Prof. David J. Pym

Professor David J. Pym, MA (Cambridge), PhD (Edinburgh), ScD (Cambridge), FIMA, CMath, FBCS, CITP

Professor of Information, Logic, and Security at UCL
Faculty Fellow, Alan Turing Institute

David's UCL CS Page
Department of Computer Science
University College London
Gower Street
London WC1E 6BT

University of London

Research Groups:


New: PhD studentship available

Business logic and human behaviour in access control

Information security can be defined as addressing the problem of ensuring that just the right agents access to just the right information at just the right times. In fact, this definition readily adapts to physical security, which addresses the problem of ensuring that just the right agents (e.g., people) have just the right access to just the right locations at just the right times.

This problem of controlling access to locations and resources, be they physical or logical, arises throughout the networks of complex systems that support the modern world. Organizations try to manage information security risks through policies and security mechanisms, and have discovered over the past decade that these are only effective if their staffs are able and willing to use them correctly. But there is evidence of widespread circumvention of current access control mechanisms in organizations.

This studentship will develop a framework for modelling access control policies and their implementation in business and system architectures, and will provide tools for reasoning about the circumvention of policies in the presence of behaviours that are driven by competing priorities (the policy-implementation gap). The project will combine ideas and techniques from logic & mathematical modelling, computer systems security, usable security, and information security economics.

All research that is undertaken at UCL as part of the studentship will be unclassified and published in the open literature.

The studentship will be funded for a period of 3.5 years. GCHQ will cover the costs of UCL's fees and will provide a total tax-free stipend of GBP 23,000 per annum (pro rata). A generous travel budget is also provided to enable attendance at international conferences and workshops.

The start-date for the studentship will be in September 2016 (a later date may be possible). We expect a candidate to have at least a strong 2:1 degree in Computer Science, Mathematics, Engineering, and usually a related Master's degree. Some prior knowledge of some of information/computer security, logic, mathematical modelling using tools such as Matlab, and empirical methods in data collection and analysis would be advantageous.

Applications should be submitted to University College London. Please follow the link here to the online application. You should specify on your application that you would like to be supervised by Prof. David Pym and Prof. M. Angela Sasse and make it clear in your personal statement you are applying for the `Business logic and human behaviour in access control' studentship.

The studentship is open only to UK nationals because of the funder's eligibility requirements. The successful candidate will be required to undertake an internship of approximately 2-4 weeks per year at GCHQ's headquarters in Cheltenham. To be considered for this studentship, candidates must therefore be prepared to undergo GCHQ's security clearance procedures.

My latest book, a research monograph entitled A Discipline of Mathematical Systems Modelling, co-authored with Matthew Collinson and Brian Monahan, is published by the not-for-profit publisher College Publications.


The mathematization of the sciences, of engineering, and of economics has been an outstandingly successful intellectual enterprise, enabling the modern world. As the operations of the world become more and more dependent on highly interconnected, massively complex, networked systems of computational devices, the need to develop a mathematical understanding of their properties and behaviours is increasingly pressing.

Our approach, described in this monograph, is to combine the compositionality of formal specification --- using techniques from algebra, computation theory, logic, and probability theory --- with the control of level of abstraction afforded by the classical mathematical modelling method.

The first chapter provides a complete high-level view of the approach to systems modelling that is developed in the monograph. It provides both conceptual and philosophical background and introductions to the technical development. The remaining chapters develop the mathematical and computational aspects of our approach. Each chapter develops a specific mathematical or computational component, clearly integrated into the overall development. Examples, including ones based on industrial and commercial applications, are provided throughout. An implementation of a simulation engine (Core Gnosis) for executing models is available for download from HP Labs. Associated with this monograph is a website ( from which Core Gnosis may be obtained. This is book is about the conceptual and mathematical foundations of a modelling approach, with indications of how it can, and has been, deployed in practice. We defer to another occasion an account of the pragmatics of the deployment.

Available from Waterstones, Amazon UK, Amazon US, Amazon DE, and Amazon FR.

Other Monographs

I am one of the designers of the Core Gnosis tool for systems and security modelling. The Core Gnosis system can be downloaded from HP Labs at, along with a paper

M. Collinson, B. Monahan, and D. Pym,
Semantics for Structured Systems Modelling and Simulation,
Proc. Simutools 2010, ACM Digital Library, ISBN: 978-963-9799-87-5

published at SIMUTools 2010.

Research Interests

I have worked in a range of areas of mathematical logic and theoretical computer science, including type theory and logical frameworks, proof theory, categorical logic, substructural logic, resource semantics, and process algebra. In theses areas, I have always been particularly interested in the interplay between syntax and semantics.

In recent years, I have become engaged with mathematical systems modelling, with a particular interest in applying --- in the style of classical mathematical modelling as practised in, for example, engineering, where the control of complexity by abstraction is critically important in delivering useful models --- the ideas of compositional semantics and logic to complex systems, particularly in the social sciences and systems engineering. Computer security, system security, and information security provide excellent challenges for this approach. All this began around 2004, with an extended stay with the security research group at HP Labs, initially funded by a Royal Society Industry Fellowship.

My interests in security are primarily concerned with questions of policy and the interaction between policy and system architecture, with a particular perspective provided by economics. I am also interest in logical approaches to access control policy in which the interplay between policy architecture and system architecture is considered explicitly.

I also have interests in the security of critical national infrastructure, particularly from the perspective of security economics.

My research interests can be usefully organized into three groups.

I am currently interested in, and interested in supervising PhD students in, the following areas (in no particular order):

Certain aspects of my research in these areas are undertaken in collaboration with the Cloud and Security Lab at HP Labs, Bristol.

Current Funded Projects

Recent Funded Projects (see Recent Publications and Manuscripts for associated papers)