[This page is probably not up to date. Google Scholar and ORCID tend to have a better view on what I’m up to.]
- Key Publications
- Conference Papers
- Journal Articles
- Invited Articles, Drafts, Reports, Editorial Work, Other Contributions
Key Publications
This post at the IEEE Software Blog gives a good overview of the thechnology I’m working on:
- Mühlberg, J. T., Bulck, J. V., Maene, P., Noorman, J., Preneel, B., Verbauwhede, I., & Piessens, F. (2019). “Architectural Security for Embedded Control Systems.” Software Blog. Retrieved from http://blog.ieeesoftware.org/2019/05/architectural-security-for-embedded.html
Key publications at academic venues:
- Alder, F., Van Bulck, J., Piessens, F., & Mühlberg, J. T. (2021). “Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves.” In CCS ’21. New York, NY, USA: ACM. doi:10.1145/3460120.3484782
- Winderix, H., Mühlberg, J. T., & Piessens, F. (2021). “Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks.” In EuroS&P ’21 (pp. 667–682). Washington, DC, USA: IEEE. doi:10.1109/EuroSP51992.2021.00050
- Van Bulck, J., Mühlberg, J. T., & Piessens, F. (2017). “VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks.” In ACSAC ’17 (pp. 225–237). New York, NY, USA: ACM. doi:10.1145/3134600.3134623
- Noorman, J., Van Bulck, J., Mühlberg, J. T., Piessens, F., Maene, P., Preneel, B., Verbauwhede, I., et al. (2017). “Sancus 2.0: A Low-Cost Security Architecture for IoT Devices.” ACM Transactions on Privacy and Security (TOPS), 20(3), 7:1–7:33. doi:10.1145/3079763
- Philippaerts, P., Mühlberg, J. T., Penninckx, W., Smans, J., Jacobs, B., & Piessens, F. (2014). “Software Verification with VeriFast: Industrial Case Studies.” Science of Computer Programming (SCP), 82, 77–97. doi:10.1016/j.scico.2013.01.006
Conference Papers
- Chiavassa, P., Gandino, F., Ferrero, R., & Mühlberg, J. T. (2024). “Secure Intermittent Computing with ARM TrustZone on the Cortex-M.” In Workshop on System Software for Trusted Execution (SysTEX 2024). doi:10.1109/EuroSPW61312.2024.00022
- De Pauw, C., Mühlberg, J. T., & Dricot, J.-M. (2024). “An Improved PUF-Based Privacy-Preserving IoT Protocol for Cloud Storage.” In International Conference on Information Systems Security and Privacy (ICISSP). doi:10.5220/0012326000003648
- Pouyanrad, S., Alder, F., & Mühlberg, J. T. (2024). Automated Side-Channel Analysis of \{ARM TrustZone-M Programs. In 10th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS 2024).
- Scopelliti, G., Baumann, C., & Mühlberg, J. T. (2024). “Understanding Trust Relationships in Cloud-Based Confidential Computing.” In Workshop on System Software for Trusted Execution (SysTEX 2024). doi:10.1109/EuroSPW61312.2024.00023
- Scopelliti, G., Bauman, C., Alder, F., Truyen, E., & Mühlberg, J. T. (2024). “Efficient and Timely Revocation of V2X Credentials.” In Network and Distributed System Security Symposium (NDSS). doi:10.14722/ndss.2024.24017
- Scopelliti, G., Bauman, C., Alder, F., Truyen, E., & Mühlberg, J. T. (2024). “Demo: Efficient and Timely Revocation of V2X Credentials.” In Symposium on Vehicles Security and Privacy (VehicleSec). doi:10.14722/vehiclesec.2024.25002
- Alder, F., Scopelliti, G., Van Bulck, J., & Mühlberg, J. T. (2023). “About Time: On the Challenges of Temporal Guarantees in Untrusted Environments.” In Workshop on System Software for Trusted Execution (SysTEX 2023). doi:10.1145/3578359.3593038
