Christian Niesler

Academic Staff

Christian Niesler, M.Sc.

S-GW 306
+49 201 18-37336


Christian Niesler is a research assistant in the working group for Secure Software Systems at the University of Duisburg-Essen.

Curriculum Vitae:

Year Position/Study Program
since 10/2020 Research Assistant at the Secure Software Systems (Syssec) group at the University of Duisburg-Essen
10/2017 – 09/2020 Master of Science: Software and Network Engineering at University Duisburg-Essen
Threat and Vulnerability Management at DXC Technology in Ratingen
10/2014 – 09/2017 Bachelor of Science: Applied Computer Science at Cooperative State University in Stuttgart
Dual Study at Hewlett-Packard (Enterprise)


  • Thoma, Jan Philipp; Niesler, Christian; Funke, Dominic; Leander, Gregor; Mayr, Pierre; Pohl, Nils; Davi, Lucas; Güneysu, Tim: ClepsydraCache - Preventing Cache Attacks with Time-Based Evictions. In: Proc. of 32nd USENIX Security Symposium. Anaheim, CA 2023. CitationDetails
  • Surminski, Sebastian; Niesler, Christian; Brasser, Ferdinand; Davi, Lucas; Sadeghi, Ahmad-Reza: RealSWATT: Remote Software-based Attestation for Embedded Devices under Realtime Constraints. In: Proc. of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, New York, USA 2021. doi:10.1145/3460120.3484788CitationDetails
  • Niesler, Christian; Surminski, Sebastian; Davi, Lucas: HERA: Hotpatching of Embedded Real-time Applications. In: Proc. of 28th Network and Distributed System Security Symposium (NDSS). 2021. doi:10.14722/ndss.2021.24159Full textCitationDetails

    Memory corruption attacks are a pre-dominant attack vector against IoT devices. Simply updating vulnerable IoT software is not always possible due to unacceptable downtime and a required reboot. These side-effects must be avoided for highly-available embedded systems such as medical devices and, generally speaking, for any embedded system with real-time constraints.
    To avoid downtime and reboot of a system, previous research has introduced the concept of hotpatching. However, the existing approaches cannot be applied to resource-constrained IoT devices. Furthermore, possible hardware-related issues have not been addressed, i.e., the inability to directly modify the firmware image due to read-only memory.

    In this paper, we present the design and implementation of HERA (Hotpatching of Embedded Real-time Applications) which utilizes hardware-based built-in features of commodity Cortex-M microcontrollers to perform hotpatching of embedded systems. HERA preserves hard real-time constraints while keeping the additional resource usage to a minimum. In a case study, we apply HERA to two vulnerable medical devices. Furthermore, we leverage HERA to patch an existing vulnerability in the FreeRTOS operating system. These applications demonstrate the high practicality and efficiency of our approach.