Our second year Civil Engineering MEng students compete to create the most resilient structure using the knowledge gained through their course. The shaking table runs a series of greater magnitude shakes until only one tower remains intact.
MEng in Civil Engineering students learn about the design of steel and concrete structures in the context of realistic multi-storey buildings incorporating common beam, column and slab arrangements.
Computer Science student Tom has built a working replica of the Enigma Machine used to send encoded messages during World War Two. He spent a six week internship in our Engineering Hackspace building the replica, which is now being used by students and school children to explore codes and number theory.
Bristol is a world leader in cryptography and our Computer Science students learn all about keeping systems like power stations and the NHS safe from hackers.
Find out more at http://www.bristol.ac.uk/computerscience/
Unmanned aerial vehicles are rarely out of the headlines. The world’s first driverless passenger drone has already been tested in China, and major companies have begun trialling drone deliveries to customers.
But despite this huge acceleration in popularity there’s a number of challenges which drone manufacturers are facing, not least the matter of urban drone navigation. To investigate this problem, PhD students Cara Williamson and Anouk Spelt are studying urban gulls to understand the most efficient flight paths through urban landscapes. We spoke to Cara to learn more about their project.
Drones could benefit society in so many ways, from the obvious, such as parcel delivery, to the life-changing, such as being the first point of contact for emergency services.
“The Urban Gull Project was started in 2016 by myself and Anouk Spelt as part of our PhD research. We’re supervised by Dr Shane Windsor who won a grant to start the Bio-Inspired Flight Lab. Over millions of years, nature has optimised for every environment – urban gulls are particularly adept at coping with the complex wind flows around city buildings. UAVs could use similar flight strategies. Drones could benefit society in so many ways, from the obvious, such as parcel delivery, to the life-changing, such as being the first point of contact for emergency services.
“The project brings together biology and engineering, using GPS devices on 11 lesser black-backed gulls in Bristol. The tiny backpacks (under 3% of the bird’s weight) track location, altitude, speed and 3D acceleration data which tells us whether the birds are soaring or flapping. Preliminary research showed how gulls position themselves in updrafts on the windward side of buildings to improve control and mitigate risks from gusts. These wind-highways help them maintain altitude so they can soar for a third of their flight time. We’re now seeing that gulls choose routes to foraging grounds that save them energy, even if they are twice the shortest distance.
Battery life is a big problem for drones. Batteries are heavy and limit their range and endurance.
“The wind modelling and path planning method I’ve been using is very quick and could be run in advance of a UAV making a delivery, for example, in order to pick a route that keeps energy costs to a minimum. Battery life is a big problem for drones. Batteries are heavy and limit their range and endurance.
“We collect habitat and weather data in and around Bristol. It’s the perfect location as it combines a diverse built environment with an established gull population. Over the last few decades, the birds’ distribution has moved away from traditional seaside haunts. It’s thought that cities offer warmer temperatures, protected nesting sites and rich pickings from our litter. Anouk compares the gulls’ foraging behaviour and energetic costs with their rural cousins to establish what is really going on. Despite being referred to as seagulls, our birds don’t visit the sea at all during breeding season (March-August), which is why we use the term urban gulls (first coined by our collaborator and South West gull expert of over 30 years, Pete Rock).
“Having followed the gulls for three years, we’ve seen a gull laying an egg, held hatching eggs and watched chicks taking their first flight. Our work has taken us to the top of landfills, quarries, the waste treatment centre and up many tall buildings and church spires. The gulls have distinct traits – we even named some of them after our favourite Game of Thrones characters; Arya (quite feisty – tried to peck us); Sansa (the most beautiful); Lady Brienne (the largest) and Tyrion (the smallest). We also got very attached to the first season’s chicks and learnt the hard way that nature can be quite brutal. It would be good to mend the human-gull relationship. We want to get the message out that when animals thrive in the environments we create, they can teach us so much. It’s vital to study and conserve the natural world.
