Staff Profiles

I am a Senior Lecturer in Cybersecurity and the co-Group Lead of AMBER at the School of Computing, Newcastle University. Prior to joining Newcastle in 2022, I was an Associate Professor (docent) at the Department of Computer Science and Media Technology, Linnaeus University, Sweden (2014-2023), a Research Associate at the Theoretical Computer Science group, KTH Royal Institute of Technology, Sweden (2012-2014) and a researcher at Braunschweig University of Technology, Germany (2011).

My ongoing research spans developing and applying formal methods to analyse security and design secure (software) systems. I have recently followed two lines of research:

 - language-based security to develop scalable tools and techniques to ensure and enforce security in software applications, 

 - designing self-protecting systems using various techniques such as security games, threat modelling, and formal verification.

Granted Projects

• TRUSTED (SecuriTy SummaRies for SecUre SofTwarE Development, In collaboration with University of Liverpool, Google, OCamlPro), Sep 2023-Aug 2026, Project Lead, Principal Investigator, EPSRC, £919,000.
• PROSSES (Provably Secure Self-protecting Systems), Jan 2017- Dec 2019, Project Lead, Principal Investigator, Knowledge Foundations (KKs), 3.145 MSEK (~325,000 Euro).
• SEADA (Self-Adaptive Actors - Safety Assurance), 2016-2018, Co-Investigator, The Icelandic Research Fund, 315,000 Euro.  

Other Research Projects

– PROSPER (Provably Secure Execution Platforms for Embedded Systems), KTH Royal Institute of Technology, April 2012-May 2014, Researcher.

– ruleIT, NTH (Niedersächsische Technische Hochschule) Focused Research School for IT Ecosystems, Braunschweig, Nov 2010-May 2011, Researcher.

Open positions We look for highly motivated individuals with background in cybersecurity, formal methods or software engineering to join us. We have open postdoc positions in the context of our research project TRUSTED. If you have any questions about these positions, please feel free to contact me.

• Articles

  • Skandylas C, Khakpour N. Design and Implementation of Self-Protecting systems: A Formal Approach. Future Generation Computer Systems 2021, 115, 421-437.
  • Khakpour N. A Field-Sensitive Security Monitor for Object-Oriented Programs. Computers & Security 2021, 108, 102349.
  • Caporuscio M, Flammini F, Khakpour N, Singh P, Thornadtsson J. Smart-troubleshooting connected devices: Concept, challenges and opportunities. Future Generation Computer Systems 2020, 111, 681-697.
  • Skandylas C, Khakpour N, Andersson J. AT-DIFC: Toward Adaptive and Trust-Aware Decentralized Information Flow Control. ACM Transactions on Autonomous and Adaptive Systems 2020, 15(4), 13.

• Book Chapters

  • Talcott C, Ananieva S, Bae K, Combemale B, Heinrich R, Hills M, Khakpour N, Reussner R, Rumpe B, Scandurra P, Vangheluwe H, Duran F, Zschaler S. Foundations. In: Robert Heinrich and Francisco Duran and Carolyn L. Talcott and Steffen Zschaler, ed. Composing Model-Based Analysis Tools. Cham: Springer, 2021, pp.9-37.
  • Talcott C, Ananieva S, Bae K, Combemale B, Heinrich R, Hills M, Khakpour N, Reussner R, Rumpe B, Scandurra P, Vangheluwe H, Duran F, Zschaler S. Composition of Languages, Models, and Analyses. In: Robert Heinrich and Francisco Duran and Carolyn L. Talcott and Steffen Zschaler, ed. Composing Model-Based Analysis Tools. Cham: Springer, 2021, pp.45-70.

• Conference Proceedings (inc. Abstracts)

  • Berthier N, Khakpour N. Symbolic Abstract Heaps for Polymorphic Information-flow Guard Inference. In: 24th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2023). 2023, Boston, US: Springer.
  • Skandylas C, Khakpour N, Camara J. Security Countermeasure Selection for Component-based Software-intensive Systems. In: 22nd IEEE International Conference on Software Quality, Reliability and Security. 2022, Guangzhou, China: IEEE.
  • Skandylas C, Zhou L, Khakpour N, Roe S. Security Risk Analysis of Multi-Stage Attacks based on Data Criticality. In: IEEE/ACM International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS@ICSE). 2021, Madrid, Spain: IEEE.
  • Zeller S, Khakpour N, Weyns D, Deogun D. Self-protection against business logic vulnerabilities. In: 15th IEEE/ACM International Symposium on Software Engineering for Adaptive and Self-Managing Systems. 2020, Seoul, Republic of Korea: ACM.
  • Skandylas C, Khakpour N, Andersson J. Adaptive Trust-Aware Decentralized Information Flow Control. In: IEEE International Conference on Autonomic Computing and Self-Organizing Systems (ACSOS 2020). 2020, Washington, DC, USA: IEEE.
  • Khakpour N, Skandylas C, Nariman GS, Weyns D. Towards secure architecture-based adaptations. In: 14th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS '19). 2019, Montreal, QC, Canada: IEEE Press.
  • Khakpour N, Kleijn J, Sirjani M. A Formal Model to Integrate Behavioral and Structural Adaptations in Self-adaptive Systems. In: 8th International Conference on Fundamentals of Software Engineering (FSEN 2019). 2019, Tehran, Iran: Springer.
  • Khakpour N, Skandylas C. Synthesis of a Permissive Security Monitor. In: 23rd European Symposium on Research in Computer Security (ESORICS 2018). 2018, Barcelona, Spain: Springer.