- Budigiri, G., Baumann, C., Truyen, E., Mühlberg, J. T., & Joosen, W. (2023). “Zero-cost In-depth Enforcement of Network Policies for Low-latency Cloud-native Systems.” In IEEE International Conference on Cloud Computing (CLOUD 2023). doi:10.1109/CLOUD60044.2023.00036
- Dimova, Y., Mrunmayee, K., Kalantari, S., Wuyts, K., Joosen, W., & Mühlberg, J. T. (2023). “From Privacy Policies to Privacy Threats: A Case Study in Policy-Based Threat Modeling.” In Proceedings of the 22nd Workshop on Privacy in the Electronic Society (WPES ’23). New York, NY, USA: ACM. doi:10.1145/3603216.3624962
- Gülmez, M., Nyman, T., Baumann, C., & Mühlberg, J. T. (2023). “Exploring the Environmental Benefits of In-Process Isolation for Software Resilience.” In 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN Doctoral Forum 2023). doi:10.1109/DSN-S58398.2023.00056
- Gülmez, M., Nyman, T., Baumann, C., & Mühlberg, J. T. (2023). “Rewind & Discard: Improving Software Resilience using Isolated Domains.” In 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2023). doi:10.1109/DSN58367.2023.00046
- Gülmez, M., Nyman, T., Baumann, C., & Mühlberg, J. T. (2023). “Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust.” In Proceedings of the 2023 IEEE Secure Development Conference (SecDev 2023). doi:10.1109/SecDev56634.2023.00020
- Jansen, F., Gülmez, M., Kazansky, B., Bakari, N. A., Fernandez, C., Kingaby, H., & Mühlberg, J. T. (2023). “The Climate Crisis is a Digital Rights Crisis: Exploring the Civil-Society Framing of Two Intersecting Disasters.” In Proceedings of the 9th Workshop on Computing within Limits (LIMITS 2023). PubPub. doi:10.21428/bf6fb269.b4704652
- Mühlberg, J. T. (2022). “Sustaining Security and Safety in ICT: A Quest for Terminology, Objectives, and Limits.” In Proceeding of the 8th Workshop on Computing within Limits (LIMITS 2022). doi:10.21428/bf6fb269.58c3a89d
- Alder, F., Van Bulck, J., Piessens, F., & Mühlberg, J. T. (2021). “Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves.” In CCS ’21. New York, NY, USA: ACM. doi:10.1145/3460120.3484782
- Budigiri, G., Baumann, C., Mühlberg, J. T., Truyen, E., & Joosen, W. (2021). “Network Policies in Kubernetes: Performance Evaluation and Security Analysis.” In Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit), LNCS. Heidelberg: Springer. doi:10.1109/EuCNC/6GSummit51104.2021.9482526
- Scopelliti, G., Pouyanrad, S., Noorman, J., Alder, F., Piessens, F., & Mühlberg, J. T. (2021). “POSTER: An Open-Source Framework for Developing Heterogeneous Distributed Enclave Applications.” In CCS ’21. New York, NY, USA: ACM. doi:10.1145/3460120.3485341
- Winderix, H., Mühlberg, J. T., & Piessens, F. (2021). “Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks.” In EuroS&P ’21 (pp. 667–682). Washington, DC, USA: IEEE. doi:10.1109/EuroSP51992.2021.00050
- Busi, M., Noorman, J., Van Bulck, J., Galletta, L., Degano, P., Mühlberg, J. T., & Piessens, F. (2020). “Securing Interruptible Enclaves.” In Principles of Secure Compilation (PriSC). Retrieved from https://www.beetzsee.de/posts/papers/2020-prisc-nemdef.pdf
- Busi, M., Noorman, J., Van Bulck, J., Galletta, L., Degano, P., Mühlberg, J. T., & Piessens, F. (2020). “Provably secure isolation for interruptible enclaved execution on small microprocessors.” In Computer Security Foundations Symposium (CSF). IEEE. doi:10.1109/CSF49147.2020.00026