“At the moment, we’ve got a packed programme of workshops in schools. Pupils design and fly drones and find out about bio-inspired engineering and wind pattern modelling. We’ve had some really encouraging feedback and we hope we’ve inspired a new generation of kids to take STEM subjects that they wouldn’t have previously considered. We were really pleased that this outreach programme was recognised when the project was shortlisted for the 2018 Airbus Diversity Awards.”
Professor Bruce Drinkwater and his colleagues in Brazil are using acoustics to detect disease. Their collaboration was one of the six projects shortlisted in the Brazil category for the prestigious 2018 Newton Prize.
Bruce believes that new technology is the key to tackling the challenges of disease and poverty. He said, “As an engineer, working with the end-users of this technology, this is an area where I can make a difference. Leishmaniasis is a tropical disease that’s endemic in 97 countries. More than a million new cases occur each year world-wide and without early diagnosis, people are at risk of disability and death. Parasites, transferred by sand-fly bites, cause ulcers of the skin, mouth and nose with skin lesions resembling leprosy. Unchecked, infections can be life-limiting, leading to horrific disfigurement, fever, loss of red blood cells and an enlarged spleen and liver.”
Bruce is working with Professor Glauber Silva from the Federal University of Alagoas in Brazil.
The team have made some fantastic breakthroughs in the area of disease detection: “We are developing small and robust prototype acoustic devices that have the potential to detect Leishmaniasis. The lab-on-a-chip devices use acoustic forces to sort and sense thousands of cells, or other microscopic objects, simultaneously. In Leishmania, the infected cells (macrophages) have different mechanical properties from healthy cells. We can exploit this difference in various ways, sorting diseased from healthy cells is just one. The devices can also help detect antibodies in blood and antigens in urine samples by concentrating them with ultrasonic forces. This leads to more rapid diagnosis and monitoring of the disease.
If successful, theses devices could have a huge impact on the lives of those in Brazil and other developing countries: “Leishmaniasis is one of the NTDs that lag far behind HIV/AIDS, tuberculosis and malaria when it comes to research funding. It affects 20,000 people each year in parts of Brazil where poverty, overcrowding and inadequate sanitation are major risk factors. If we can have an impact on Leishmaniasis, the same techniques could be used against other NTDs, transforming outcomes for some of the world’s most disadvantaged people. “
If we can have an impact on Leishmaniasis, the same techniques could be used against other neglected tropical diseases, transforming outcomes for some of the world’s most disadvantaged people.
“These devices are undergoing testing by Brazilian biomedical researchers working on neglected tropical diseases (NTDs) with promising results. After further development of the devices, the next phase will be field trials in hard to access areas where help is most needed.
The Newton Fund was launched in 2014 to promote economic development in countries eligible for official development assistance (ODA). A grant from the Newton fund and the Royal Society made possible Bruce’s research partnership with Professor Glauber Silva from the Federal University of Alagoas in Brazil, enabling them to bring together a multidisciplinary team with expertise in engineering, physics and biomedicine.
Supercomputers already affect our everyday lives, in subtle yet significant ways – forecasting hurricane paths, predicting climate change and making huge breakthroughs in cancer treatment.
They’ve even been described as a ‘crystal ball’ we can use to predict the future… and, yes, maybe one day, they’ll figure out the answer to the ultimate question of life, the universe and everything. Yet outside of the scientific community, these monolithic machines aren’t as well understood as they deserve to be.
To help shed some light on the subject, we spoke to our very own Professor Of High Performance Computing, Simon McIntosh-Smith, to find out more about how we’re all benefiting from the power of supercomputers.
Simon picked up the Outstanding Leadership In HPC Award at the international supercomputing awards – SC18 – this month. He’s also leading a unique new supercomputing project called Isambard, as part of the GW4 Alliance, together with Cray Inc and the Met Office. The Isambard project is exploring the use of mobile technology in supercomputers, in order to build them at a fraction of the cost and make supercomputers more accessible for everyone.
“It’s one of the less glamorous parts of life. You’ll spend some part of your day, every day, in its company. You probably rarely think about its positive impact on your life. The humble toilet, does not get the attention it deserves.
