[This page is probably not up to date. Google Scholar and ORCID tend to have a better view on what I’m up to.]

Key Publications

This post at the IEEE Software Blog gives a good overview of the thechnology I’m working on:

Key publications at academic venues:

Conference Papers

  1. Chiavassa, P., Gandino, F., Ferrero, R., & Mühlberg, J. T. (2024). “Secure Intermittent Computing with ARM TrustZone on the Cortex-M.” In Workshop on System Software for Trusted Execution (SysTEX 2024). doi:10.1109/EuroSPW61312.2024.00022
  2. De Pauw, C., Mühlberg, J. T., & Dricot, J.-M. (2024). “An Improved PUF-Based Privacy-Preserving IoT Protocol for Cloud Storage.” In International Conference on Information Systems Security and Privacy (ICISSP). doi:10.5220/0012326000003648
  3. Pouyanrad, S., Alder, F., & Mühlberg, J. T. (2024). Automated Side-Channel Analysis of \{ARM TrustZone-M Programs. In 10th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS 2024).
  4. Scopelliti, G., Baumann, C., & Mühlberg, J. T. (2024). “Understanding Trust Relationships in Cloud-Based Confidential Computing.” In Workshop on System Software for Trusted Execution (SysTEX 2024). doi:10.1109/EuroSPW61312.2024.00023
  5. Scopelliti, G., Bauman, C., Alder, F., Truyen, E., & Mühlberg, J. T. (2024). “Efficient and Timely Revocation of V2X Credentials.” In Network and Distributed System Security Symposium (NDSS). doi:10.14722/ndss.2024.24017
  6. Scopelliti, G., Bauman, C., Alder, F., Truyen, E., & Mühlberg, J. T. (2024). “Demo: Efficient and Timely Revocation of V2X Credentials.” In Symposium on Vehicles Security and Privacy (VehicleSec). doi:10.14722/vehiclesec.2024.25002
  7. Alder, F., Scopelliti, G., Van Bulck, J., & Mühlberg, J. T. (2023). “About Time: On the Challenges of Temporal Guarantees in Untrusted Environments.” In Workshop on System Software for Trusted Execution (SysTEX 2023). doi:10.1145/3578359.3593038
  8. Budigiri, G., Baumann, C., Truyen, E., Mühlberg, J. T., & Joosen, W. (2023). “Zero-cost In-depth Enforcement of Network Policies for Low-latency Cloud-native Systems.” In IEEE International Conference on Cloud Computing (CLOUD 2023). doi:10.1109/CLOUD60044.2023.00036
  9. Dimova, Y., Mrunmayee, K., Kalantari, S., Wuyts, K., Joosen, W., & Mühlberg, J. T. (2023). “From Privacy Policies to Privacy Threats: A Case Study in Policy-Based Threat Modeling.” In Proceedings of the 22nd Workshop on Privacy in the Electronic Society (WPES ’23). New York, NY, USA: ACM. doi:10.1145/3603216.3624962
  10. Gülmez, M., Nyman, T., Baumann, C., & Mühlberg, J. T. (2023). “Exploring the Environmental Benefits of In-Process Isolation for Software Resilience.” In 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN Doctoral Forum 2023). doi:10.1109/DSN-S58398.2023.00056
  11. Gülmez, M., Nyman, T., Baumann, C., & Mühlberg, J. T. (2023). “Rewind & Discard: Improving Software Resilience using Isolated Domains.” In 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2023). doi:10.1109/DSN58367.2023.00046
  12. Gülmez, M., Nyman, T., Baumann, C., & Mühlberg, J. T. (2023). “Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust.” In Proceedings of the 2023 IEEE Secure Development Conference (SecDev 2023). doi:10.1109/SecDev56634.2023.00020
  13. Jansen, F., Gülmez, M., Kazansky, B., Bakari, N. A., Fernandez, C., Kingaby, H., & Mühlberg, J. T. (2023). “The Climate Crisis is a Digital Rights Crisis: Exploring the Civil-Society Framing of Two Intersecting Disasters.” In Proceedings of the 9th Workshop on Computing within Limits (LIMITS 2023). PubPub. doi:10.21428/bf6fb269.b4704652
  14. Mühlberg, J. T. (2022). “Sustaining Security and Safety in ICT: A Quest for Terminology, Objectives, and Limits.” In Proceeding of the 8th Workshop on Computing within Limits (LIMITS 2022). doi:10.21428/bf6fb269.58c3a89d
