Dr.-Ing. Tolga Arul

Short biography
I am currently a postdoctoral researcher with the Chair of Computer Engineering at the University of Passau. I received my Ph.D. degree in computer science from the Technical University Darmstadt in 2016 and previously worked there as a research associate in the Integrated Circuits and Systems Lab and as a postdoctoral researcher in the Security Engineering Group. In 2009, I joined the Center for Advanced Security Research Darmstadt (CASED) and in 2012 the National Research Center for Applied Cybersecurity (CRISP-DA) as a research associate in the field of cyber-physical systems security. In addition to my teaching activities at the University of Passau, the Technical University Darmstadt, the Baden-Wuerttemberg Cooperative State University and the Turkish–German University in Istanbul, I am involved in the research projects PUFMem, NANOSEC and 6G-RIC. Previously, I have successfully participated in the research projects Haselnuss, Cysis, UNICARagil and PUFFIN.

I am interested in all topics at the interface of hardware and security.
In particular:
  • physical unclonable functions
  • embedded systems security
  • critical infrastructure security
  • physical layer security
  • broadcast security

Photo of Tolga Arul

Publications

Book Chapters, Journal Articles and Proceedings
[12] Real-World Chaos-Based Cryptography Using Synchronised Chua Chaotic Circuits ( , , , , , and ), In IEEE International Symposium on Hardware Oriented Security and Trust (HOST 2022) ,
BIB
@article{Nazarenko2022_Techrxiv,
 author = {Emiliia Nazarenko and Nikolaos Athanasios Anagnostopoulos and Stavros
	G. Stavrinides and Nico Mexis and Florian Frank and Tolga Arul and
	Stefan Katzenbeisser},
 title = {{Real-World Chaos-Based Cryptography Using Synchronised Chua Chaotic
	Circuits}},
 year = {2022},
 month = {9},
 doi = {10.36227/techrxiv.21030466.v1},
 url = {https://onlinelibrary.wiley.com/doi/pdf/10.1002/sec.1690}
 }
PDF
[11] On the Sustainability of Lightweight Cryptography Based on PUFs Implemented on NAND Flash Memories Using Programming Disturbances ( , , , , , and ), In Workshop on Sustainability in Security, Security for Sustainability, co-located with the 25th Design, Automation and Test in Europe Conference & Exhibition (DATE 2022),
BIB
@article{Anagnostopoulos2022_Techrxiv,
 author = {Nikolaos Athanasios Anagnostopoulos and Yufan Fan and Muhammad Umair
	Saleem and Nico Mexis and Florian Frank and Tolga Arul and Stefan
	Katzenbeisser},
 title = {{On the Sustainability of Lightweight Cryptography Based on PUFs
	Implemented on NAND Flash Memories Using Programming Disturbances}},
 year = {2022},
 month = {9},
 doi = {10.36227/techrxiv.19529263.v2},
 url = {https://onlinelibrary.wiley.com/doi/pdf/10.1002/sec.1690}
}
PDF
[10] A Lightweight Architecture for Hardware-Based Security in the Emerging Era of Systems of Systems ( , , , , and ), In J. Emerg. Technol. Comput. Syst. , Association for Computing Machinery, volume 17,
BIB
@article{Mexis2021_JETC,
 author = {Nico Mexis and Nikolaos Athanasios Anagnostopoulos and Shuai Chen
	and Jan Bambach and Tolga Arul and Stefan Katzenbeisser},
 title = {A Lightweight Architecture for Hardware-Based Security in the Emerging
	Era of Systems of Systems},
 journal = {J. Emerg. Technol. Comput. Syst.},
 year = {2021},
 volume = {17},
 number = {3},
 month = {jun},
 address = {New York, NY, USA},
 articleno = {43},
 doi = {10.1145/3458824},
 issn = {1550-4832},
 issue_date = {June 2021},
 keywords = {System of systems, hardware and software security co-engineering,
	IoT 2.0, Internet of Things},
 numpages = {25},
 publisher = {Association for Computing Machinery}
}
[9] Low-Cost Security for Next-Generation IoT Networks ( , , , , and ), In ACM Trans. Internet Technol. , Association for Computing Machinery, volume 20,
BIB
@article{Anagnostopoulos2020_TOIT,
 author = {Nikolaos Athanasios Anagnostopoulos and Saad Ahmad and Tolga Arul