“So opens the Water & Sanitation session of day three of the Global Engineering Congress in London. Over 2500 participants from 82 countries are finding new ways to achieve the UN Sustainable Development Goals (SDGs) together. There are civil, electrical and mechanical engineers, policymakers, research councils, UN agencies, charities, development organisations, artists and lawyers. And there is a buzz in the air.”
The sanitation challenge
“As the world tackles poverty, climate change and providing education for all, poor sanitation is stalling progress. Worldwide, 2.4 billion people do not have access to basic sanitation services, like toilets. Poor sanitation causes the deaths of over 1,200 children under five, every day. In 2016, inadequate sanitation and hygiene were the cause of more than half a million deaths from diarrhoea alone. A lack of toilets and latrines affects education, health, economic development and our environment.
“The toilet, our unsung hero of sanitation, has a key role to play in achieving the SDGs. None of the other Goals, on equality, poverty and climate action, can be achieved without achieving Goal 6. This Goal states that by 2030 all people should have access to clean water and sanitation. We need toilets to save the world.”
“There is no quick fix when it comes to toilets. The toilet that works well in rural Somerset is unlikely to work in rural Sudan. Differences in water levels, space, number of people using the same toilet and how hot, cold, dry or humid the climate is mean that different places need different things. The challenges are diverse and so the solutions need to be too.
“Sanitation for all cannot be achieved without engineers who understand the local context. At the University of Bristol, our engineers are addressing the SDGs in partnerships with local communities and researchers. When we help create earthquake resilient schools in Nepal, map waterborne infectious diseases in the Congo or build sustainable energy systems for refugees in Rwanda, we do so with those who know the conditions best.
“In the case of making sure the world has access to clean water and sanitation, it starts with the humble toilet. Next time you see one, consider giving it a nod of thanks. Much like the engineers fixing sanitation all over the world, it’s a lifesaver.”
This summer Wallace & Gromit’s Grand Appeal partnered with engineering researchers to bring virtual reality into Bristol Children’s Hospital, helping patients unable to leave the hospital experience the award-winning sculpture trail.
Hundreds of thousands of people from across the UK and overseas took part in Gromit Unleashed 2, the third arts trail from Bristol Children’s Hospital charity The Grand Appeal. There were 67 giant sculptures of Academy Award®-winning Aardman characters, Wallace, Gromit and Feathers McGraw – all designed and decorated by a local and high profile artists and brands, including Pixar Animations Studios and DreamWorks.
The ‘Gromit Unleashed 2 VR Experience’ was developed by Bristol Interaction Group, a research group in Engineering, and Large Visible Machine, an independent mobile platforms game studio.
PhD student Gareth Barnaby, who led the VR project, said: “It’s been a great experience to combine our technical expertise with the tireless enthusiasm of the people at The Grand Appeal to create a fun project to be deployed in the real world and brighten people’s days in hospital.
“As a PhD student, it can be hard to see where academia and the real world intersect. This project has shown the difference our work can make and the huge benefits technology can bring. Thanks to everyone at the University who has put in their time to make this project happen, and a huge thank you to The Grand Appeal for the hugely impactful work they do, and for the opportunity to be a part of it.”
Children with complex needs or those undergoing intense treatments, such as bone marrow transplants, are unable to leave hospital, so the University donated over 200 sets of Google Cardboard and two Google Pixel phones, for patients without access to a smart phone. Using the headsets, through virtual reality technology patients are transported to the streets of Bristol to see the sculptures up close and personal in a live setting with the use of 360 camera technology.
Nicola Masters, Director of The Grand Appeal said: “Bristol Children’s Hospital and the 100,000 patients it cares for each year sit at the heart of absolutely everything we do. Virtual Reality is a powerful tool, and what better way to harness this than to bring the trail to the bedsides of young patients who are too poorly to leave their bed or their ward. Taking part in such an immersive and interactive experience is having a brilliant impact not only on the child’s wellbeing, but also on their rehabilitation and recovery in hospitals.”