  15. Alder, F., Van Bulck, J., Piessens, F., & Mühlberg, J. T. (2021). “Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves.” In CCS ’21. New York, NY, USA: ACM. doi:10.1145/3460120.3484782
  16. Budigiri, G., Baumann, C., Mühlberg, J. T., Truyen, E., & Joosen, W. (2021). “Network Policies in Kubernetes: Performance Evaluation and Security Analysis.” In Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit), LNCS. Heidelberg: Springer. doi:10.1109/EuCNC/6GSummit51104.2021.9482526
  17. Scopelliti, G., Pouyanrad, S., Noorman, J., Alder, F., Piessens, F., & Mühlberg, J. T. (2021). “POSTER: An Open-Source Framework for Developing Heterogeneous Distributed Enclave Applications.” In CCS ’21. New York, NY, USA: ACM. doi:10.1145/3460120.3485341
  18. Winderix, H., Mühlberg, J. T., & Piessens, F. (2021). “Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks.” In EuroS&P ’21 (pp. 667–682). Washington, DC, USA: IEEE. doi:10.1109/EuroSP51992.2021.00050
  19. Busi, M., Noorman, J., Van Bulck, J., Galletta, L., Degano, P., Mühlberg, J. T., & Piessens, F. (2020). “Securing Interruptible Enclaves.” In Principles of Secure Compilation (PriSC). Retrieved from https://www.beetzsee.de/posts/papers/2020-prisc-nemdef.pdf
  20. Busi, M., Noorman, J., Van Bulck, J., Galletta, L., Degano, P., Mühlberg, J. T., & Piessens, F. (2020). “Provably secure isolation for interruptible enclaved execution on small microprocessors.” In Computer Security Foundations Symposium (CSF). IEEE. doi:10.1109/CSF49147.2020.00026
  21. Pennekamp, J., Alder, F., Matzutt, R., Mühlberg, J. T., Piessens, F., & Wehrle, K. (2020). “Secure End-to-End Sensing in Supply Chains.” In Conference on Communications and Network Security (CNS). IEEE. doi:10.1109/CNS48642.2020.9162337
  22. Pouyanrad, S., Mühlberg, J. T., & Joosen, W. (2020). “SCF MSP: static detection of side channels in MSP430 programs.” In Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES) (pp. 1–10). doi:10.1145/3407023.3407050
  23. Werquin, T., Hubrechtsen, R., Thangarajan, A., Piessens, F., & Mühlberg, J. T. (2019). “Automated Fuzzing of Automotive Control Units.” In International Workshop on Attacks and Defenses for Internet-of-Things (ADIoT) / International Workshop on the Secure Internet of Things (SIoT) (pp. 1–8). ACM. doi:10.1109/SIOT48044.2019.9637090
  24. Boockmann, J. H., Lüttgen, G., & Mühlberg, J. T. (2018). “Generating Inductive Shape Predicates for Runtime Checking and Formal Verification.” In ISoLA ’18, LNCS (Vol. 9276, pp. 37–52). Heidelberg: Springer. doi:10.1007/978-3-030-03421-4_5
  25. Mühlberg, J. T., & Van Bulck, J. (2018). “Tutorial: Building Distributed Enclave Applications with Sancus and SGX.” In DSN ’18. IEEE. Retrieved from https://www.beetzsee.de/posts/papers/2018-dsn-tutorial.pdf
  26. Noorman, J., Mühlberg, J. T., & Piessens, F. (2017). “Authentic Execution of Distributed Event-Driven Applications with a Small TCB.” In STM ’17, LNCS (Vol. 10547, pp. 55–71). Heidelberg: Springer. doi:10.1007/978-3-319-68063-7_4
  27. Van Bulck, J., Mühlberg, J. T., & Piessens, F. (2017). “VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks.” In ACSAC ’17 (pp. 225–237). New York, NY, USA: ACM. doi:10.1145/3134600.3134623
  28. Mühlberg, J. T., Cleemput, S., Mustafa, A. M., Van Bulck, J., Preneel, B., & Piessens, F. (2016). “An Implementation of a High Assurance Smart Meter using Protected Module Architectures.” In WISTP ’16, LNCS (Vol. 9895, pp. 53–69). Heidelberg: Springer. doi:10.1007/978-3-319-45931-8_4
  29. Piessens, F., Devriese, D., Mühlberg, J. T., & Strackx, R. (2016). “Security guarantees for the execution infrastructure of software applications.” In Cybersecurity Development Conference (SecDev ’16) (pp. 81–87). New York: IEEE. doi:10.1109/SecDev.2016.030
