I'm a PhD student at University College London in the department of Physics and Astronomy.
I work on the ANITA (Antarctic Impulsive Transient Antenna) experiment, a balloon borne radio detector that searches for interactions of elementary particles called neutrinos in the Antarctic Ice sheet. Neutrinos are yet to be detected at the incredibly high energies at which ANITA is sensitive, but it is hoped that through observation of them we will learn more about the most extreme environments in the Universe and the fundamental physics that drives them.
Outside of my research I have an interest in science outreach, communication and policy, having worked as a "Researcher in Residence" in a north London school and at the beginning of May 2011 commenced an STFC sponsored fellowship at the Parliamentary Office of Science and Technology, the subject of this blog...
Particle physics (and, indeed, any other academic discipline) can be a rather insular community in which to operate. The common image people have is of scientists performing experiments in high-tech laboratories, isolated from the rest of the world. As a particle physicist in training, the opportunity to work within Westminster helping raise the profile and awareness of science and technology was too good an opportunity to miss.
I started work in the Parliamentary Office of Science and Technology (POST) at the beginning of May. I’ve been assigned to work on a report on cyber security in the United Kingdom, a topic that is pretty far removed from my day job. Although initially a little daunted by the prospect of having to learn the basics of a subject in such a short period of time, I see this as a good way for the POST fellowship programme to run. By assigning a scientifically competent fellow to a subject they are green in, the fellow will approach the matters with no agenda or bias. Moreover, he or she will almost always be working in an area slightly removed from their own research due to the highly specialised niche nature of today’s research.
After being assigned to a topic, the postgraduate fellow will work on a given subject for around three months. This involves interviewing representatives from industry, academia, Government and the Civil Service, and independent organisations. With the information acquired, the fellow is able to write a concise report that can inform - rather than advise - parliamentarians on a subject.
The number of advisory bodies, informative institutions and parliamentary groups working within Westminster is truly baffling for me at the moment. There is a huge amount of relevant information on scientific topics online and in the academic press, the publications from Westminster, the EU and further afield. Some is redundant information or can simply serve to confuse the reader. POST's work in producing digested and balanced reports suddenly seems all the more useful after getting lost in the mire!
Cyber security, as with the topics covered in all of POST’s work, is a subject that is very much on the political and public agenda. The National Security Strategy, published last October, rated cyber security as one of the four highest priority risks to UK national security. Computer hacks and cyber attacks are in the media every week. The scale and scope of these attacks seem to be ever increasing.
It’s easy to get caught up in the hype - part of my role is to take a balanced approach to the subject. Cyber fraud is on the rise as criminals realise that the cyber domain provides highly lucrative financial opportunities. A recent report from the Metropolitan Police stated that there are twice as many instances of cyber theft than traditional financial acquisitive crimes. During the recent PlayStation hacks, some 101 million individual user accounts on the PSN and Sony Online Entertainment network were said to be accessed. But is this really a threat to national security?
There are precedents for attacks that could provide such a threat. In 2010 a virus called Stuxnet was launched with the apparent purpose of targeting specific control systems within uranium enrichment plants. There is a degree of consensus that the attack was targeted at the Iranian nuclear programme. Whether an attacker with sufficient technical and financial clout would target the UK is debatable.
There are worries in both the academic and security communities over the amount of reliance on computers and computer networks more generally, however. Clearly the UK is more obviously vulnerable to the effects of such an attack. The update of key infrastructure, for example the smart grid, will introduce new areas of vulnerability, including grid itself. And what if a cyber attack took place that was coupled with physical attack? The huge dependency of so many response and communications systems on the internet needs little imagination to give rise to images of mass chaos.
The difficulty is separating the mere conjecture and hype from the possible reality. Not easy!
In the last four weeks I've attended four conferences on or related to cyber security. The fact that all these conferences were based in London, with many other events taking place nationally and internationally, just goes to show how high on the political and technological agenda the issues are.
One of these events, the EastWest Institute 2nd Worldwide Cyber Security Summit, was particularly interesting. The event brought together experts from around the world to focus on international efforts in tackling cyber security (plus, they were handing out free passes to graduate students, which provided access to an expensive conference to people like me who have just started working in the field).
Representatives from organisations and nations that are not typically best of friends in the cyber domain spent two days involved in both traditional conference speeches and panel discussions, as well as taking part in floor discussion "breakout groups". These breakout groups were aimed at finding consensus views on what the most relevant issues are in cyber security currently, and developing methods by which they could be tackled. The subject areas were diverse to say the least, ranging from discussions on securing key undersea communications infrastructure to methods of combating unsolicited commercial email (‘spam’).