Today marks the start of drilling for what may become the first deep geothermal power plant in the UK. Falmouth based firm Geothermal Engineering are drilling two wells, 2.8 miles (4.5km) and 1.5 miles (2.5km), into granite near Redruth, Cornwall.
Cold water will be pumped down to the hot rocks where the temperature is up to 200C (390F). Hot water will be brought to the surface. Steam from the heated water will drive turbines producing electricity. If this pilot project is successful it could pave the way for similar power production in the UK.
Professor Joe Quarini from the department of Mechanical Engineering shared his thoughts on the project:
“This is a good and exciting project from an engineering perspective. Not only will it bring jobs and expertise to Cornwall, but we’re going to learn a lot about engineering as the work progresses. We’ve seen similar, but ‘easier’ projects work successfully in New Zealand, Iceland and Italy. There are some technical questions that will be answered during this pilot, like, whether there are significant fouling issues associated with leaching out soluble minerals from the underground structures, what proportion of the water pumped into the ground actually comes back and whether and at what rate the heat deposits are depleted.
The answer to these questions will dictate the long-term viability of geothermal energy production in the UK. Cornwall is unique, it has heat-producing granite rocks with the highest energy density in the UK. In terms of absolute sums, electrical power production from geothermal is likely to be a small proportion of the Nation’s needs; it best location will be Cornwall. That said, Engineering is a global discipline, so it’s great for our young engineers to get the opportunity to see projects like this in action. We know that young people are really interested in green energy and sustainability so hopefully this will get more young people interested in Engineering as a subject.
Whilst the project excites me in terms of Engineering, I’m less confident about the long-term economic viability of geothermal energy in the UK. When the engineering costs are accounted for, geothermal energy isn’t the cheapest source of power, but if we’re serious about decarbonising our economy then it’s a choice that we, as a society, can make. That’s where funders like the EU and the Government come in to help subsidise projects like this one. My worry is that when those sources of funding aren’t available this won’t be a very attractive prospect to private investors. I’d love to be proved wrong on this though!”
The Mac, the iPod and the iPhone are just a few of the innovations that have changed the face of consumer technology. Sleek, functional design and a founding myth of three friends in a garage are foundations of a brand that many student Engineers dream of working for. For Bristol University student Jamie Surjeant, this dream became a reality in the summer of 2018, when he interned for Apple at their California HQ.
Professor Ben Hicks visited Jamie whilst he was on placement and said the opportunity, environment and support are exceptional. The fact that Jamie has been embedded in a design team and has been working directly on Apple products from day one is testament not only to his ability and his undergraduate training at Bristol but also the value and importance of interns to Apple. Apple interns are also given considerable support to assist them in relocating for the duration of their internship and are part of a large community of interns who support each other.
Jamie has now been offered a long-term position with Apple, who were so impressed by Jamie’s work during his internship that they are now collaborating with the Industrial Liaison Office to offer Bristol Engineering students internships in California this summer. Interns will be working on Apple TV Product Design. Interested students need to apply by midnight on the 29th October.
Phishing is coming to an inbox near you… And the attacks are getting more sophisticated by the day. Rob Larson from the University of Bristol’s Cyber Security group talks to us about the latest developments and how you can protect yourself online
Last year, 76% of organisations experienced phishing attacks, with nearly half noticing an increase from the previous year*. According to the FBI, American businesses lost $12.5 billion through corporate email attacks. Closer to home, the NHS ransomware attack of 2017 affected dozens of authorities; staff resorted to using pen and paper, and operations were cancelled, with potentially life-threatening results.
Not only are these attacks on the rise, but scammers are turning to ever-more sophisticated methods, exploiting moments in our everyday lives when we’re at our busiest and most vulnerable.
This is an area which interests Rob Larson, whose PhD focuses on online social engineering attacks. He questions the long-standing idea that individuals are the weakest link in the security chain, instead seeing them as an asset and the first line of defence. He believes that a strong organisational defence is multi-layered, with systems fortified through technology and staff trained to understand the psychology of phishing attacks.