- Pennekamp, J., Alder, F., Matzutt, R., Mühlberg, J. T., Piessens, F., & Wehrle, K. (2020). “Secure End-to-End Sensing in Supply Chains.” In Conference on Communications and Network Security (CNS). IEEE. doi:10.1109/CNS48642.2020.9162337
- Pouyanrad, S., Mühlberg, J. T., & Joosen, W. (2020). “SCF MSP: static detection of side channels in MSP430 programs.” In Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES) (pp. 1–10). doi:10.1145/3407023.3407050
- Werquin, T., Hubrechtsen, R., Thangarajan, A., Piessens, F., & Mühlberg, J. T. (2019). “Automated Fuzzing of Automotive Control Units.” In International Workshop on Attacks and Defenses for Internet-of-Things (ADIoT) / International Workshop on the Secure Internet of Things (SIoT) (pp. 1–8). ACM. doi:10.1109/SIOT48044.2019.9637090
- Boockmann, J. H., Lüttgen, G., & Mühlberg, J. T. (2018). “Generating Inductive Shape Predicates for Runtime Checking and Formal Verification.” In ISoLA ’18, LNCS (Vol. 9276, pp. 37–52). Heidelberg: Springer. doi:10.1007/978-3-030-03421-4_5
- Mühlberg, J. T., & Van Bulck, J. (2018). “Tutorial: Building Distributed Enclave Applications with Sancus and SGX.” In DSN ’18. IEEE. Retrieved from https://www.beetzsee.de/posts/papers/2018-dsn-tutorial.pdf
- Noorman, J., Mühlberg, J. T., & Piessens, F. (2017). “Authentic Execution of Distributed Event-Driven Applications with a Small TCB.” In STM ’17, LNCS (Vol. 10547, pp. 55–71). Heidelberg: Springer. doi:10.1007/978-3-319-68063-7_4
- Van Bulck, J., Mühlberg, J. T., & Piessens, F. (2017). “VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks.” In ACSAC ’17 (pp. 225–237). New York, NY, USA: ACM. doi:10.1145/3134600.3134623
- Mühlberg, J. T., Cleemput, S., Mustafa, A. M., Van Bulck, J., Preneel, B., & Piessens, F. (2016). “An Implementation of a High Assurance Smart Meter using Protected Module Architectures.” In WISTP ’16, LNCS (Vol. 9895, pp. 53–69). Heidelberg: Springer. doi:10.1007/978-3-319-45931-8_4
- Piessens, F., Devriese, D., Mühlberg, J. T., & Strackx, R. (2016). “Security guarantees for the execution infrastructure of software applications.” In Cybersecurity Development Conference (SecDev ’16) (pp. 81–87). New York: IEEE. doi:10.1109/SecDev.2016.030
- Rupprecht, T., Chen, X., White, D. H., Mühlberg, J. T., Bos, H., & Lüttgen, G. (2016). “POSTER: Identifying Dynamic Data Structures in Malware.” In CCS ’16 (pp. 1772–1774). New York: ACM. doi:10.1145/2976749.2989041
- Van Bulck, J., Noorman, J., Mühlberg, J. T., & Piessens, F. (2016). “Towards Availability and Real-Time Guarantees for Protected Module Architectures.” In MASS ’16, MODULARITY Companion 2016 (pp. 146–151). New York: ACM. doi:10.1145/2892664.2892693
- van Ginkel, N., Strackx, R., Mühlberg, J. T., & Piessens, F. (2016). “Towards Safe Enclaves.” In 4th Workshop on Hot Issues in Security Principles and Trust (HotSpot ’16) (pp. 33–48). IFIP. Retrieved from https://www.beetzsee.de/posts/papers/2016-hotspot-safe-enclaves.pdf
- Mühlberg, J. T., White, D., Dodds, M., Lüttgen, G., & Piessens, F. (2015). “Learning Assertions to Verify Linked-List Programs.” In SEFM ’15, LNCS (Vol. 9276, pp. 37–52). Heidelberg: Springer. doi:10.1007/978-3-319-22969-0_3
