Tim Storer

I am a lecturer in Software Engineering at the School of Computing Science, University of Glasgow. Previously, I was a research assistant at The School of Computer Science, University of St Andrews, working for Ian Sommerville with Russell Lock.

Contact Information

School of Computing Science
University of Glasgow
Sir Alwyn Williams Building
Lilybank Gardens
G12 8QQ

Tel: 0141 330 4970

email timothy.storer@glasgow.ac.uk

Research Interests

I have research interests in the engineering of large scale complex socio-technical systems and the reliability of software systems.

My interest in this area began during my phd thesis work, investigating the use of simple vote-verification mechanisms in voting systems. During my postdoc, I coordinated a case study of the development of the e-counting system used in the Scottish Elections in 2007. We published an analysis on the failings of the system and I'm often asked to comment on the interaction between voting and technology by national media government. While I was at St Andrews, we responsibility modelling, a technique for capturing and discussing complex socio-technical systems. We applied the notation to the development of requirements specifications and the management of civil contingency plans. Since moving to Glasgow, I've now begun investigating the potential to develop executable simulations of socio-technical systems, derived from informal models of responsibility. The intention is to develop simulations that can be used to identify vulnerabilities in socio-technical systems, inform design decisions and focus testing efforts.

My interest in software reliability began through discussions about the use of software in the `wet' sciences (with Peter Saffrey), and in the recovery of evidence during digital forensic investigations (with Brad Glisson). I'm interested in the ways that the (un)reliability of software interacts with the social processes around its use in particular domains. For example, we've investigated the consistency of digital forensic software toolkits in recovering data from mobile devices. We were able to document considerable variation amongst the different toolkits in the data recovered. This has impliciations for the use of digital evidence in court (for example), since the emphasis in digital forensics has been on the completeness of evidence recovered, rather than on correctness. As a broader (and more positive) research interest, I'm interested in the development of tools, practices and software engineering methods that are tailored to the needs of developers in these specific domains.

Research Papers


T. Storer, S. Marsh, S. Noël, B. Esfandiari, K. El-Khatib, P. Briggs, K. Renaud, and M. V. Bicakci, “Encouraging second thoughts: Obstructive user interfaces for raising security awareness.” Accepted for PST 2013, April 2013.

G. Grispos, W. B. Glisson, and T. Storer, “Cloud security challenges: investigating policies, standards, and guidelines in a fortune 500 organization.” Accepted for 21st European Conference on Information Systems. Utrecht, The Netherlands, April 2013.

W. B. Glisson, T. Storer, and J. Buchanan-Wollaston, “An empirical comparison of results from mobile forensic toolkits in the wild,” Digital Investigation, vol. 10, pp. 44-55, April 2013. Accepted preprint.

H. Crawford, K. Renaud, and T. Storer, “A framework for continuous, transparent mobile device authentication.” Computers & Security in press, January 2013.

W. B. Glisson and T. Storer, “Investigating information security risks of mobile device use within organizations.” Accepted for ACIS, January 2013.

J. Buchanan-Wollaston, T. Storer, and W. B. Glisson, “A comparison of forensic toolkit and mass market data recovery applications.” Presented at IFIP Digital Forensics 2013. Revised, accepted paper to appear Springer Verlag, 2013., January 2013.

G. Grispos, W. B. Glisson, and T. Storer, “Using smartphones as a proxy for forensic evidence contained in cloud storage services,” in 46th Hawaii International Conference on System Sciences, HICSS 2013, (Wailea, HI, USA), pp. 4910-4919, IEEE, January 2013.

S. Raue, C. W. Johnson, and T. Storer, “(SMA)2 - a social media audience sharing model for authorities to support effective crisis communication,” in Proceedings of the 7th IET Conference on Systems Safety and CyberSecurity, (Edinburgh, Scotland), Instiute of Engineering and Technology, October 2012.

T. Storer, W. B. Glisson, and K. Renaud, “Patterns of information security postures in large scale socio-technical systems,” in Cyberpatterns 2012. The First International Workshop on Cyber Patterns: Unifying Design Patterns with Security, Attack and Forensic Patterns, (Abingdon, Oxfordshire, UK.), pp. 30-34, Oxford Brookes University, July 2012.

I. Sommerville, R. Lock, and T. Storer, “Information requirements for enterprise systems,” in 17th Monterey Workshop (R. Calinescu, ed.), no. 7539 in Lecture Notes in Computer Science, pp. 266-282, Springer Verlag, March 2012.

G. Grispos, T. Storer, and W. B. Glisson, “Calm before the storm: The emerging challenges of cloud computing in digital forensics,” International Journal of Crime and Digital Forensics, vol. 4, no. 2, pp. 28-48, 2012.

S. Marsh, S. Noël, T. Storer, Y. Wang, P. Briggs, L. Robart, J. Stewart, B. Esfandiari, K. El-Khatib, M. V. Bicakci, M. C. Dao, M. Cohen, and D. D. Silva, “Non-standards for trust: Foreground trust and second thoughts for mobile security,” in Security and Trust Management 7th International Workshop, STM 2011, Revised Selected Papers (C. Meadows and C. Fernandez-Gago, eds.), vol. 7170 of Lecture Notes in Computer Science, (Copenhagen, Denmark), pp. 28-39, Springer Verlag, 2012. Invited paper.

G. Grispos, T. Storer, and W. B. Glisson, “A comparison of forensic evidence recovery techniques for a windows mobile smart phone,” Digital Investigation, vol. 8, pp. 23-36, July 2011. [ http ]

W. B. Glisson, T. Storer, G. Mayall, I. Moug, and G. Grispos, “Electronic retention: What does your mobile phone reveal about you?,” International Journal of Information Security, vol. 10, no. 6, pp. 337-349, 2011.