  30. Rupprecht, T., Chen, X., White, D. H., Mühlberg, J. T., Bos, H., & Lüttgen, G. (2016). “POSTER: Identifying Dynamic Data Structures in Malware.” In CCS ’16 (pp. 1772–1774). New York: ACM. doi:10.1145/2976749.2989041
  31. Van Bulck, J., Noorman, J., Mühlberg, J. T., & Piessens, F. (2016). “Towards Availability and Real-Time Guarantees for Protected Module Architectures.” In MASS ’16, MODULARITY Companion 2016 (pp. 146–151). New York: ACM. doi:10.1145/2892664.2892693
  32. van Ginkel, N., Strackx, R., Mühlberg, J. T., & Piessens, F. (2016). “Towards Safe Enclaves.” In 4th Workshop on Hot Issues in Security Principles and Trust (HotSpot ’16) (pp. 33–48). IFIP. Retrieved from https://www.beetzsee.de/posts/papers/2016-hotspot-safe-enclaves.pdf
  33. Mühlberg, J. T., White, D., Dodds, M., Lüttgen, G., & Piessens, F. (2015). “Learning Assertions to Verify Linked-List Programs.” In SEFM ’15, LNCS (Vol. 9276, pp. 37–52). Heidelberg: Springer. doi:10.1007/978-3-319-22969-0_3
  34. Mühlberg, J. T., Noorman, J., & Piessens, F. (2015). “Lightweight and Flexible Trust Assessment Modules for the Internet of Things.” In ESORICS ’15, LNCS (Vol. 9326, pp. 503–520). Heidelberg: Springer. doi:10.1007/978-3-319-24174-6_26
  35. Van Bulck, J., Noorman, J., Mühlberg, J. T., & Piessens, F. (2015). “Secure Resource Sharing for Embedded Protected Module Architectures.” In WISTP ’15, LNCS (Vol. 9311, pp. 71–87). Heidelberg: Springer. doi:10.1007/978-3-319-24018-3_5
  36. Gadaleta, F., Nikiforakis, N., Mühlberg, J. T., & Joosen, W. (2012). “HyperForce: Hypervisor-enForced Execution of Security-Critical Code.” In IFIP SEC 2012, IFIP Advances in Information and Communication Technology (Vol. 376, pp. 126–137). Heidelberg: Springer. doi:10.1007/978-3-642-30436-1_11
  37. Penninckx, W., Mühlberg, J. T., Jan Smans, B. J., & Piessens, F. (2012). “Sound Formal Verification of Linux’s USB BP Keyboard Driver.” In NFM 2012, LNCS (Vol. 7226, pp. 210–215). Heidelberg: Springer. doi:10.1007/978-3-642-28891-3_21
  38. Massacci, F., Bouquet, F., Fourneret, E., Jürjens, J., Lund, M. S., Madelenat, S., Mühlberg, J. T., et al. (2011). “Orchestrating Security and System Engineering for Evolving Systems.” In ServiceWave 2011, LNCS (Vol. 6994, pp. 134–143). Heidelberg: Springer. doi:10.1007/978-3-642-24755-2_12
  39. Mühlberg, J. T., & Freitas, L. (2011). “Verifying FreeRTOS: from requirements to binary code.” In AVoCS ’11, Computing Science Technical Reports, Newcastle University (Vol. CS-TR-1272). Retrieved from https://www.beetzsee.de/posts/papers/2011-avocs-freertos.pdf
  40. Mühlberg, J. T., & Lüttgen, G. (2010). “Symbolic Object Code Analysis.” In SPIN ’10, LNCS (Vol. 6349, pp. 4–21). Heidelberg: Springer. doi:10.1007/978-3-642-16164-3_2
  41. Galloway, A., Lüttgen, G., Mühlberg, J. T., & Siminiceanu, R. (2009). “Model-Checking the Linux Virtual File System.” In VMCAI ’09, LNCS (Vol. 5403, pp. 74–88). Heidelberg: Springer. doi:10.1007/978-3-540-93900-9_10
  42. Mühlberg, J. T., & Lüttgen, G. (2009). “Verifying Compiled File System Code.” In SBMF ’09, LNCS (Vol. 5902, pp. 306–320). Heidelberg: Springer. doi:10.1007/978-3-642-10452-7_21
  43. Mühlberg, J. T., & Lüttgen, G. (2007). “BLASTing Linux code.” In FMICS ’06, LNCS (Vol. 4346, pp. 211–226). Heidelberg: Springer. doi:10.1007/978-3-540-70952-7_14
  44. Mühlberg, J. T. (2006). “Software Engineering und Softwarequalität in Open-Source-Projekten.” In Open Source Jahrbuch 2006: Zwischen Softwareentwicklung und Gesellschaftsmodell (pp. 251–262). Berlin, Germany: Technische Universität Berlin and Lehmanns Media. Retrieved from https://www.beetzsee.de/posts/papers/2006-ossjb-quality.pdf