- Mühlberg, J. T., Noorman, J., & Piessens, F. (2015). “Lightweight and Flexible Trust Assessment Modules for the Internet of Things.” In ESORICS ’15, LNCS (Vol. 9326, pp. 503–520). Heidelberg: Springer. doi:10.1007/978-3-319-24174-6_26
- Van Bulck, J., Noorman, J., Mühlberg, J. T., & Piessens, F. (2015). “Secure Resource Sharing for Embedded Protected Module Architectures.” In WISTP ’15, LNCS (Vol. 9311, pp. 71–87). Heidelberg: Springer. doi:10.1007/978-3-319-24018-3_5
- Gadaleta, F., Nikiforakis, N., Mühlberg, J. T., & Joosen, W. (2012). “HyperForce: Hypervisor-enForced Execution of Security-Critical Code.” In IFIP SEC 2012, IFIP Advances in Information and Communication Technology (Vol. 376, pp. 126–137). Heidelberg: Springer. doi:10.1007/978-3-642-30436-1_11
- Penninckx, W., Mühlberg, J. T., Jan Smans, B. J., & Piessens, F. (2012). “Sound Formal Verification of Linux’s USB BP Keyboard Driver.” In NFM 2012, LNCS (Vol. 7226, pp. 210–215). Heidelberg: Springer. doi:10.1007/978-3-642-28891-3_21
- Massacci, F., Bouquet, F., Fourneret, E., Jürjens, J., Lund, M. S., Madelenat, S., Mühlberg, J. T., et al. (2011). “Orchestrating Security and System Engineering for Evolving Systems.” In ServiceWave 2011, LNCS (Vol. 6994, pp. 134–143). Heidelberg: Springer. doi:10.1007/978-3-642-24755-2_12
- Mühlberg, J. T., & Freitas, L. (2011). “Verifying FreeRTOS: from requirements to binary code.” In AVoCS ’11, Computing Science Technical Reports, Newcastle University (Vol. CS-TR-1272). Retrieved from https://www.beetzsee.de/posts/papers/2011-avocs-freertos.pdf
- Mühlberg, J. T., & Lüttgen, G. (2010). “Symbolic Object Code Analysis.” In SPIN ’10, LNCS (Vol. 6349, pp. 4–21). Heidelberg: Springer. doi:10.1007/978-3-642-16164-3_2
- Galloway, A., Lüttgen, G., Mühlberg, J. T., & Siminiceanu, R. (2009). “Model-Checking the Linux Virtual File System.” In VMCAI ’09, LNCS (Vol. 5403, pp. 74–88). Heidelberg: Springer. doi:10.1007/978-3-540-93900-9_10
- Mühlberg, J. T., & Lüttgen, G. (2009). “Verifying Compiled File System Code.” In SBMF ’09, LNCS (Vol. 5902, pp. 306–320). Heidelberg: Springer. doi:10.1007/978-3-642-10452-7_21
- Mühlberg, J. T., & Lüttgen, G. (2007). “BLASTing Linux code.” In FMICS ’06, LNCS (Vol. 4346, pp. 211–226). Heidelberg: Springer. doi:10.1007/978-3-540-70952-7_14
- Mühlberg, J. T. (2006). “Software Engineering und Softwarequalität in Open-Source-Projekten.” In Open Source Jahrbuch 2006: Zwischen Softwareentwicklung und Gesellschaftsmodell (pp. 251–262). Berlin, Germany: Technische Universität Berlin and Lehmanns Media. Retrieved from https://www.beetzsee.de/posts/papers/2006-ossjb-quality.pdf
Journal Articles
- Bader, L., Pennekamp, J., Alder, F., Scopelliti, G., Mühlberg, J. T., & Wehrle, K. (2024). “Securing Sensing in Supply Chains: Opportunities, Building Blocks, and Designs.” IEEE Access. doi:10.1109/ACCESS.2024.3350778
- Sas, M., Denoo, M., & Mühlberg, J. T. (2023). “Informing Children about Privacy: A Review and Assessment of Age-Appropriate Information Designs in Kids-Oriented F2P Video Games.” Proceedings of the ACM on Human-Computer Interaction (PACMHCI): Annual Symposium on Computer-Human Interaction in Play (CHI PLAY 2023). doi:10.1145/3611036