R. Lock, T. Storer, and I. Sommerville, “Responsibility modelling for risk analysis,” in Proceedings of European SREL (ESREL) 2009, (Prague, Czech Republic), pp. 1103-1109, September 2009.

I. Sommerville, R. Lock, T. Storer, and J. Dobson, “Deriving information requirements from responsibility models,” in Advanced Information Systems Engineering, 21st International Conference, CAiSE 2009 (P. V. Eck, J. Gordijn, and R. Wieringa, eds.), vol. 5565 of Lecture Notes in Computer Science, (Amsterdam, Netherlands), pp. 515-529, Springer Verlag, June 2009. [ .pdf ]

T. Storer and R. Lock, “Accuracy: The fundamental requirement for voting systems,” in Proceedings of the The Third International Conference on Availability, Reliability and Security, ARES 2008, (Fukuoka, Japan), pp. 374-379, IEEE Computer Society, March 2009.

I. Sommerville, T. Storer, and R. Lock, “Responsibility modelling for civil emergency planning,” Risk Management, vol. 11, no. 3-4, pp. 179-207, 2009.

L. Little, T. Storer, P. Briggs, and I. Duncan, “E-voting in a ubicomp world: Trust, privacy, and social implications,” Social Science Computer Review, vol. 26, pp. 44-59, February 2008. [ .pdf ]

R. Lock, T. Storer, N. Harvey, C. Hughes, and I. Sommerville, “Observations of the Scottish elections 2007,” Transforming Government: People, Process and Policy, vol. 2, no. 2, pp. 104-118, 2008.

R. Lock, T. Storer, N. Harvey, C. Hughes, and I. Sommerville, “Observations of the Scottish elections 2007,” in eGov 2007, Third e-Government Workshop, (Leeds, UK), September 2007. [ .pdf ]

T. Storer and I. Duncan, “3D animation of Java program execution for teaching object oriented concepts,” in Proceedings of the Seventh IASTED International Conference on Visualisation, Imaging and Image Processing (J. J. Villanueva, ed.), (Palma de Mallorca, Spain), pp. 76-81, ACTA Press, August 2007.

C. Allison, T. Storer, S. Purdie, and R. Michelson, “An evaluation framework for grid-based learning technologies,” in Proceedings of the The 7th IEEE International Conference on Advanced Learning Technologies, (Niigata, Japan), IEEE Computer Society Press, July 2007.

I. Sommerville, T. Storer, and R. Lock, “Responsibility modelling for contingency planning,” in Workshop on Understanding Why Systems Fail, Contingency Planning and Longer Term Perspectives on Learning from Failure in Safety Critical Systems, June 2007. [ .pdf ]

T. Storer, L. Little, and I. Duncan, “An exploratory study of voter attitudes towards a pollsterless remote voting system,” in IaVoSS Workshop on Trustworthy Elections (WOTE 06) Pre-Proceedings (D. Chaum, R. Rivest, and P. Ryan, eds.), (Robinson College, University of Cambridge, England), pp. 77-86, June 2006. [ .pdf ]

I. Duncan and T. Storer, “Agent testing in an ambient world,” in Pervasive 2006 Workshop Proceedings (T. Strang, V. Cahill, and A. Quigley, eds.), (Dublin, Eire), pp. 757-764, May 2006. [ .pdf ]

T. Storer and I. Duncan, “Electronic voting in the UK: Current trends in deployment, requirements and technologies,” in Proceedings of the Third Annual Conference on Privacy, Security and Trust (A. Ghorbani and S. Marsh, eds.), (St Andrews, New Brunswick, Canada.), pp. 249-252, NRC/CNRC, University of New Brunswick, October 2005. [ .pdf ]

T. Storer and I. Duncan, “Two variations of the mCESG pollsterless e-voting scheme,” in COMPSAC 05 The 29th Annual International Computer Software & Applications Conference (R. Bilof, ed.), (Edinburgh, Scotland), pp. 425-430, IEEE Computer Society, July 2005. [ .pdf ]

T. Storer and I. Duncan, “Polsterless remote electronic voting,” Journal of E-Government, vol. 1, pp. 75-103, October 2004. [ .pdf ]

T. Storer and I. Duncan, “Practical remote electronic elections for the UK,” in Privacy, Security and Trust 2004 Proceedings of the Second Annual Conference on Privacy, Security and Trust (S. Marsh, ed.), (Fredericton, New Brunswick, Canada), pp. 41-45, National Research Council Canada, University of New Brunswick, October 2004. [ .pdf ]

T. Storer and I. Duncan, “Modelling context for the design of remote electronic voting schemes,” in IADIS International Conference e-Society 2004 (P. Isaías, P. Kommers, and M. Macpherson, eds.), vol. 2, (Avila, Spain.), pp. 1001-1004, IADIS Press, July 2004. [ .pdf ]

One note: I mis-attributed an opinion to Ben Fairweather in this paper, so please ignore that citation.

PhD Students

I'm currently supervising George Grispos (digital forensics in clouds), Robbie Simpson (candidate verifiable electronic voting) and Sai Akkinapragada (defect analysis). I'm interested in proposals for student projects in the areas of engineering software reliability, software engineering for physical sciences and the engineering of large scale socio-technical systems.

Teaching and Administration

In AY 2013-14 I will be teaching Professional Software Development (PSD3) with Jeremy Singer and Object Oriented Software Engineering (OOSE2). I will also be involved in the delivery of Software Engineering M (SEM), led by Julie Williamson. I also coordinate the level 3 software engineering placements, as part of my role as the software engineering programme coordinator.