Skip to content

Mr Ian Bryant

Job: Technical Director, Trustworthy Software

Faculty: Technology

School/department: School of Computer Science and Informatics

Address: Gateway House, De Montfort University, The Gateway, Leicester, LE1 9BH UK

T: +44 116 255 1551




Personal profile

Ian Bryant is seconded to De Montfort University (DMU) from government, and has three main roles:

  1. Programme Manager and Technical Director of the UK Trustworthy Software Initiative (TSI)
  2. Visiting Lecturer in Cyber Security Centre (CSC)
  3. Security Controller for the CSC

He has been involved with "Cyber Security" (and its various predecessor terms!) for most of his career, in a variety of roles including Investigation / Incident Response, Security Architecture, Systems Accreditation, Research and Technology Management, and Policy Development. 

In the context of Trustworthy Software, he he was intimately involved with various predecessor activities of TSI, including leading the original Cabinet Office (CSIA) study on Secure Software Development, being the Technical Manager for the Pilot Operation of the CSIA (now CESG) Claims Tested Mark (CCT Mark) Scheme, contributing to the Technology Strategy Board (TSB) Cyber Security Knowledge Transfer Network (CSKTN) Special Interest Group (SIG) on Secure Software Development, and finally leading the Secure Software Development Partnership’s (SSDP) SIG on Standards.

In the wider context, he helped found the National Information Assurance Forum (NIAF - formerly “GIPSI”), was lead Information Security specialist for the recent European Commission (EC) funded MS3i and NEISAS Projects, and is heavily involved with Standardisation, as detailed in the External Committee section. Anyone interested in assisting with UK input to Standards is welcome to get in touch.

He is also a frequently invited speaker at a variety of conferences in both the UK and internationally.

Publications and outputs 

  • [ACSAC29] “Behavioural Barriers to Trustworthiness”; Bryant I R C; ACSAC29; December 2013
  • [ACSAC28] “Gaps in Achieving Software Trustworthiness”; Bryant I R C; ACSAC28; December 2012
  • [NATO] “A Pareto Approach to Software Dependability”,  Bryant I R C; NATO Research Symposium on Information Assurance and Cyber Defence; September 2012
  • [CrossTalk] “Challenges To A Trustworthy Cyber Ecosystem”; Bryant I R C and Mahrra J K; CrossTalk – The Journal of Defense Software Engineering; September 2012
  • [E&T] “Terminology : Differentiating Threats, Hazards, and Adversities” (Bryant I R C) in “Safety and security convergence – a new era?” (Piggin R and Sandom C); IET E&T; September 2012
  • [SQM] “Towards a Trustworthy Software Ecosystem”; Bryant I R C; SQM2012; August 2012
  • [BCS] “Challenges in Securing Software”; Bryant I R C; Information Security Now; Spring 2012
  • [ACSAC25] “Challenges in Sharing Security Information”; Bryant I R C; ACSAC25; December 2009
  • [TF-CSIRT] “Profiles for Warning Dissemination”; Bryant I R C and Freeman D J; TF-CSIRT; June 2007
  • [NISCC] “Software Pathogens: Assessing the Risk”, Bryant I R C; NISCC Quarterly Review; Winter 2003

Research interests/expertise

  • Electromagnetic Resilience
  • Information Security Architectures
  • Management of Extreme Risks
  • Software Composability, Traceability and Testing
  • Use of Structured Data and Metadata

Areas of teaching

  • Cyber Risk
  • Electromagnetic Engineering & Resilience
  • Incident management
  • Information Sharing
  • Information Security Architectures
  • Trustworthy Software
  • Validation and Verification

Membership of external committees

  • BSI IST/033 - Information Security (Deputy Chair IST/033/-/4)
  • BSI IST/015 - Systems and Software Engineering
  • BSI IST/038 - Distributed Application Processes and Services
  • ETSI MTS - Management of Test and Specification (Security SIG Rapporteur)

Membership of professional associations and societies



Trustworthy Software Initiative (TSI)

Key research outputs

  • [IRTM] The Information Recipient Trust Metric, developed as part of the “Messaging Standard for Sharing Security Information” (MS3i) Project (Funded by the European Commission (EC), Directorate General for Justice, Freedom and Security (DG JLS) as part of the “European Programme for Critical Infrastructure Protection” (EPCIP) Programme (JLS/2007/EPCIP/007), performed with the support of the EC DG JLS “Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks” Programme), as detailed at [ACSAC25]
  • [VEXWM] The Vulnerability and Exploit Extensible Weighting Metric, developed as part of the “IT Security Awareness for Everyone” (ITSafe) Project funded by HM Government, as detailed at [TF-CSIRT]

Search Who's Who