Journal Articles

  1. Bader, L., Pennekamp, J., Alder, F., Scopelliti, G., Mühlberg, J. T., & Wehrle, K. (2024). “Securing Sensing in Supply Chains: Opportunities, Building Blocks, and Designs.” IEEE Access. doi:10.1109/ACCESS.2024.3350778
  2. Sas, M., Denoo, M., & Mühlberg, J. T. (2023). “Informing Children about Privacy: A Review and Assessment of Age-Appropriate Information Designs in Kids-Oriented F2P Video Games.” Proceedings of the ACM on Human-Computer Interaction (PACMHCI): Annual Symposium on Computer-Human Interaction in Play (CHI PLAY 2023). doi:10.1145/3611036
  3. Scopelliti, G., Pouyanrad, S., Noorman, J., Alder, F., Baumann, C., Piessens, F., & Mühlberg, J. T. (2023). “End-to-End Security for Distributed Event-Driven Enclave Applications on Heterogeneous TEEs.” ACM Transactions on Privacy and Security, 3592607. doi:10.1145/3592607
  4. Crepax, T., & Mühlberg, J. T. (2022). “Upgrading the protection of children from manipulative and addictive strategies in online games: Legal and technical solutions beyond privacy regulation.” The International Review of Information Ethics, special issue on Ethics in the Age of Smart Systems, 31(1), 1–25. doi:10.29173/irie480
  5. Yoshizawa, T., Singelée, D., Mühlberg, J. T., Delbruel, S., Taherkordi, A., Hughes, D., & Preneel, B. (2022). “A Survey of Security and Privacy Issues in V2X Communication Systems.” ACM Computing Surveys, 3558052. doi:10.1145/3558052
  6. Busi, M., Noorman, J., Van Bulck, J., Galletta, L., Degano, P., Mühlberg, J. T., & Piessens, F. (2021). “Securing Interruptible Enclaved Execution on Small Microprocessors.” Transactions on Programming Languages and Systems (TOPLAS). doi:10.1145/3470534
  7. Vanderhallen, S., Bulck, J. V., Piessens, F., & Mühlberg, J. T. (2021). “Robust Authentication for Automotive Control Networks through Covert Channels.” Intern. J. of Computer and Telecommunications Networking (COMNET), 193, 1–15. doi:10.1016/j.comnet.2021.108079
  8. Mühlberg, J. T., & Van Bulck, J. (2018). “Reflections on post-Meltdown trusted computing: A case for open security processors.” ;login: the USENIX magazine, 43(3), 1–4. Retrieved from https://www.beetzsee.de/posts/papers/2018-login-meltdown.pdf
  9. Noorman, J., Van Bulck, J., Mühlberg, J. T., Piessens, F., Maene, P., Preneel, B., Verbauwhede, I., et al. (2017). “Sancus 2.0: A Low-Cost Security Architecture for IoT Devices.” ACM Transactions on Privacy and Security (TOPS), 20(3), 7:1–7:33. doi:10.1145/3079763
  10. Mühlberg, J. T., & Lüttgen, G. (2014). “Symbolic Object Code Analysis.” Intern. J. on Software Tools for Technology Transfer (STTT), 16, 81–102. doi:10.1007/s10009-012-0256-8
  11. Philippaerts, P., Mühlberg, J. T., Penninckx, W., Smans, J., Jacobs, B., & Piessens, F. (2014). “Software Verification with VeriFast: Industrial Case Studies.” Science of Computer Programming (SCP), 82, 77–97. doi:10.1016/j.scico.2013.01.006
  12. Mühlberg, J. T., & Lüttgen, G. (2012). “Verifying Compiled File System Code.” Formal Aspects of Computing, 24(3), 375–391. doi:10.1007/s00165-011-0198-z

