Train station

A Cranfield-led consortium has won funding that will look into the cyber security risks posed by a digitally-enabled, low-carbon transport service.  

The funding has been awarded by the Engineering and Physical Sciences Research Council (EPSRC), part of the UK Research and Innovation (UKRI), for a new two-year project Managing Cyber security Risks across Consumers, Organisations and Sectors (MACRO). 

Mobility-as-a-service (MaaS) offers travellers a unified service that combines various forms of transport from a single point of delivery. MaaS carries the potential to reduce traffic congestion, improved customer convenience and reduce social inequalities and carbon emissions through the use of public transport.

Ensuring success for MaaS will require a single application to plan and conduct journeys, a software system allowing multiple providers and AI-based analytics allowing journey and resource optimisation. All these interactions are susceptible to a wide range of types of cyber attacks, which can affect different stakeholders of the ecosystems including cyber security of the transport infrastructure and online services and privacy of consumers and employees of MaaS service providers. The complexity of the MaaS ecosystem, including customers, transportation providers anddata providers, and its dependence on the data creates a unique challenge from a cyber security perspective.

Cranfield University will partner with the University of Kent to form a cross-institutional consortium, and work closely with a number of supporting bodies including University of Bath, Oxfordshire County Council, Kent County Council, South East Midlands Local Enterprise Partnership and Transport for the South East. 

Dr Nazmiye Ozkan, Senior Lecturer in Energy Economics and Head of Centre for Energy Systems and Strategy said: “The Government’s ambitions to reach net zero carbon emissions by 2050 means we must strive to reduce global greenhouse gas emissions. Digitisation can help deliver a low carbon transport service to support this.

“The MACRO project will research and develop the world’s first agent-based modelling (ABM) framework explicitly focusing on cyber security and privacy aspects of the MaaS ecosystem. This will be achieved by the use of ABM techniques to define a framework that will model important aspects of a real world MaaS ecosystem, including cross-sector and cross-organisational interactions in the context of mobility, human behaviours, data sharing and privacy, cyber threats and incident responses.”

She continued: “While our ambition is to define a comprehensive view of the MaaS ecosystem, we also intend to focus on a MaaS customers’ perspective.”

A series of focus groups and expert workshops will be used to co-create the research programme and to review findings of the project. Representatives from public and private sectors such as project partners, the National Cyber Security Centre (NCSC), Information Commissioner’s Office (ICO), Ofgem, National Rail, local authorities, transportation operators, service providers interested in developing integrated MaaS solutions will be invited to participate.