements, including detecting ambiguities in natural language.
• In Traceability, they created rule-based and genetic algorithm techniques for automatically generating and optimising traceability links across diverse software artefacts. They also supported bidirectional model transformations and causal traceability in adaptive security systems.
• Security, Privacy, and Forensics they developed automated methods for engineering secure, privacy-aware, and forensic-ready systems. Tools included FICS for collaborative security, Packrat for data privacy and exchange, and Social-Lift for forensic evidence collection.

Requirements Engineering and Design

The group focused on problem-oriented approaches to representing and analysing software requirements and employed formal techniques for reasoning about partial, ambiguous, or inconsistent descriptions. Their work linked requirements and design phases to produce adaptive and stable architectures, applied across domains such as air traffic management, healthcare systems, and software product lines.

Key outputs included papers and projects such as PASS, MaTREx, Weaving Requirements and Architectures, and the landmark publication Requirements Engineering: A Roadmap.

Engineering Adaptive Software Systems

SEAD explored how software systems could monitor and adapt to their environments and evolve effectively over time. They produced frameworks, processes, and guidelines for engineering adaptive software, including:

• Techniques for adaptive information security and runtime adaptation of service compositions.
• Tool-supported approaches like intentional views for detecting design violations and coordination contracts for runtime adaptation.
  Notable outputs included Self-Adaptation through Incremental Generative Model Transformations and Engineering Adaptive Model-Driven User Interfaces.

Empirical Studies of Software Engineering

The group also conducted extensive empirical studies to understand real-world software development practices. Using qualitative and quantitative methods, they examined:

• How developers think, collaborate, and use notations.
• Effective design principles and tool use in professional contexts.
  Their research emphasised naturalistic observation and long-term studies, producing influential works such as Software Design Decoded: 66 Ways Experts Think and The Role of Ethnographic Studies in Empirical Software Engineering.

Interaction Design

SEAD investigated user experience in cyber-physical systems, addressing challenges of complexity, scalability, and interaction through haptics, voice, gesture, and ambient interfaces. They developed new approaches to integrate adaptive UX design into these systems.
Key projects included STRETCH: Socio-Technical Resilience for Enhancing Community Healthcare and publications such as Interaction Design: Beyond Human-Computer Interaction and Visual Simple Transformations: Empowering End-Users to Wire IoT Objects.

Application Domains

The SEAD group applied its research across a wide range of real-world domains, including aerospace, healthcare, policing and forensics, adaptive security, privacy, and sustainability. Their work addressed both technical and human factors to ensure systems were dependable, adaptive, and privacy-aware.

Aeronautics and Aerospace

SEAD focused on dependable software for aviation safety and security, analysing failures in existing systems to improve assurance methods. They studied incidents such as the Ariane 5 failure to develop better techniques for systematic software analysis. The group also created the OpenArgue tool, which supported reasoning about security arguments, and developed a security requirements ontology applied to air traffic management in the EU SecureChange project. Their work extended to defining new aviation safety requirements for global aircraft tracking in the Internet of Things era.

Healthcare and Wellbeing

In the healthcare domain, SEAD explored how wearable and Internet of Things (IoT) technologies could enhance wellbeing and medical care. They applied smartwatches, mobile apps, and sensors to measure activity, sleep, mood, and physiological health, with a particular focus on privacy management for personal data.

Collaborating with Milton Keynes University Hospital, they studied patient recovery after knee surgery to optimise outcomes and designed interfaces for selective data sharing. Major projects included STRETCH, Privacy Dynamics, Monetize Me, and PRiMMA.

Policing and Forensics

SEAD worked closely with over 15 UK police forces through the Open University’s Centre for Policing Research and Learning to develop digital forensic tools and methods. Their research examined how social media evidence could be handled forensically and privately.

They designed the Verifiable Limited Disclosure (VLD) protocol—using cryptographic hashing and encryption—to allow witnesses or suspects to share verified parts of their social media data with police. This approach was implemented as a Facebook app called Social-Lift, later trialled with Gwent Police. SEAD also contributed to forensics education, including postgraduate teaching and authorship of the textbook From Crime Scene to Court.

Security and Privacy

The group’s research in this area aimed to engineer adaptive systems that remained secure, privacy-aware, and forensically ready throughout their lifetimes. Their work explored how human behaviour interacts with security technologies, supported by major funding from the European Research Council (ERC).

They advanced methods for service discovery and replacement at runtime, adaptive information security, and privacy engineering, including projects such as Privacy Arguments, Privacy Awareness Requirements, and Privacy Distillation. Other studies examined how developers could be motivated and supported to write secure software, exemplified by Why Johnny Doesn’t Write Secure Software and Motivating Jenny to Write Secure Software.

Sustainability

SEAD also applied adaptive technologies to address sustainability challenges in energy, transport, and food security. They developed methodologies to study domestic energy use and designed tools to help households optimise self-generated solar power, including research into electric vehicles and appliance use.

Their “Feed Me, Feed Me” project created an IoT-based ecosystem to support food security across personal, family, community, and national levels. In addition, SEAD explored smart city technologies within the MK: Smart initiative to advance urban sustainability.

Outreach

The SEAD group combined research excellence with education, public outreach, industry collaboration, and global capacity building to extend the impact of its work beyond academia.

In education, the group developed a range of online courses on topics such as cyber security, coding, and smart cities, delivered through FutureLearn and made freely available as open educational resources via OpenLearn. These included Introduction to Cyber Security, created in partnership with the UK National Cyber Security Centre and shortlisted for the Best Cyber Security Education Programme at the *SC Media Cyber Security Awards Europe 2017; Learn to Code for Data Analysis, which introduced learners to programming and open data visualisation; and Smart Cities, produced as part of the MK: Smart project.

The group’s expertise also informed the Open University’s curriculum, contributing to undergraduate and postgraduate programmes in Computing & IT, Software Engineering, Network Security, and Information Security & Forensics.

Through public engagement, SEAD raised awareness of digital security and innovation among diverse audiences. The group organised exhibitions such as Security & Privacy for All at the National Museum of Computing, contributed to television programmes including The Virtual Revolution and Horizon: Monitor Me, and participated in numerous public lectures and discussion panels to communicate its research more widely.

In industry engagement, SEAD collaborated closely with commercial and public sector organisations. Researchers served within the Open University’s Cisco Networking Academy Support Centre, delivered cyber security awareness training, and supported professional workforce development through tailored programmes for industry partners. Their research also led to several commercialisation initiatives, including technologies for medical practitioners, social media evidence collection tools for police investigations (e.g., social-lift.com), haptic privacy-management interfaces, and adaptive security solutions.

SEAD’s commitment to global capacity building extended the reach of its expertise worldwide. The group partnered with Qatar University on the KINDI Open Courses on Cyber Security, collaborated on the Ghana Cyber Security Education Programme, and supported the UK Science & Innovation Network by running cyber security and human behaviour workshops in Qatar. SEAD researchers also contributed to policy development, advising on national research strategies in Qatar, cyber security regulation in Botswana, and the cyber security implications of emerging technologies for ENISA, the European Union Agency for Cybersecurity.