	and Daniel Steinmetzer and Matthias Hollick and Stefan Katzenbeisser},
 title = {{Low-Cost Security for Next-Generation IoT Networks}},
 journal = {ACM Trans. Internet Technol.},
 year = {2020},
 volume = {20},
 number = {3},
 month = {sep},
 abstract = {In recent years, the ubiquitous nature of Internet-of-Things (IoT)
	applications as well as the pervasive character of next-generation
	communication protocols, such as the 5G technology, have become widely
	evident. In this work, we identify the need for low-cost security
	in current and next-generation IoT networks and address this demand
	through the implementation, testing, and validation of an intrinsic
	low-cost and low-overhead hardware-based security primitive within
	an inherent network component. In particular, an intrinsic Physical
	Unclonable Function (PUF) is implemented in the peripheral network
	module of a tri-band commercial off-the-shelf router. Subsequently,
	we demonstrate the robustness of this PUF to ambient temperature
	variations and to limited natural aging, and examine in detail its
	potential for securing the next generation of IoT networks and other
	applications. Finally, the security of the proposed PUF-based schemes
	is briefly assessed and discussed.},
 address = {New York, NY, USA},
 articleno = {30},
 doi = {10.1145/3406280},
 issn = {1533-5399},
 issue_date = {September 2020},
 keywords = {peripheral, 60 GHz, physical unclonable function (PUF), static random
	access memory (SRAM), Internet of Things (IoT)},
 numpages = {31},
 publisher = {Association for Computing Machinery}
}
[8] ELSA: efficient long-term secure storage of large datasets (full version) * ( , , , and ), In EURASIP Journal on Information Security , volume 2020,
BIB
@article{Muth2020,
 author = {Philipp Muth and Matthias Geihs and Tolga Arul and Johannes Buchmann
	and Stefan Katzenbeisser},
 title = {{ELSA: efficient long-term secure storage of large datasets (full
	version) *}},
 journal = {EURASIP Journal on Information Security},
 year = {2020},
 volume = {2020},
 pages = {9},
 number = {1},
 month = {May},
 day = {27},
 doi = {10.1186/s13635-020-00108-9},
 issn = {2510-523X}
}
[7] Rule-based Anomaly Detection for Railway Signalling Networks ( , , and ), In CoRR , volume abs/2008.05241,
BIB
@article{Heinrich2020_arXiv,
 author = {Markus Heinrich and Arwed G{\"{o}}lz and Tolga Arul and Stefan Katzenbeisser},
 title = {Rule-based Anomaly Detection for Railway Signalling Networks},
 journal = {CoRR},
 year = {2020},
 volume = {abs/2008.05241},
 month = {8},
 archiveprefix = {arXiv},
 bibsource = {dblp computer science bibliography, https://dblp.org},
 biburl = {https://dblp.org/rec/journals/corr/abs-2008-05241.bib},
 doi = {10.48550/ARXIV.2008.05241},
 eprint = {2008.05241},
 url = {https://onlinelibrary.wiley.com/doi/pdf/10.1002/sec.1690}
}
[6] Securing FlexRay-based in-vehicle networks ( , , and ), In Microprocessors and Microsystems , volume 77,
BIB
@article{Puellen2020_Micpro,
 author = {Dominik {P\"{u}llen} and Nikolaos Athanasios Anagnostopoulos and
	Tolga Arul and Stefan Katzenbeisser},
 title = {{Securing FlexRay-based in-vehicle networks}},
 journal = {Microprocessors and Microsystems},
 year = {2020},
 volume = {77},
 pages = {103144},
 month = {9},
 abstract = {In this work, we propose defense techniques against message spoofing
	attacks in FlexRay networks. For this purpose, we explore how to
	leverage the slot- and channel-based FlexRay communication for ensuring
	the authenticity of safety-critical in-vehicle traffic. In particular,
	we suggest to split authentication tags across two physical independent
	channels, allowing for their concurrent transmission. This eventually
	leads to a higher degree of fault-tolerance and security. We put
	a special focus on the efficient management and distribution of cryptographic
	keys by using reversed hash chains. They allow us to derive new and
