Welcome to the Homepage for Research in Secure Software Systems

Our group started its activities at UDE from 1st December 2016. We conduct research in the area of system and software security. In particular, we develop new security technologies to mitigate software exploits for different processor architectures. Further research areas of our group are operating system security, trusted computing, mobile security, and hardware-based software security. More information on current research projects can be found on our research page.

Since summer term 2017, our group offers courses in the area of system and software security. More information on lectures as well as open bachelor and master theses can be found on our teaching page.

Current Announcements

 Thu, 11. Feb. 2021   Kremer, Birgit

Großer Erfolg beim 8. Deutschen IT-Sicherheitspreis

Alle zwei Jahre zeichnet die Horst Görtz Stiftung mit insgesamt 200.000 Euro die besten zukunfts-relevanten Innovationen der IT-Sicherheit aus. Für ihr neuartiges Werkzeug TeeRex zur Schwachstellenanalyse von Trusted Execution...
read on

 Mon, 07. Dec. 2020   Niesler, Christian

Paper Accepted at NDSS: Framework HERA allows hotpatching of real-time embedded systems

The paper 'HERA: Hotpatching of Embedded Real-time Applications' has been accepted at the Network and Distributed System Security Symposium (NDSS) 2021. We present the first framework to allow hotpatching of real-time embedded...
read on

 Mon, 07. Dec. 2020   Surminski, Sebastian

Christian Niesler wins Eurobits Award

With his Master Thesis "Securing Real-time Embedded Systems Through Hotpatching" Christian Niesler wins the Eurobits Award that is endowed with prize money of 1000€. Congratulatons!
read on

 Fri, 06. Nov. 2020   Cloosters, Tobias

CSAW'20 Best Paper Finalist: TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves

Das Paper „TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves“ von Tobias Cloosters, Michael Rodler und Lucas Davi wurde von CSAW Europe in die Finalrunde der zehn besten Paper des Jahres 2020...
read on

 Wed, 14. Oct. 2020   Rodler, Michael

New Technology Fixes Security Vulnerabilities in Smart Contracts

Smart Contracts have made Ethereum the world's second largest crypto currency. However, recent criminal attacks exploited errors in the programmed contracts. Our research group, together with partners from industry, has developed...
read on

 Thu, 01. Oct. 2020   Surminski, Sebastian

New Research Assistant

In October Christian Niesler joined the group of Prof. Lucas Davi.
read on

 Tue, 29. Sep. 2020   Surminski, Sebastian

Lectures in the Winter Term 2020/2021

We have two lectures and a project group in the winter term.
read on

 Wed, 15. Jul. 2020   Rodler, Michael

Danger to Sensitive Data

In the course of our research on Trusted Execution Environments we discovered multiple vulnerabilities in security-critical software running in protected memory areas of modern Intel processors. In the worst-case scenario, harmful...
read on

 Wed, 20. May. 2020   Surminski, Sebastian

Sicherheitslücke in IP-Webcam gefunden

In der Bachelorarbeit von Lasse Bruns wurde die Sicherheit von IP-Webcams untersucht. IP-Webcams erlauben es dem Benutzer, über das Internet das Kamerabild abzurufen. Hierbei wurde eine Lücke festgestellt, die es erlaubt hat, ein...
read on

 Fri, 15. May. 2020   Surminski, Sebastian

DFG-Project RAINCOAT started

In order to maintain the increasing chip performance while simultaneously advancing miniaturization, manufactures of modern memory- and processing units are increasingly relying on highly optimized, parallelized...
read on

 Tue, 03. Mar. 2020   Surminski, Sebastian

Bachelor Seminar in the Summer Term 2020

In the summer term, we offer a bachelor seminar on Vulnerability Detection and Analysis.
read on

 Mon, 16. Dec. 2019   Davi, Lucas

TEE Presentation at INRIA Institute in Rennes, France

Inria Vortrag von Prof. Lucas Davi
A trusted execution environment introduces a hardware-based protection environment for programm code and data. The TEE ensures that neither malicious code nor a compromised operating system can access code and data contained in...
read on

Currently showing 13 to 24 out of 46