Invited Articles, Drafts, Reports, Editorial Work, Other Contributions

  1. Sas, M., & Mühlberg, J. T. (2024). “Trustworthy Age Assurance? A risk-based evaluation of available and upcoming age assurance technologies from a fundamental rights perspective.” Retrieved from https://www.greens-efa.eu/en/article/document/trustworthy-age-assurance
  2. Commission, E., & Agency, E. R. E. (2023). Marie Sklodowska-Curie actions – Lessons Learnt from the implementation of European Industrial Doctorates in Horizon 2020 – Report from the Cluster Event with European Industrial Doctorates (10 November 2022). Publications Office of the European Union. doi:doi/10.2848/48902
  3. Turhan, G., Nyman, T., Bauman, C., & Mühlberg, J. T. (2022). “Unlimited Lives: Secure In-Process Rollback with Isolated Domains.” arXiv:2205.03205 [cs]. doi:10.48550/arXiv.2205.03205
  4. Scopelliti, G., Pouyanrad, S., Noorman, J., Alder, F., Baumann, C., Piessens, F., & Mühlberg, J. T. (2022). “End-to-End Security for Distributed Event-Driven Enclave Applications on Heterogeneous TEEs.” arXiv:2206.01041 [cs]. doi:10.48550/arXiv.2206.01041
  5. Molnar, P. (2020, November). “Technological Testing Grounds: Migration Management Experiments and Reflections from the Ground Up.” Retrieved from https://edri.org/wp-content/uploads/2020/11/Technological-Testing-Grounds.pdf
  6. Bohn, F., Anderson, T., Barca, S., Blakeley, G., Bright, S., Chertkovskaya, E., D’Alisa, G., et al. (2019, December). “A Blueprint for Europe’s Just Transition: The Green New Deal for Europe.” (D. Adler, D. Wargan, & S. Prakash, Eds.). Retrieved from https://report.gndforeurope.com/cms/wp-content/uploads/2020/01/Blueprint-for-Europes-Just-Transition-2nd-Ed.pdf
  7. Mühlberg, J. T., Bulck, J. V., Maene, P., Noorman, J., Preneel, B., Verbauwhede, I., & Piessens, F. (2019). “Architectural Security for Embedded Control Systems.” Software Blog. Retrieved from http://blog.ieeesoftware.org/2019/05/architectural-security-for-embedded.html
  8. Mühlberg, J. T., & Nuñez, S. (2016). “Emerging Challenges in Embedded Software.” Nuevas Tecnologías Blog. Retrieved from https://www.beetzsee.de/posts/papers/2016-tecnonews-qatest-en.pdf
  9. Mühlberg, J. T., & Nuñez, S. (2016). “Nuevos desafíos en el Software Embedded.” Nuevas Tecnologías Blog. Retrieved from https://www.tecnonews.info/opiniones/nuevos_desafios_en_el_software_embedded
  10. De Ryck, L., Phillipe Desmet, Joosen, W., Mühlberg, J. T., Piessens, F., Johns, M., Lekies, S., Davies, E., et al. (2013). “D1.1: Web-platform security guide: Security assessment of the Web ecosystem.” STREWS EU Project. Retrieved from http://www.strews.eu/
  11. Fontaine, A., Gadyatskaya, O., Piessens, F., Simplot-Ryl, I., Mühlberg, J. T., Massacci, F., Phillipov, A., et al. (2012). “D6.6: Development-Time and On-Device Interplay.” SecureChange EU Project. Retrieved from http://www.securechange.eu
  12. Mühlberg, J. T., & Lüttgen, G. (2010). “Symbolic Object Code Analysis.” Faculty of Information Systems and Applied Computer Science, The University of Bamberg. Retrieved from http://www.opus-bayern.de/uni-bamberg/volltexte/2010/236/
  13. Mühlberg, J. T. (2010). Model Checking Pointer Safety in Compiled Programs (PhD thesis). Department of Computer Science, University of York.
  14. Galloway, A., Mühlberg, J. T., Siminiceanu, R., & Lüttgen, G. (2007). Model-checking Part of a Linux File System (No. YCS-2007-423). Department of Computer Science, University of York, UK.
  15. Mühlberg, J. T., & Lüttgen, G. (2007). “BLASTing Linux Code.” Department of Computer Science, University of York, UK. Retrieved from https://www.beetzsee.de/posts/papers/2007-ycs-417-blast.pdf
  16. Mühlberg, J. T., & Perna, J. I. (Eds.). (2007). Proc. 1st York Doctoral Symposium on Computing. Technical Reports in Computer Science. Department of Computer Science, The University of York.
  17. Heinrich, H., Holl, F., Menzel, K., Mühlberg, J. T., Schäfer, I., & Schüngel, H. (2006). Metastudie Open-Source-Software und ihre Bedeutung für Innovatives Handeln. Berlin, Germany: Friedrich Holl, self-published.
  18. Holl, F., Menzel, K., Morcinek, P., Mühlberg, J. T., Schäfer, I., & Schüngel, H. (2006). Forschungsbericht: Innovationsverhalten deutscher Software-Entwicklungsunternehmen. Berlin, Germany: Friedrich Holl, self-published.

Last modified: 2022-11-14 14:33:30 +0100