	forward-secure keys at low cost during operational runtime. Our evaluation
	consists of both a discussion and a practical implementation on an
	exemplary network. Assuming constrained hardware resources, we conclude
	that authentication for groups of time slots is the most promising
	approach in terms of timing and computational overhead.},
 doi = {10.1016/j.micpro.2020.103144},
 issn = {0141-9331},
 keywords = {FlexRay, Security, Authentication, Key updates, Safety}
}
[5] Attacking SRAM PUFs using very-low-temperature data remanence ( , , , , and ), In Microprocessors and Microsystems , volume 71,
BIB
@article{Anagnostopoulos2019_MICPRO,
 author = {Nikolaos Athanasios Anagnostopoulos and Tolga Arul and Markus Rosenstihl
	and Andr{\'e} Schaller and Sebastian Gabmeyer and Stefan Katzenbeisser},
 title = {{Attacking SRAM PUFs using very-low-temperature data remanence}},
 journal = {Microprocessors and Microsystems},
 year = {2019},
 volume = {71},
 pages = {102864},
 month = {8},
 doi = {10.1016/j.micpro.2019.102864},
 issn = {0141-9331},
 keywords = {Physical Unclonable Function (PUF), Static Random Access Memory (SRAM),
	Data remanence, Data retention, Low temperature, Attack}
}
[4] Security Requirements Engineering in Safety-Critical Railway Signalling Networks ( , , , , , , , , , and ), In Security and Communication Networks , volume 9,
BIB
@article{Heinrich2018_SACNWiley,
 author = {Markus Heinrich and Tsvetoslava Vateva-Gurova and Tolga Arul and
	Stefan Katzenbeisser and Neeraj Suri and Henk Birkholz and Christoph
	Krau{\ss} and Maria Zhdanova and Don Kuzhiyelil and Sergey Tverdyshev
	and Christian Schlehuber},
 title = {{Security Requirements Engineering in Safety-Critical Railway Signalling
	Networks}},
 journal = {Security and Communication Networks},
 year = {2018},
 volume = {9},
 pages = {5203-5218},
 number = {18},
 month = {7},
 doi = {10.1155/2019/8348925},
 keywords = {zero watermarking, e-healthcare, Jacobian matrix, authentication,
	robustness, medical images},
 url = {https://onlinelibrary.wiley.com/doi/pdf/10.1002/sec.1690}
}
[3] Intrinsic Run-Time Row Hammer PUFs: Leveraging the Row Hammer Effect for Run-Time Cryptography and Improved Security ( , , , , , , , , , , and ), In Cryptography , volume 2,
BIB
@article{Anagnostopoulos2018_MDPI,
 author = {Nikolaos Athanasios Anagnostopoulos and Tolga Arul and Yufan Fan
	and Christian Hatzfeld and Andr{\'e} Schaller and Wenjie Xiong and
	Manishkumar Jain and Muhammad Umair Saleem and Jan Lotichius and
	Sebastian Gabmeyer and Jakub Szefer and Stefan Katzenbeisser},
 title = {Intrinsic {Run-Time} {Row} {Hammer} {PUFs}: Leveraging the Row Hammer
	Effect for Run-Time Cryptography and Improved Security},
 journal = {Cryptography},
 year = {2018},
 volume = {2},
 number = {3},
 month = {6},
 doi = {10.3390/cryptography2030013},
 issn = {2410-387X},
 url = {https://onlinelibrary.wiley.com/doi/pdf/10.1002/sec.1690}
}
PDF
[2] Subscription-free Pay-TV over IPTV ( and ), In Journal of Systems Architecture , volume 64,
BIB
@article{Arul2016_JSA,
 author = {Tolga Arul and Abdulhadi Shoufan},
 title = {Subscription-free {Pay-TV} over {IPTV}},
 journal = {Journal of Systems Architecture},
 year = {2016},
 volume = {64},
 pages = {37 - 49},
 month = {12},
 note = {{Real-Time} Signal Processing in Embedded Systems},
 doi = {10.1016/j.sysarc.2015.12.001},
 issn = {1383-7621},
 keywords = {Pay-TV, IPTV, DVB, Charging, Rekeying, Multicast}
}
[1] A Benchmarking Environment for Performance Evaluation of Tree-based Rekeying Algorithms ( and ), In Journal of Systems and Software , Elsevier Science Inc., volume 84,
BIB
@article{Shoufan2011_JSS,
 author = {Abdulhadi Shoufan and Tolga Arul},
 title = {{A Benchmarking Environment for Performance Evaluation of Tree-based
	Rekeying Algorithms}},
 journal = {Journal of Systems and Software},
 year = {2011},
 volume = {84},
 pages = {1130--1143},
 number = {7},
 month = {jul},
