Staff Profiles

I am a Senior Lecturer in Cybersecurity at the Secure and Resilient Systems group, School of Computing, Newcastle University. I also hold a position at the Department of Computer Science and Media Technology, Linnaeus University, Sweden as an Associate Professor (docent).

Prior to joining Linnaeus University in 2014, I was an associate researcher at the Theoretical Computer Science group, KTH Royal Institute of Technology, Sweden (2012-2014) and a researcher at Braunschweig University of Technology, Germany (2011).

My ongoing research spans developing and applying formal methods to analyse security and design secure (software) systems. I have recently followed two lines of research:

 - language-based security to develop scalable tools and techniques to ensure and enforce security in software applications, 

 - designing self-protecting systems using various techniques such as security games, threat modelling, and formal verification.

Granted Projects

• TRUSTED (SecuriTy SummaRies for SecUre SofTwarE Development, In collaboration with University of Liverpool, Google, OCamlPro), Sep 2023-Aug 2026, Project Leader, Principal Investigator, EPSRC, £919,000.
• PROSSES (Provably Secure Self-protecting Systems), Jan 2017- Dec 2019, Project Leader, Principal Investigator, Knowledge Foundations (KKs), 3.145 MSEK (~325,000 Euro).
• SEADA (Self-Adaptive Actors - Safety Assurance), 2016-2018, Co-Investigator, The Icelandic Research Fund, 315,000 Euro.  

Other Research Projects

– PROSPER (Provably Secure Execution Platforms for Embedded Systems), KTH Royal Institute of Technology, April 2012-May 2014, Researcher.

– ruleIT, NTH (Niedersächsische Technische Hochschule) Focused Research School for IT Ecosystems, Braunschweig, Nov 2010-May 2011, Researcher.

Open positions We look for highly motivated individuals with background in cybersecurity and/or formal methods to join us. We have open postdoc positions in the context of our research project TRUSTED and a PhD position in software security and formal methods. If you have any questions about these positions, please feel free to contact me.

• Articles

  • Skandylas C, Khakpour N. Design and Implementation of Self-Protecting systems: A Formal Approach. Future Generation Computer Systems 2021, 115, 421-437.
  • Khakpour N. A Field-Sensitive Security Monitor for Object-Oriented Programs. Computers & Security 2021, 108, 102349.
  • Caporuscio M, Flammini F, Khakpour N, Singh P, Thornadtsson J. Smart-troubleshooting connected devices: Concept, challenges and opportunities. Future Generation Computer Systems 2020, 111, 681-697.
  • Skandylas C, Khakpour N, Andersson J. AT-DIFC: Toward Adaptive and Trust-Aware Decentralized Information Flow Control. ACM Transactions on Autonomous and Adaptive Systems 2020, 15(4), 13.

• Book Chapters

  • Talcott C, Ananieva S, Bae K, Combemale B, Heinrich R, Hills M, Khakpour N, Reussner R, Rumpe B, Scandurra P, Vangheluwe H, Duran F, Zschaler S. Foundations. In: Robert Heinrich and Francisco Duran and Carolyn L. Talcott and Steffen Zschaler, ed. Composing Model-Based Analysis Tools. Cham: Springer, 2021, pp.9-37.
  • Talcott C, Ananieva S, Bae K, Combemale B, Heinrich R, Hills M, Khakpour N, Reussner R, Rumpe B, Scandurra P, Vangheluwe H, Duran F, Zschaler S. Composition of Languages, Models, and Analyses. In: Robert Heinrich and Francisco Duran and Carolyn L. Talcott and Steffen Zschaler, ed. Composing Model-Based Analysis Tools. Cham: Springer, 2021, pp.45-70.

• Conference Proceedings (inc. Abstracts)

  • Berthier N, Khakpour N. Symbolic Abstract Heaps for Polymorphic Information-flow Guard Inference. In: 24th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2023). 2023, Boston, US: Springer.
  • Skandylas C, Khakpour N, Camara J. Security Countermeasure Selection for Component-based Software-intensive Systems. In: 22nd IEEE International Conference on Software Quality, Reliability and Security. 2022, Guangzhou, China: IEEE.
  • Skandylas C, Zhou L, Khakpour N, Roe S. Security Risk Analysis of Multi-Stage Attacks based on Data Criticality. In: IEEE/ACM International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS@ICSE). 2021, Madrid, Spain: IEEE.
  • Zeller S, Khakpour N, Weyns D, Deogun D. Self-protection against business logic vulnerabilities. In: 15th IEEE/ACM International Symposium on Software Engineering for Adaptive and Self-Managing Systems. 2020, Seoul, Republic of Korea: ACM.
  • Skandylas C, Khakpour N, Andersson J. Adaptive Trust-Aware Decentralized Information Flow Control. In: IEEE International Conference on Autonomic Computing and Self-Organizing Systems (ACSOS 2020). 2020, Washington, DC, USA: IEEE.
  • Khakpour N, Skandylas C, Nariman GS, Weyns D. Towards secure architecture-based adaptations. In: 14th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS '19). 2019, Montreal, QC, Canada: IEEE Press.
  • Khakpour N, Kleijn J, Sirjani M. A Formal Model to Integrate Behavioral and Structural Adaptations in Self-adaptive Systems. In: 8th International Conference on Fundamentals of Software Engineering (FSEN 2019). 2019, Tehran, Iran: Springer.
  • Khakpour N, Skandylas C. Synthesis of a Permissive Security Monitor. In: 23rd European Symposium on Research in Computer Security (ESORICS 2018). 2018, Barcelona, Spain: Springer.