Cyber issues cross geopolitical boundaries - if security is to be properly addressed then discussion and progress is needed on a global scale. This is an issue that is constantly raised as a priority for cyber security and is an area on which the EastWest Institute is taking a lead. The Institute has also worked on the first official US-Russia joint work on cyber conflict, with the aim of defining rules of engagement of this new arena.
The need for such international cooperation is recognised in Westminster. The UK recently (eventually, you could say) ratified the Council of Europe's Convention on Cyber Crime. The Prime Minister released a joint communiqué with President Obama stating the intention of both nations engaging the private sector and internationally. In the autumn, the UK Foreign Office will host an international cyber security conference. The point is, so far very few norms have been established in terms of acceptable behaviour for organisations and nation states in the cyber domain: safe havens for organised online crime still appear to exist and cases of cyber espionage and organisational hacking make the news on an almost daily basis. International cooperation and action clearly have a long way to go!
I'm beginning to draft the briefing document on “Cyber Security in the UK” for the Parliamentary Office of Science and Technology. As such, I have a lot more time in Westminster compared to the last few conference and interview filled weeks. This, in turn, means that I can attend events going on around the Houses of Parliament including, last week, Prime Minister's Questions. It's not related in any way to the work I am carrying out, but the waiting list for PMQs can be months long and I received a last minute offer to sit in the Serjeant (their spelling, not mine) at Arms' Private Box after someone cancelled their seat. It's not as posh as it sounds - the Serjeant at Arms' Box is right at the back of the viewing gallery.
Westminster is always pretty busy on a Wednesday because of PMQs. It's the middle of a short (typically Monday-Thursday) working week, so House staff and special advisors are all hard at work running up and down the corridors. Moreover, as PMQs is the most popular event with the public, there are tourists everywhere. Before the Commons session starts, people eagerly await the Speaker of the House's procession.
As with most crowd gatherings, more people seem to get drawn in not because they're aware of what's going on, but because they're interested that other people are interested. In the end I felt sorry for all the school kids and pensioners who had been trying to squeeze to the front for 20 minutes, only to find that the speakers procession lasts 30 seconds and consists of six people (though I'm not really sure what they expected!)
Almost everyone will have seen PMQs on the TV before, be it live or on the news. The only difference watching it in the flesh is that you get a sense of how small the Commons chamber really is. Other than that, seeing David Cameron and Ed Miliband trying to score points off of each other is always fun!
POST held its board meeting on Tuesday. The board is made up of MPs, Peers and parliamentary and external scientific experts, with Adam Afriyie MP as the current chair.
The meetings, held every three months, offer an opportunity for POST fellows to meet board members, often for the first time. It is quite important that this contact be made; while POST put forward potential topics of research for POSTnotes (the four page briefings on which fellows and permanent staff work), it is the board who decide which subjects are chosen. The contact with the board allows fellows to understand the context of why the topic they are working on has been singled out.
This selection process means that scientifically interesting subjects that are relevant to current or future policy are proposed, with those seen as most useful and informative to parliament being selected by the board. The subjects, as with POST’s research groups, are divided into three areas. Briefings are selected for research from topics within:
Typically three topics are put forward for every one chosen, with the option of resubmission for consideration at a future board meeting. Further briefings on science policy or science, technology and the developing world may also be put forward for research.
The work put in to scope out the most relevant topics is hard in itself. I’m currently looking at possible future topics for the physical sciences and IT section while the draft of my POSTnote on cyber security is being looked at. There are a wealth of resources to look at for issues that relate to current policy, the difficulty is selecting subjects that will both be useful to parliamentarians while not being either too niche or too general.
The board agreed on seven topics for research at this week’s meeting:
All are areas rich in current developments with regard to both research and policy. Good luck to any future fellows who might be assigned one of the topics. Working at POST is really rewarding experience!
Both my placement at POST and my PhD at UCL are sponsored by the STFC. Last week I was invited to attend a dinner held by the STFC following one of their council meetings. The dinner was at The Cosener's House in Abingdon, a rather pretty building owned by the STFC, but also used as a hotel and function venue.
