Staff Profile

Dr. Carlton Shepherd is a Lecturer in Computer Science at Newcastle University, United Kingdom, within the Secure and Resilient Systems group. He earned his Ph.D. in Information Security from the Information Security Group at Royal Holloway, University of London, and a B.Sc. in Computer Science from Newcastle University. He also serves as the School Ethics Convenor and sits on the Faculty Research Ethics Committee for the SAgE Faculty.

Before his current role, Dr. Shepherd was a Senior Research Fellow at the Smart Card Centre within the Information Security Group at Royal Holloway, University of London. His research was funded through the EU Horizon 2020 EXFILES project, working with European law enforcement agencies and the private sector to develop novel data extraction and mobile security circumvention techniques. His work encompassed side-channel and fault injection attacks against Trusted Execution Environments (TEEs), full-disk encryption, and secure boot sequences on mobile devices.

Dr. Shepherd's expertise includes:

• Mobile and embedded systems security
• Trusted execution environments
• Side-channel and fault injection attacks
• New operating system primitives and CPU designs for isolated execution

He is the author of the book "Trusted Execution Environments," published by Springer Nature (2024), has edited several European Union reports, and advised various private sector and third-sector organisations on the area.

He is an active member of the Linux and RISC-V communities and has contributed to the development of secure systems through his research and publications. His technical publications can be found on his Publications page and on Google Scholar.

He is a Fellow of the Higher Education Academy (FHEA) and a Co-I of the NCSC/GCHQ Academic Centre for Excellence in Cyber Security Research at Newcastle.

Prior to his academic career, Dr. Shepherd worked in fintech at Atom Bank, the UK's first mobile bank, and at OneSpan, a NASDAQ-listed cybersecurity vendor. At OneSpan's Innovation Centre in Cambridge, he served as a research scientist, developing new product offerings and enhancements.

For more information, please visit his personal website at https://cs.gl.

Dr. Shepherd's expertise lies in mobile and embedded systems security, particularly on issues at the interface of hardware and software. This includes trusted execution environments and hardware-assisted methods for enforcing secure execution; side-channel and fault injection attacks; boot-time security; and smart cards, secure elements (e.g. SIM cards) and their applications.

He is currently co-investigator of the Chameleon project (2023-2025), which is pioneering a new class of environmentally-bound CPU designs with instruction- and data-level encryption using RISC-V as the foundational instruction set architecture. He was previously Principal Investigator of the InnovateUK Tensorcrypt project (2021-2022), developing a new data sharing platform using trusted execution environments in collaboration with private sector organisations.

For a list of my publications, see my Google Scholar profile: https://scholar.google.co.uk/citations?user=3V6gC5MAAAAJ&hl=en&oi=ao

• (Co-I): EPSRC "Chameleon," - c.£750,000 (c.£250k Newcastle). [2025-2027]
• (Co-I): NCSC/GCHQ ACE-CSR. [2024-Current]
• (PI): InnovateUK "Tensorcrypt," - c.£75,000 [2021-2022]
• (PI): NUCoRE PhD in Cyber Security studentship - c.£100,000 [2023-2026]
• (PI): SAgE Educational Grant on Artificial Intelligence Misuse in Cyber Security Education - c.£2,500 [2023-2024]
• (PI): Royal Holloway UROP - c.£5,000 [2022]

• CSC8018: Web Technologies (Module Leader)
• CSC8215: Network Security and Ethical Hacking (Module Leader)
• CSC8213: Advanced Topics in Cyber Security (Lecturer)
• CSC3632: System and Network Security (Lecturer).

He has also delivered:

• CSC8208: Research Methods and Group Project in Security and Resilience (Co-module Leader and Lecturer) [2023 and 2024].

Dr Shepherd supervises a range of UGT and PGT on system security from B.Sc. Computer Science, M.Sc. Computer Science (Conversion Course), M.Sc. Advanced Computer Science, and M.Sc. Cyber Security programmes.

• Articles

  • Sha Z, Shepherd C, Rafi A, Markantonakis K. Control-flow attestation: Concepts, solutions, and open challenges. Computers and Security 2025, 150, 104254.
  • Markantonakis K, Meister JA, Gurulian I, Shepherd C, Naeem Akram R, Hani Abu Ghazalah S, Kasi M, Sauveron D, Hancke G. Using Ambient Sensors for Proximity and Relay Attack Detection in NFC Transactions: A Reproducibility Study. IEEE Access 2024, 12, 150372-150386.
  • Shen Y, Shepherd C, Ahmed M, Shen S, Yu S. SGD3QN: Joint Stochastic Games and Dueling Double Deep Q-networks for Defending Malware Propagation in Edge Intelligence-Enabled Internet of Things. IEEE Transactions on Information Forensics and Security 2024, 19, 6978-6990.
  • Shen Y, Shepherd C, Ahmed CM, Shen S, Wu X, Ke W, Yu S. Game-theoretic analytics for privacy preservation in Internet of Things networks: A survey. Engineering Applications of Artificial Intelligence 2024, 133(Part E), 108449.
  • Markantonakis K, Arfaoui G, Ghazalah SA, Shepherd C, Akram RN, Sauveron D. CO-TSM: A Flexible Model for Secure Embedded Device Ownership and Management. Smart Cities 2024, 7(5), 2887-2909.
  • Shen Y, Shepherd C, Ahmed CM, Yu S, Li T. Comparative DQN-Improved Algorithms for Stochastic Games-Based Automated Edge Intelligence-Enabled IoT Malware Spread-Suppression Strategies. IEEE Internet of Things Journal 2024, 11(12), 22550-22561.
  • Shepherd C, Kalbantner J, Semal B, Markantonakis K. A Side-channel Analysis of Sensor Multiplexing for Covert Channels and Application Profiling on Mobile Devices. IEEE Transactions on Dependable and Secure Computing 2023, 21(4), 3141-3152.
  • Shepherd C, Semal B, Markantonakis K. Investigating Black-Box Function Recognition Using Hardware Performance Counters. IEEE Transactions on Computers 2022, 72(7), 2065-2079.

• Authored Book

  • Shepherd C, Markantonakis K. Trusted Execution Environments. Berlin: Springer, 2024.

• Conference Proceedings (inc. Abstracts)

  • Kalbantner J, Markantonakis K, Hurley-Smith D, Shepherd C. ZKP Enabled Identity and Reputation Verification in P2P Marketplaces. In: 3rd International Symposium on Security and Privacy in Blockchain (SPB 2024). 2024, Copenhagen, Denmark: IEEE.
  • Rafi A, Shepherd C, Markantonakis K. A First Look at Digital Rights Management Systems for Secure Mobile Content Delivery. In: 22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications. 2023, Exeter, UK: IEEE.
  • Shepherd C, Markantonakis K, Jaloyan G-A. LIRA-V: Lightweight Remote Attestation for Constrained RISC-V Devices. In: 2021 IEEE Security and Privacy Workshops (SPW). 2021, San Francisco, USA: IEEE.