Research and development

Research and development

Commercial research and projects

Commercial research and projects

Red Overlay
Research and Development
Research and Development
Red Overlay

Service and product innovation

Research and innovation is at the heart of what we do. It enables us to provide unique, and different services to our clients.

We use our experience and understanding of existing best practices across the security and digital forensics areas, and develop unique solutions to address your specific problems.

Where possible, we integrate our existing client base into collaborative research and development project activity and develop unique solutions as needed.

Commercial research

We offer independent commercial research in the areas of information security, eDiscovery/eDisclosure and digital forensics. We bring together our domain-specific expertise with the appropriate research methodologies to deliver quality results to our clients.

We develop research for policymakers, service providers and business stakeholders. This includes evidence-based best practice, knowledge and insights, as well as expertise that can be used for decision making.

Key research areas include:

  • Government security policy development
  • Security standards and regulatory trends assessment
  • Security and forensics technology assessment
  • Market and industry assessment

Key research and development credentials

Our research and development department is led by qualified researchers. With experience in research and innovation management, as well as delivering the outputs which arise from collaborative projects, our team have the knowledge to support you.

Our credentials:

  • eDiscovery and digital forensics
    • Ontology-based data representations of forensic data and metadata
    • Relationship mapping and inference techniques
    • Post security event analysis
    • Early case metadata assessment
    • Advanced forensics data collection
    • Forensics evidence models
    • Data redaction
  • Technology development skills
  • Security-by-design
  • Risk-based checklists and frameworks
  • Local security infrastructures
  • Technology commercialization support
  • Data analytics


We participate in information security, eDiscovery/eDisclosure, and digital forensics research and development project partnerships.

We bring experience of best practice procedures and an understanding of technologies, trends and emerging needs.

See a snapshot of some of our recent project involvement below. 

Situation Aware Security Operations Centre (SAWSOC)

Period: 2013 – 2016         Project Value: €5m


Various physical and logical security technologies exist, but their management and function exists in isolation from each other in a security monitoring context.

While some markets and technologies have merged - for example SEM and SIM have combined into SIEM) logical and physical access control technologies have converged into Identity Management (IM), and security operations environments have evolved considerably - more is needed to improve function and security situation awareness.

SAWSOC has developed an advanced SOC platform that will support accurate, timely and trustworthy detection and diagnosis of attacks. It correlates events from a diverse range of physical and logical security sources to achieve enhanced situational awareness.

The project was supported by three critical infrastructure end-users in the air traffic control, energy distribution and stadium management domains.

Our involvement

We performed a gap analysis technical assessment of performance features for existing logical security technologies (e.g. SIEM, network monitoring solutions) to support SAWSOC requirements development.

We also developed appropriate incident response procedures to support the SAWSOC platform, as well as appropriate forensics data acquisition that facilitates legally admissible evidence capture.

More information:

European Control System Security Incident Analysis Network (ECOSSIAN)

Period: 2013 – 2017         Project Value: €13m

About Ecossian

Both regional economies and the wider federated European and global ecosystem require that critical infrastructures function properly and are effectively co-ordinated from a security protection perspective.

Security threats must not only be managed at the individual critical infrastructure level, but must also be co-ordinated at a national and pan-European overall situation awareness level.

ECOSSIAN attempts to develop a Pan-European platform for mitigating and sharing security threat information at individual, national and Pan-European levels.

The project has a dual focus on both technological and societal/legal aspects of this problem. It aims to develop a community cloud threat sharing network, and ensure that issues around trustworthiness, anonymity, privacy and legality are addressed for relevant ECOSSIAN stakeholders and end-users.

Our involvement

We are supporting the ECOSSIAN project by:

  • doing a technical assessment of use cases and existing security monitoring technologies,
  • carrying out security and privacy risk assessments
  • leading the development of a common data acquisition interface
  • supporting, with the development of incident response procedures, live forensics data acquisition, and business continuity assessments for the ECOSSIAN platform

More information:

Comprehensive Approach to Cyber Roadmap Coordination and Development (CAMINO)

Period: 2013 – 2016         Project Value: €1m


CAMINO was a Pan-European, SME-driven initiative that developed a comprehensive cybercrime and cyber terrorism research strategy, to support the European Commission to prioritize and allocate research funding.

The project also supported the development of stronger links between security research experts and organizations across Europe, aligning with other similar clustering initiatives.

Our involvement

The CAMINO consortium was led by six members of the Industrial Mission Group for Security (IMG-S), with BSI collaborating as an associate member

We led activities around assessing and identifying technologies with disruptive potential for cybercrime and cyber terrorism. We established the current state of the art Technology Readiness Levels (TRLs), as well as leading on activities around the adoption and dissemination of the CAMINO research roadmap.

More information:

Innovation Framework for Privacy and Cyber Security Opportunities (IPACSO)

Period: 2013 – 2015

We participated in developing a set of market and innovation supports for researchers and innovators in the privacy and cybersecurity marketplace.

More information available at