 acmid = {1988469},
 address = {New York, NY, USA},
 doi = {10.1016/j.jss.2011.02.006},
 issn = {0164-1212},
 issue_date = {July, 2011},
 keywords = {Benchmarking, Group rekeying algorithms, Performance evaluation, Simulation},
 numpages = {14},
 publisher = {Elsevier Science Inc.},
 url = {https://onlinelibrary.wiley.com/doi/pdf/10.1002/sec.1690}
}
PDF
Refereed Conference Papers
[28] A Dedicated Mixed-Signal Characterisation and Testing Framework for Novel Digital Security Circuits That Use Carbon-Nanotube-Based Physical Unclonable Functions ( , , , , , and ), In 2022 11th International Conference on Modern Circuits and Systems Technologies (MOCAST) ,
BIB
@inproceedings{Frank2022_MOCAST,
 author = {Florian Frank and Nikolaos Athanasios Anagnostopoulos and Simon B{\"o}ttger
	and Sascha Hermann and Tolga Arul and Stavros G.Stavrinides and Stefan
	Katzenbeisser},
 title = {A Dedicated Mixed-Signal Characterisation and Testing Framework for
	Novel Digital Security Circuits That Use Carbon-Nanotube-Based Physical
	Unclonable Functions},
 booktitle = {2022 11th International Conference on Modern Circuits and Systems
	Technologies (MOCAST)},
 year = {2022},
 pages = {1-4},
 month = {7},
 doi = {10.1109/MOCAST54814.2022.9837567}
}
[27] Using Memristor Arrays as Physical Unclonable Functions ( , , and ), In Computer Security – ESORICS 2022 (Atluri, Vijayalakshmi, Di Pietro, Roberto, Jensen, Christian D., Meng, Weizhi, eds.), Springer Nature Switzerland, volume 13556,
BIB
@inproceedings{Frank2022_ESORICS,
 author = {Florian Frank and Tolga Arul and Nikolaos Athanasios Anagnostopoulos
	and Stefan Katzenbeisser},
 title = {Using Memristor Arrays as Physical Unclonable Functions},
 booktitle = {Computer Security -- ESORICS 2022},
 year = {2022},
 editor = {Atluri, Vijayalakshmi and Di Pietro, Roberto and Jensen, Christian
	D. and Meng, Weizhi},
 volume = {13556},
 pages = {250--271},
 address = {Cham},
 month = {9},
 publisher = {Springer Nature Switzerland},
 doi = {10.1007/978-3-031-17143-7_13},
 isbn = {978-3-031-17143-7}
}
PDF
[26] Secure Communication via Chaotic Cryptography ( , , , , , and ), In crypto day matters 34 (Loebenberger, Daniel, Nüsken, Michael, eds.), Gesellschaft für Informatik e.V./ FG KRYPTO,
BIB
@inproceedings{Geloczi2022_CT34,
 author = {Emiliia Gel\'{o}czi and Nico Mexis and Nikolaos Athanasios Anagnostopoulos
	and Florian Frank and Tolga Arul and Stavros G. Stavrinides and Stefan
	Katzenbeisser},
 title = {{Secure Communication via Chaotic Cryptography}},
 booktitle = {crypto day matters 34},
 year = {2022},
 editor = {Loebenberger, Daniel AND N\"{u}sken, Michael},
 address = {Bonn},
 month = {6},
 publisher = {Gesellschaft f\"{u}r Informatik e.V./ FG KRYPTO},
 doi = {10.18420/cdm-2021-33-41}
}
[25] Testing the Robustness of Physical Unclonable Functions Implemented on Commercial Off-the-Shelf NAND Flash Memories Using Programming Disturbances to Temperature and Voltage Variations ( , , , , , , , , and ), In 2022 IEEE 12th International Conference on Consumer Electronics (ICCE-Berlin) ,
BIB
@inproceedings{Geloczi2022_ICCEBerlin,
 author = {Emiliia Gel\'{o}czi and Nikolaos Athanasios Anagnostopoulos and Nico
	Mexis and Yufan Fan and Muhammed Umair Saleem and Andr{\'e} Schaller
	and Felix Klement and Florian Frank and Tolga Arul and Stefan Katzenbeisser},
 title = {{Testing the Robustness of Physical Unclonable Functions Implemented
	on Commercial Off-the-Shelf NAND Flash Memories Using Programming
	Disturbances to Temperature and Voltage Variations}},
 booktitle = {{2022 IEEE 12th International Conference on Consumer Electronics
	(ICCE-Berlin)}},
 year = {2022},
 month = {9},
 howpublished = {presented in the 2022 IEEE 12th International Conference on Consumer
	Electronics - Berlin (ICCE-Berlin 2022)}
}
PDF
[24] Nano Security: From Nano-Electronics to Secure Systems ( , , , , , , , , , , , , , , , , , , , , , and ), In Design, Automation and Test in Europe Conference (DATE). Design, Automation & Test in Europe (DATE-2021), February 1-5, Grenoble, France ,