- Scopelliti, G., Pouyanrad, S., Noorman, J., Alder, F., Baumann, C., Piessens, F., & Mühlberg, J. T. (2023). “End-to-End Security for Distributed Event-Driven Enclave Applications on Heterogeneous TEEs.” ACM Transactions on Privacy and Security, 3592607. doi:10.1145/3592607
- Crepax, T., & Mühlberg, J. T. (2022). “Upgrading the protection of children from manipulative and addictive strategies in online games: Legal and technical solutions beyond privacy regulation.” The International Review of Information Ethics, special issue on Ethics in the Age of Smart Systems, 31(1), 1–25. doi:10.29173/irie480
- Yoshizawa, T., Singelée, D., Mühlberg, J. T., Delbruel, S., Taherkordi, A., Hughes, D., & Preneel, B. (2022). “A Survey of Security and Privacy Issues in V2X Communication Systems.” ACM Computing Surveys, 3558052. doi:10.1145/3558052
- Busi, M., Noorman, J., Van Bulck, J., Galletta, L., Degano, P., Mühlberg, J. T., & Piessens, F. (2021). “Securing Interruptible Enclaved Execution on Small Microprocessors.” Transactions on Programming Languages and Systems (TOPLAS). doi:10.1145/3470534
- Vanderhallen, S., Bulck, J. V., Piessens, F., & Mühlberg, J. T. (2021). “Robust Authentication for Automotive Control Networks through Covert Channels.” Intern. J. of Computer and Telecommunications Networking (COMNET), 193, 1–15. doi:10.1016/j.comnet.2021.108079
- Mühlberg, J. T., & Van Bulck, J. (2018). “Reflections on post-Meltdown trusted computing: A case for open security processors.” ;login: the USENIX magazine, 43(3), 1–4. Retrieved from https://www.beetzsee.de/posts/papers/2018-login-meltdown.pdf
- Noorman, J., Van Bulck, J., Mühlberg, J. T., Piessens, F., Maene, P., Preneel, B., Verbauwhede, I., et al. (2017). “Sancus 2.0: A Low-Cost Security Architecture for IoT Devices.” ACM Transactions on Privacy and Security (TOPS), 20(3), 7:1–7:33. doi:10.1145/3079763
- Mühlberg, J. T., & Lüttgen, G. (2014). “Symbolic Object Code Analysis.” Intern. J. on Software Tools for Technology Transfer (STTT), 16, 81–102. doi:10.1007/s10009-012-0256-8
- Philippaerts, P., Mühlberg, J. T., Penninckx, W., Smans, J., Jacobs, B., & Piessens, F. (2014). “Software Verification with VeriFast: Industrial Case Studies.” Science of Computer Programming (SCP), 82, 77–97. doi:10.1016/j.scico.2013.01.006
- Mühlberg, J. T., & Lüttgen, G. (2012). “Verifying Compiled File System Code.” Formal Aspects of Computing, 24(3), 375–391. doi:10.1007/s00165-011-0198-z
Invited Articles, Drafts, Reports, Editorial Work, Other Contributions
- Sas, M., & Mühlberg, J. T. (2024). “Trustworthy Age Assurance? A risk-based evaluation of available and upcoming age assurance technologies from a fundamental rights perspective.” Retrieved from https://www.greens-efa.eu/en/article/document/trustworthy-age-assurance
- Commission, E., & Agency, E. R. E. (2023). Marie Sklodowska-Curie actions – Lessons Learnt from the implementation of European Industrial Doctorates in Horizon 2020 – Report from the Cluster Event with European Industrial Doctorates (10 November 2022). Publications Office of the European Union. doi:doi/10.2848/48902
- Turhan, G., Nyman, T., Bauman, C., & Mühlberg, J. T. (2022). “Unlimited Lives: Secure In-Process Rollback with Isolated Domains.” arXiv:2205.03205 [cs]. doi:10.48550/arXiv.2205.03205
