Generalised Context Privacy

Connectivity and automation are increasingly being introduced to physical systems that previously lacked them. This introduces new threats to these systems, including by revealing sensitive information to an adversary making observations on the system and the context in which the system takes actions. Many domains (e.g., wireless sensor networks, vehicles) have independently had context privacy preserving techniques developed for these threats (e.g., onion routing, change in identity, change in behaviour).

Different privacy threats at different stages conveying information to an adversary. Context privacy threat via direct observations. Content privacy threats to data.
Example privacy threats at various stages of an arbitrary system performing actions.


Developing context privacy preserving techniques is a lengthy process and does not allow for rapid responses to novel context privacy threats. This poses a danger to users of systems which operate without suitable context privacy controls and potentially leads to sensitive operational information being revealed. This project will work towards providing a capability to “prevent and resist cyber attacks more effectively”, which was highlighted in the UK’s National Cyber Strategy 2022.


This project will:

  1. develop a suite of context privacy controls for an arbitrary system,
  2. demonstrate their efficacy via suitable quantification, and then
  3. using example systems, develop domain-specific translators such that the general context privacy techniques can applied to real-world systems.

By doing so, when novel context privacy threats are identified, only domain-specific translators need to be developed. This allows for faster and more agile responses to novel context privacy threats, thus minimising information conveyed by system actions to an adversary — protecting both the system and its users.

Using domain specific translators to apply generalised context privacy controls for various applications.
Using context privacy solutions for the general model and applying them to specific applications.

Research Questions

This research project will address how controls should be introduced on actions taken by an arbitrary system to reduce the information revealed to an adversary observing that system. This can be divided into three focused research questions:

  1. What controls are required to reduce the information an arbitrary system reveals during its operation?
  2. How should context privacy the system and the cost of providing it be quantified?
  3. How should techniques for providing context privacy on an arbitrary system be translated to a real-world system?


Role: Project Lead (previously called Principle Investigator)

Funder: Engineering and Physical Sciences Research Council [EP/X040038/1]

Duration: 3 Years (Dates TBA)