BIB
@inproceedings{Polian2021_Date,
 author = {Ilia Polian and Frank Altmann and Tolga Arul and Christian Boit and
	Ralf Brederlow and Lucas Davi and Rolf Drechsler and Nan Du and Thomas
	Eisenbarth and Tim G\"{u}neysu and Sascha Hermann and Matthias Hiller
	and Rainer Leupers and Farhad Merchant and Thomas Mussenbrock and
	Stefan Katzenbeisser and Akash Kumar and Wolfgang Kunz and Thomas
	Mikolajick and Vivek Pachauri and Jean-Pierre Seifert and Frank Sill
	Torres and Jens Trommer},
 title = {{Nano Security: From Nano-Electronics to Secure Systems}},
 booktitle = {Design, Automation and Test in Europe Conference (DATE). Design,
	Automation \& Test in Europe (DATE-2021), February 1-5, Grenoble,
	France},
 year = {2021},
 pages = {1334-1339},
 month = {2},
 doi = {10.23919/DATE51398.2021.9474187}
}
[23] A Design for a Secure Network of Networks Using a Hardware and Software Co-Engineering Architecture ( , , , , and ), In Proceedings of the SIGCOMM '21 Poster and Demo Sessions , Association for Computing Machinery,
BIB
@inproceedings{Mexis2021_SIGCOMM,
 author = {Nico Mexis and Nikolaos Athanasios Anagnostopoulos and Shuai Chen
	and Jan Bambach and Tolga Arul and Stefan Katzenbeisser},
 title = {A Design for a Secure Network of Networks Using a Hardware and Software
	Co-Engineering Architecture},
 booktitle = {Proceedings of the SIGCOMM '21 Poster and Demo Sessions},
 year = {2021},
 series = {SIGCOMM '21},
 pages = {65-67},
 address = {New York, NY, USA},
 month = {8},
 publisher = {Association for Computing Machinery},
 abstract = {This work concerns the demonstration of a security solution for a
	network of networks, which comprises heterogeneous devices and utilises
	diverse communication protocols. The security solution used in this
	work employs an architecture presented in a previous work, which
	is based upon the concept of hardware and software security co-engineering.},
 doi = {10.1145/3472716.3472849},
 isbn = {9781450386296},
 keywords = {internet of things, network of networks, hardware and software security
	co-engineering},
 location = {Virtual Event},
 numpages = {3}
}
[22] Fuzzy Extractors using Low-Density Parity-Check Codes ( , , , and ), In crypto day matters 33 (Gazdag, Stefan-Lukas, Tiepelt, Marcel, Loebenberger, Daniel, Nüsken, Michael, eds.), Gesellschaft für Informatik e.V./ FG KRYPTO,
BIB
@inproceedings{Mexis2021_CT33,
 author = {Nico Mexis and Nikolaos Athanasios Anagnostopoulos and Tolga Arul
	and Florian Frank and Stefan Katzenbeisser},
 title = {Fuzzy Extractors using Low-Density Parity-Check Codes},
 booktitle = {crypto day matters 33},
 year = {2021},
 editor = {Gazdag, Stefan-Lukas AND Tiepelt, Marcel AND Loebenberger, Daniel
	AND N\"{u}sken, Michael},
 month = {09},
 publisher = {Gesellschaft f\"{u}r Informatik e.V./ FG KRYPTO},
 doi = {10.18420/cdm-2021-33-41}
}
[21] A Study of the Spatial Auto-Correlation of Memory-Based Physical Unclonable Functions ( , and ), In 2020 European Conference on Circuit Theory and Design (ECCTD) ,
BIB
@inproceedings{Arul2020_ECCTD,
 author = {Tolga Arul and Nikolaos Athanasios Anagnostopoulos and Sergej Rei\ss{}ig
	and Stefan Katzenbeisser},
 title = {A Study of the Spatial Auto-Correlation of Memory-Based Physical
	Unclonable Functions},
 booktitle = {2020 European Conference on Circuit Theory and Design (ECCTD)},
 year = {2020},
 pages = {1-4},
 month = {Sep.},
 abstract = {In this work, we examine the spatial auto-correlation exhibited in
	the responses of memory-based Physical Unclonable Functions (PUFs).
	In particular, we examine the responses of an SRAM PUF, a DRAM decay-based
	PUF, and a disturbance-based Flash PUF. For the evaluation, we use
	three different metrics that have already been employed in the relevant
	literature for measuring the spatial correlation of other PUF responses.