The dinner was attended both by STFC Council members and a number of representatives of the STFC executive. I've been to conference dinners that renowned scientists were present at before, but this was a difference experience - both controllers of researchers and eminent academics. I was there to relay my experience as STFC's first sponsored fellow at POST (and I wasn't going to say no to a nice dinner - I should probably say it was pointed out to me that most STFC Council meetings do not end in such events).
Along with discussing science issues (CDF versus LHC and the benefits of working on a "small" experiment like ANITA), I managed to get some fairly useful advice for postdoctoral applications! I don't actually know what was discussed during the council meeting, but it is in part down to STFC's work that the science budget survived relatively unscathed in last year's comprehensive spending review (CSR). There was talk of STFC's image (rejuvenated, particularly since the CSR) as well the slightly more controversial issue of student fees.
Everyone I spoke to seemed very encouraged by the engagement with policy and political process that the POST fellowship offers. The benefits are there for all involved. For the fellow, the placement provides a unique experience outside of academic research. POST, and parliament in general, receive input from people involved in active research, helping to improve scientific knowledge in parliament. For the funding council, the fellowship provides further opportunity to build links between researchers they fund and parliament, demonstrate they are providing opportunities outside of pure research and avenues through which the reach and relevance the research they fund can be demonstrated. It's a scheme that STFC will continue to support, with the application process for next year's fellowship due to open soon.
I’ll explain; it’s a bit of a milestone in the fellowship. POSTnotes, although short, are very concise, digested and thoroughly researched briefing documents. A POST fellow’s role is typically to research and write one POSTnote over the three month period of their Parliamentary placement. To ensure the quality and accuracy of each of these documents there is a review process, a little like peer review only not anonymised (and with reviewers selected by POST!)
After around two months of research, including a lot of reading and numerous interviews, a POST fellow writes their POSTnote draft. Much consideration must be paid to the tone and construction of the document; the article is intended to inform MPs and Peers, rather than advise them. However, where there is consensus that some issue needs addressing this should be communicated, with relevant evidence. So, after a good week or two of discussing the document drafts with a line manager, the key messages of the note with all the correct wordings should have been clarified and a suitable structure achieved.
At this point the POSTnotes pass to an internal review process. There are three sections within POST, each with two dedicated permanent members of staff. Until this point the draft will have only been seen by the direct line manager within the appropriate section. Internal review provides the other member of that section, along with representatives of each of the other areas, with chance to read (and deconstruct/criticise/praise) the POSTnote for the first time. In my case the review led to a complete restructuring of the document; not an uncommon issue for the process to throw up.
After a couple more days of working on the note, with further editing to meet the tight four page limit, the note is checked once more by a senior member of staff. On condition of that staff member’s approval the POSTnote can then be sent out for external review. This provides two weeks for POST’s board members, as well as all contributors to the POSTnote research process, to provide feedback on the draft and request changes. After which there is sure to be more editing – more on that in a couple of weeks, I guess. For now I have the joy of returning to writing my thesis (with a little bit of work for POST thrown in).
The document I was working on while at POST, POSTnote 389 "Cyber Security in the UK", has been published online, with hard copies due to be printed sometime soon.
Although I completed the research, drafting and editing of the document at the end of July, as I mentioned in previous posts there are a number of review stages before a POSTnote can be released. The final of these is approval by the director of POST, Prof. David Cope.
In the case of the cyber security POSTnote, there was also some worry that the Cabinet Office might be issuing new policy very soon after the POSTnote was published. After a few weeks of checking that the timing wouldn't clash (no new policy has been issued on cyber security as of the date of this blog entry), the POSTnote could be released.
I'm obviously pleased that my placement at POST has been successful and a document has my name on it, it's been a really fantastic experience and I'm very grateful to the STFC for providing me with the opportunity and then supporting me through it.
Three months does seem like a long time to have spent on one document, but the writing of Parliamentary briefings is very different to writing academic work. The author must be confident of having spoken to an appropriate range of sources, and checked and double-checked that contributors are happy with both comments that have been attributed to them as well as the overall tone of the article. In addition to this, just fitting all the information on four pages, when it could have extended to 20, is a considerable challenge. And anyway, my POST fellowship has involved many more experiences away from the cyber security document. These have included reporting on the 57th Commonwealth Parliamentary Conference, an evening with the STFC Council in Abingdon, being note-taker at a seminar on the Fukushima Dai'ichi incident as well as attending a number of conferences on cyber security.
To add relief to the pleasure of having my POSTnote published, I'm planning on submitting my PhD thesis next week!