Rob explains the prevalence of phishing attacks: “When it comes to defences, organisations have traditionally put up a perimeter, to keep the bad guys out, and locked down the systems inside it, in case they get in. So it’s often easier to just target the users of the systems, sitting behind the defences.”
We asked Rob about the wide-ranging aspects of phishing – and for some advice on what to look out for online.
“I’ve always had an interest in the psychology of social engineering, such as phishing scams, and why something so simple remains so effective.
“As a computer scientist, I wanted to understand how they’re performed, why they’re successful and what defences are available. I really wanted to bring our understanding of social engineering up-to-date and address this belief that the people who fall victim are at fault.”
On the evolving face of phishing…
“Phishing can be a very low-cost, low-overhead attack as opposed to using exploitative code to break through a hole in the system, or other costly techniques. Traditionally it was deployed willy-nilly with hundreds to thousands of emails being sent, as spam. Now, we’re seeing not only an increase in the number of attacks, but also an increase in their sophistication. Instead of casting a wide net with a mass generic email, they’re targeting a small number of people with content which is more relevant to the recipient.
“Take a university, for example, the email might talk about systems such as ‘Blackboard’ which students within the university actually use. It might reference specific personal details to seem more legitimate, such as their student ID number or course name. Links in the email might then take users through to a website which is tailored to look like the university’s web portal login, asking the target to input their username and password.
“It’s common to see emails putting pressure on the target to elicit an emotional response. Fear of loss is a common one, like replicating a university email and warning the student that they’ll be withdrawn from their course if they don’t respond quickly. If the student clicks on the link they’re redirected to a fake university system and once they’ve logged in the system steals their credentials. The email will thank them for confirming attendance so they’ve no reason to suspect anything.
“These emails have a greater degree of sophistication and subtlety… They’re similar to earlier, more generic phishing scams, but are well-targeted and done in a way that users are less likely to report them, or even notice they’ve fallen victim to anything.”
“Part of my research is trying to understand the spectrum of spear phishing and how sophisticated the attacks get. Spear phishing is a bit of a different animal to the more generic, widely distributed spam-like email; it might be a bit more specific, mentioning you by name. It could come from a contact which looks familiar or appropriate, such as a friend or a colleague, or may include some personal information. It’s quite common to see scammers deploying persuasive techniques in these emails, that leverage authority. For example, they might impersonate your boss and importantly, it might be requesting urgent action.
“Scammers often want a quick reaction – they want you to just respond on auto-pilot. You’re taking a heuristic route and going off your gut, rather than taking time to think it through. It’s something we do naturally, that we need to do to work effectively, and they take advantage of that.”
On ‘crime as a service’…
“Spear phishing used to be so labour-intensive. It was the preserve of people who had the time, money or interest; state actors; organised criminals after big money; or cyber criminals with a persistent interest in a target;
“But now you can buy this kind of service on the Dark Web, for as little as $25. Criminals can go there and say: ‘I want to impersonate a bank, I would like that bank’s website and login page cloned.’ They can pick-up a similar domain and a security certificate. It’s gotten to the point that for very little cost, they can even hire a call centre, and direct users there to steal information by a different route, or add a degree of authenticity.
“It’s a perfect storm. Stolen personal information can be bought and sold online. You can buy tools and services to generate websites, and software packages to generate phishing emails that already include these psychological ploys within the templates.”
On whaling (or ‘CEO phishing’)…
“Whaling, or Business Enterprise Compromise is also increasing dramatically. Think of whaling as ‘phishing’ for a really big fish. For example, criminals target someone in finance and the CEO of the company. They might compromise a device on the company’s network, and send an email appearing to come from the CEO instructing someone in finance to make a money transfer.
“In the past five years, according to the FBI, this kind of fraud has cost US business $12.5 billion. That’s not a small figure by any kind of reckoning. If we’re talking about subtlety or lightness of touch, whaling is right at the top end of the spear-phishing spectrum. The focus is on one person and it will be very targeted and very specific.”