	Our results prove that the examined PUF responses exhibit little,
	if any, spatial auto-correlation. Thus, these PUFs can be considered
	as security mechanisms of high entropy, which can be utilised to
	enhance the security of the Internet of Things (IoT).},
 doi = {10.1109/ECCTD49232.2020.9218302},
 issn = {2474-9672},
 keywords = {correlation;spatial auto-correlation;Physical Unclonable Function
	(PUF);Static Random Access Memory (SRAM);Dynamic Random Access Memory
	(DRAM);Flash memory}
}
PDF
[20] Demo: Railway Signalling Security Testbed ( , and ), In IEEE Vehicular Networking Conference, VNC 2020, New York, NY, USA, December 16-18, 2020 , IEEE,
BIB
@inproceedings{Heinrich2021_VNC,
 author = {Markus Heinrich and Tolga Arul and Stefan Katzenbeisser},
 title = {{Demo: Railway Signalling Security Testbed}},
 booktitle = {{IEEE} Vehicular Networking Conference, {VNC} 2020, New York, NY,
	USA, December 16-18, 2020},
 year = {2020},
 pages = {1--2},
 month = {12},
 publisher = {{IEEE}},
 doi = {10.1109/VNC51378.2020.9318338}
}
[19] Predicting Railway Signalling Commands Using Neural Networks for Anomaly Detection ( , , and ), In Computer Safety, Reliability, and Security (Casimiro, António, Ortmeier, Frank, Bitsch, Friedemann, Ferreira, Pedro, eds.), Springer International Publishing,
BIB
@inproceedings{Heinrich2020_Safecomp,
 author = {Markus Heinrich and Dominik Renkel and Tolga Arul and Stefan Katzenbeisser},
 title = {Predicting Railway Signalling Commands Using Neural Networks for
	Anomaly Detection},
 booktitle = {Computer Safety, Reliability, and Security},
 year = {2020},
 editor = {Casimiro, Ant{\'o}nio and Ortmeier, Frank and Bitsch, Friedemann
	and Ferreira, Pedro},
 pages = {164--178},
 address = {Cham},
 month = {7},
 publisher = {Springer International Publishing},
 abstract = {We propose a new anomaly detection system to defend against semantic
	attacks on the command and control communication in safety-critical
	railway signalling networks. To this end, we train artificial neural
	network on the communication of signal boxes connected to their signals,
	points, and train detection system. We show that it is possible to
	predict the next command with knowledge of only few previously transmitted
	datagrams. We optimize the parameters of the artificial neural network,
	determine the optimal number of previous datagrams, and show that
	our approach is viable in railway stations of various size. Using
	the artificial neural network, we construct an anomaly detection
	system to classify each observed datagram to raise an alert in case
	of deviant behaviour. We further optimize the anomaly detection's
	threshold and show that our classifier is able to operate with a
	false positive rate of 0.03 and a false negative rate of 0.04.},
 doi = {10.1007/978-3-030-54549-9_11},
 isbn = {978-3-030-54549-9}
}
[18] Safety Meets Security: Using IEC 62443 for a Highly Automated Road Vehicle ( , , and ), In Computer Safety, Reliability, and Security (Casimiro, António, Ortmeier, Frank, Bitsch, Friedemann, Ferreira, Pedro, eds.), Springer International Publishing,
BIB
@inproceedings{Puellen2020_Safecomp,
 author = {Dominik P{\"u}llen and Nikolaos Athanasios Anagnostopoulos and Tolga
	Arul and Stefan Katzenbeisser},
 title = {{Safety Meets Security: Using IEC 62443 for a Highly Automated Road
	Vehicle}},
 booktitle = {Computer Safety, Reliability, and Security},
 year = {2020},
 editor = {Casimiro, Ant{\'o}nio and Ortmeier, Frank and Bitsch, Friedemann
	and Ferreira, Pedro},
 pages = {325--340},
 address = {Cham},
 month = {7},
 publisher = {Springer International Publishing},
 abstract = {In this work, we conduct and discuss a consensus-based risk analysis
	for a novel architecture of a driverless and electric prototype vehicle.
	While well-established safety standards like ISO 26262 provide frameworks
	to systematically assess risks of hazardous operational situations,
	the automotive security field has emerged only in the last years.