- Scopelliti, G., Pouyanrad, S., Noorman, J., Alder, F., Baumann, C., Piessens, F., & Mühlberg, J. T. (2022). “End-to-End Security for Distributed Event-Driven Enclave Applications on Heterogeneous TEEs.” arXiv:2206.01041 [cs]. doi:10.48550/arXiv.2206.01041
- Molnar, P. (2020, November). “Technological Testing Grounds: Migration Management Experiments and Reflections from the Ground Up.” Retrieved from https://edri.org/wp-content/uploads/2020/11/Technological-Testing-Grounds.pdf
- Bohn, F., Anderson, T., Barca, S., Blakeley, G., Bright, S., Chertkovskaya, E., D’Alisa, G., et al. (2019, December). “A Blueprint for Europe’s Just Transition: The Green New Deal for Europe.” (D. Adler, D. Wargan, & S. Prakash, Eds.). Retrieved from https://report.gndforeurope.com/cms/wp-content/uploads/2020/01/Blueprint-for-Europes-Just-Transition-2nd-Ed.pdf
- Mühlberg, J. T., Bulck, J. V., Maene, P., Noorman, J., Preneel, B., Verbauwhede, I., & Piessens, F. (2019). “Architectural Security for Embedded Control Systems.” Software Blog. Retrieved from http://blog.ieeesoftware.org/2019/05/architectural-security-for-embedded.html
- Mühlberg, J. T., & Nuñez, S. (2016). “Emerging Challenges in Embedded Software.” Nuevas Tecnologías Blog. Retrieved from https://www.beetzsee.de/posts/papers/2016-tecnonews-qatest-en.pdf
- Mühlberg, J. T., & Nuñez, S. (2016). “Nuevos desafíos en el Software Embedded.” Nuevas Tecnologías Blog. Retrieved from https://www.tecnonews.info/opiniones/nuevos_desafios_en_el_software_embedded
- De Ryck, L., Phillipe Desmet, Joosen, W., Mühlberg, J. T., Piessens, F., Johns, M., Lekies, S., Davies, E., et al. (2013). “D1.1: Web-platform security guide: Security assessment of the Web ecosystem.” STREWS EU Project. Retrieved from http://www.strews.eu/
- Fontaine, A., Gadyatskaya, O., Piessens, F., Simplot-Ryl, I., Mühlberg, J. T., Massacci, F., Phillipov, A., et al. (2012). “D6.6: Development-Time and On-Device Interplay.” SecureChange EU Project. Retrieved from http://www.securechange.eu
- Mühlberg, J. T., & Lüttgen, G. (2010). “Symbolic Object Code Analysis.” Faculty of Information Systems and Applied Computer Science, The University of Bamberg. Retrieved from http://www.opus-bayern.de/uni-bamberg/volltexte/2010/236/
- Mühlberg, J. T. (2010). Model Checking Pointer Safety in Compiled Programs (PhD thesis). Department of Computer Science, University of York.
- Galloway, A., Mühlberg, J. T., Siminiceanu, R., & Lüttgen, G. (2007). Model-checking Part of a Linux File System (No. YCS-2007-423). Department of Computer Science, University of York, UK.
- Mühlberg, J. T., & Lüttgen, G. (2007). “BLASTing Linux Code.” Department of Computer Science, University of York, UK. Retrieved from https://www.beetzsee.de/posts/papers/2007-ycs-417-blast.pdf
- Mühlberg, J. T., & Perna, J. I. (Eds.). (2007). Proc. 1st York Doctoral Symposium on Computing. Technical Reports in Computer Science. Department of Computer Science, The University of York.
- Heinrich, H., Holl, F., Menzel, K., Mühlberg, J. T., Schäfer, I., & Schüngel, H. (2006). Metastudie Open-Source-Software und ihre Bedeutung für Innovatives Handeln. Berlin, Germany: Friedrich Holl, self-published.
- Holl, F., Menzel, K., Morcinek, P., Mühlberg, J. T., Schäfer, I., & Schüngel, H. (2006). Forschungsbericht: Innovationsverhalten deutscher Software-Entwicklungsunternehmen. Berlin, Germany: Friedrich Holl, self-published.
Last modified: 2022-11-14 14:33:30 +0100