On social-media phishing…
“Another good example of phishing is on Facebook. Someone might visit a club, and check in on Facebook – the scammers message them that they’ve been tagged in a photo at that particular club on that particular night. They click on it because it’s somewhere they actually were, maybe they’re worried that it’s a terrible photo that they don’t remember. If the hackers manage to compromise the target’s social media account they can then use that to launch targeted attacks on their contacts.
“Recruiter scams are also common. Because many legitimate companies recruit primarily through LinkedIn, it’s definitely a good place to be if you’re job hunting. People put loads of information on there about their university and educational history, crucially, the kind of job roles they’ve held in the past and are currently looking for. A prevalent attack comes from fake recruiters or head-hunters. With all the information people are sharing about themselves it’s very easy for a scammer to tailor a convincing job offer email.
“It’s easy to say be careful about what you share online, but it’s always a toss-up between the benefit you’re getting from using an online service and the risk.”
On what to look out for in phishing emails…
“Despite this greater sophistication in scams, a lot of the advice given about spotting phishing still stands up. So watch out for any of any of the following when you receive an email:
It’s generic or impersonal: they don’t greet you by name or mention your account number, instead using an ambiguous greeting such as “Dear user, student, or customer”.
The message looks odd: spelling or grammar errors are common in less sophisticated attacks. Company branding or logos may be incorrect or appear poorly formatted.
The email address of the sender looks wrong: for example, a message might claim to come from ‘email@example.com’ but the email shows as ‘firstname.lastname@example.org’. However, it is possible to impersonate or ‘spoof’ addresses, so you shouldn’t rely on this alone.
It’s asking for sensitive or personal information: such as your password, PIN etc.
It’s trying to rush you with an urgent deadline to respond.
It has a suspicious link or attachment: similarly to email addresses, links that do not match the web address of the company or service the email claims to represent.
On protecting yourself online…
“As I’ve mentioned, a common goal of these scams is to steal your username and password. Don’t forget to use different passwords for different services and use strong passwords too. It doesn’t have to be the letters, numbers and special characters thing that a lot of sites promote – you could use pass-phrases like six random words, tied together with hyphens. But make sure the words aren’t related to you and are as random as possible. Personally, my preference is to use a Password Manager which generates strong passwords and stores them securely. I’d also recommend services with two-factor authentication, that’s when you login and have a second code sent to you. So, even if your username and password is stolen they still need another piece of information.
“There’s been a lot of advice about phishing and social engineering detection. Some of it is really questionable. For example, ‘don’t click on things’ – that’s like saying you should never leave your house if you don’t want to get mugged!
“My advice is to treat any approach like somebody coming to your door to sell you something. If you don’t have the time to check their credentials, don’t play into their time frame. If you’ve got 50 emails and one pings a red flag to you, put it into a folder, crawl through the other emails, and come back to this one when you’ve got time to look at it properly. Don’t reply to it, don’t click on the link, don’t open the attachment. If the email claims to come from an external organisation, such as your bank or University, call the bank directly via information on their official website rather than links or numbers in the message. If it’s from a friend or someone internal to your organisation, drop them a quick call to check.
“At the end of the day, it’s important for individuals and organisations to understand that even with extensive training and a detailed understanding of these scams people still fall for them, because they leverage vulnerabilities present in all of us and happen whilst we’re distracted by other things.”
On collective responsibility…
“People will still mistakes, such as choosing weak passwords, so organisations need to support them with technology and policy where possible, such as taking measures to prevent weak passwords being used or limiting the speed at which attackers can try to guess a password. An awful lot of the systems and countermeasures out there still fail to support the user adequately, meaning these relatively simple attacks remain a big problem.
“So for my PhD, I wanted to find out what’s really going on. I wanted to give something back to help people devise better training, build better defences and create software to lessen the burden on users and to ultimately make people’s jobs easier in the fight against cybercrime.”
The University of Bristol’s Cyber Security Group is part of the Academic Centre of Excellence in Cyber Security Research (ACE-CSR) at Bristol. The group’s research focuses on three over-arching but interlinked strands: security of cyber-physical infrastructures, software security and human behaviours.