	Today, SAE J3061 provides recommendations and high-level guiding
	principles of how to incorporate security into vehicle systems. ISO/SAE
	21434 is a novel automotive security standard, which, however, is
	still under development. Therefore, we treat the aforementioned architecture
	as a single Industrial Automation and Control System (IACS) and provide
	an implementation of the IEC 62443 series. We collaboratively identify
	threats in a three-round process and define a scoring scheme for
	automotive risks. As a result, we obtain a tailored bundle of compensating
	security mechanisms. Based on our work, we suggest improvements for
	future automotive security standards when it comes to the co-engineering
	of safety and security.},
 doi = {10.1007/978-3-030-54549-9_22},
 isbn = {978-3-030-54549-9}
}
[17] Privacy & Usability of IPTV Recommender Systems ( , and ), In 2019 IEEE International Conference on Consumer Electronics (ICCE) (2019 ICCE) ,
BIB
@inproceedings{ArulICCE_2019,
 author = {Tolga Arul and Nikolaos Athanasios Anagnostopoulos and Stefan Katzenbeisser},
 title = {Privacy \& Usability of {IPTV} Recommender Systems},
 booktitle = {2019 IEEE International Conference on Consumer Electronics (ICCE)
	(2019 ICCE)},
 year = {2019},
 address = {Las Vegas, USA},
 month = {jan},
 abstract = {IPTV is capable of providing recommendations for upcoming TV programs
	based on consumer feedback. With the increasing popularity and performance
	of recommender systems, risks of user privacy breach emerge. Although
	several works about privacy-preserving designs of recommender systems
	exist in the literature, a detailed analysis of the current state-of-the-art
	regarding privacy as well as an investigation of the usability aspects
	of such systems, so far, have not received consideration. In this
	paper, we survey current approaches for recommender systems by studying
	their privacy and usability properties in the context of IPTV.},
 days = {11},
 doi = {10.1109/ICCE.2019.8662046},
 keywords = {recommender system; privacy; usability}
}
[16] AR-PUFs: Advanced Security Primitives for the Internet of Things and Cyber-Physical Systems ( , , , and ), In 2019 IEEE International Conference on Consumer Electronics (ICCE) (2019 ICCE) ,
BIB
@inproceedings{Anagnostopoulos2019_ICCE,
 author = {Nikolaos Athanasios Anagnostopoulos and Tolga Arul and Yufan Fan
	and Manish Kumar and Stefan Katzenbeisser},
 title = {{AR-PUFs:} Advanced Security Primitives for the Internet of Things
	and {Cyber-Physical} Systems},
 booktitle = {2019 IEEE International Conference on Consumer Electronics (ICCE)
	(2019 ICCE)},
 year = {2019},
 address = {Las Vegas, USA},
 month = {jan},
 abstract = {In this work, we examine very briefly a number of Advanced Reconfigurable
	Physical Unclonable Functions (AR-PUFs) that can be used to enhance
	the security of devices used for the realisation of the Internet
	of Things (IoT) and Cyber-Physical Systems (CPS). To this end, we
	also present two practical lightweight protocols that can be implemented
	using such AR-PUFs on IoT and CPS devices, in order to significantly
	enhance their security, even allowing the security of such devices
	to be restored after they have been compromised.},
 days = {11},
 doi = {10.1109/ICCE.2019.8661840},
 keywords = {reconfigurable physical unclonable function; internet of things; cyber-physical
	system}
}
[15] Using Implicit Certification to Efficiently Establish Authenticated Group Keys for In-Vehicle Networks ( , , and ), In 2019 IEEE Vehicular Networking Conference (VNC) ,
BIB
@inproceedings{Puellen2019_VNC,
 author = {Dominik {P\"{u}llen} and Nikolaos Athanasios Anagnostopoulos and
	Tolga Arul and Stefan Katzenbeisser},
 title = {{Using Implicit Certification to Efficiently Establish Authenticated
	Group Keys for In-Vehicle Networks}},
 booktitle = {2019 IEEE Vehicular Networking Conference (VNC)},
 year = {2019},
 pages = {1-8},
 month = {12},
 doi = {10.1109/VNC48660.2019.9062785}
}
[14] Security and Safety Co-Engineering of the FlexRay Bus in Vehicular Networks ( , , and ), In Proceedings of the International Conference on Omni-Layer Intelligent Systems , ACM,
BIB
@inproceedings{Puellen2019_COINS,
 author = {Dominik P\"{u}llen and Nikolaos Athanasios Anagnostopoulos and Tolga
	Arul and Stefan Katzenbeisser},
 title = {{Security and Safety Co-Engineering of the FlexRay Bus in Vehicular
	Networks}},
 booktitle = {Proceedings of the International Conference on Omni-Layer Intelligent
	Systems},
 year = {2019},
 series = {COINS '19},
 pages = {31--37},
 address = {New York, NY, USA},
 month = {5},
 publisher = {ACM},
 acmid = {3312626},
 doi = {10.1145/3312614.3312626},
 isbn = {978-1-4503-6640-3},
 keywords = {FlexRay, automotive, fault-tolerance, in-vehicle communication, reliability,
	safety, security},
 location = {Crete, Greece},
 numpages = {7}
}
[13] Poster: Hierarchical Integrity Checking in Heterogeneous Vehicular Networks ( , , and ), In 2018 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2018) ,
BIB
@inproceedings{Puellen2018_VNC,
 author = {Dominik {P{\"u}llen} and Nikolaos Athanasios Anagnostopoulos and
	Tolga Arul and Stefan Katzenbeisser},
 title = {{Poster: Hierarchical Integrity Checking in Heterogeneous Vehicular
	Networks}},
 booktitle = {2018 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2018)},
 year = {2018},
 address = {Taipei, Taiwan},
 month = {dec},
 days = {4},
 doi = {10.1109/VNC.2018.8628375}
}
[12] Securing IoT Devices Using Robust DRAM PUFs ( , , , , , , , and ), In 2018 Global Information Infrastructure and Networking Symposium (GIIS) (GIIS'18) ,
BIB
@inproceedings{Anagnostopoulos2018_GIIS,
 author = {Nikolaos Athanasios Anagnostopoulos and Tolga Arul and Yufan Fan
	and Jan Lotichius and Christian Hatzfeld and Felipe Fernandes and
	Ratika Sharma and Fatemeh Tehranipoor and Stefan Katzenbeisser},
 title = {Securing {IoT} Devices Using Robust {DRAM} {PUFs}},
 booktitle = {2018 Global Information Infrastructure and Networking Symposium (GIIS)
	(GIIS'18)},
 year = {2018},
 address = {Thessaloniki, Greece},
 month = {oct},
 abstract = {In this work, we present a novel way in which DRAM modules, which
	are found inherently in many IoT devices, can be used to enhance
	the security of such devices. We test the robustness of two DRAM-based
	security primitives, namely DRAM retention-based PUFs and Row~Hammer
	PUFs, to two external factors, i.e. ambient temperature and voltage
	variations. As both types of PUFs are proven to be highly dependent
	on temperature, we, then, present and discuss ways in which such
	PUFs can be used to implement cryptographic applications in a robust
	way, no longer being affected by temperature variations. Finally,
	we also present a proof-of-concept robust DRAM PUF-based cryptographic
	protocol that can be adapted for different security applications.
	In this way, our work demonstrates a cost-efficient, lightweight
	and practical manner in which even low-end, resource-constrained
	IoT devices can be easily protected.},
 days = {22},
 doi = {10.1109/GIIS.2018.8635789},
 keywords = {internet of things; IoT; security; DRAM PUF; DRAM retention; row hammer}
}
[11] Behavioral Workload Generation for IPTV ( , and ), In 2018 IEEE 8th International Conference on Consumer Electronics - Berlin (ICCE-Berlin) (ICCE-Berlin 2018) ,
BIB
@inproceedings{Arul2018_ICCE,
 author = {Tolga Arul and Nikolaos Athanasios Anagnostopoulos and Stefan Katzenbeisser},
 title = {Behavioral Workload Generation for {IPTV}},
 booktitle = {2018 IEEE 8th International Conference on Consumer Electronics -
	Berlin (ICCE-Berlin) (ICCE-Berlin 2018)},
 year = {2018},
 address = {Berlin, Germany},
 month = {sep},
 organization = {IEEE},
 days = {1},
 doi = {10.1109/ICCE-Berlin.2018.8576230}
}
[10] Security Analysis of the RaSTA Safety Protocol ( , , and ), In IEEE Intelligence and Security Informatics (ISI) 2018 , IEEE,
BIB
@inproceedings{Heinrich2018_ISI,
 author = {Markus Heinrich and Jannik Vieten and Tolga Arul and Stefan Katzenbeisser},
 title = {{Security Analysis of the RaSTA Safety Protocol}},
 booktitle = {IEEE Intelligence and Security Informatics (ISI) 2018},
 year = {2018},
 month = {11},
 organization = {IEEE},
 publisher = {IEEE},
 doi = {10.1109/ISI.2018.8587371}
}
[9] Low-Temperature Data Remanence Attacks Against Intrinsic SRAM PUFs ( , , , , and ), In 2018 Euromicro Conference on Digital System Design (DSD) ,
BIB
@inproceedings{Anagnostopoulos2018_DSD,
 author = {Nikolaos A. Anagnostopoulos and Tolga Arul and Markus Rosenstihl
	and Andr{\'e} Schaller and Sebastian Gabmeyer and Stefan Katzenbeisser},
 title = {{Low-Temperature Data Remanence Attacks Against Intrinsic SRAM PUFs}},
 booktitle = {2018 Euromicro Conference on Digital System Design (DSD)},
 year = {2018},
 address = {Prague, Czech Republic},
 month = {8},
 organization = {Euromicro},
 doi = {10.1109/DSD.2018.00102}
}
PDF
[8] On the Effects of Environmental Factors on the Functionality of Modern Dynamic Random Access Memory Modules ( , , , , , , , and ), In 7th International Conference "Micro&Nano 2018" ,
BIB
@inproceedings{Anagnostopoulos2018_MicroNano,
 author = {Nikolaos Athanasios Anagnostopoulos and Tolga Arul and Yufan Fan
	and Ravi Sarangdhar and Ratika Sharma and Markus Rosenstihl and Christian
	Hatzfeld and Fatemeh Tehranipoor and Stefan Katzenbeisser},
 title = {{On the Effects of Environmental Factors on the Functionality of
	Modern Dynamic Random Access Memory Modules}},
 booktitle = {7th International Conference "Micro\&Nano 2018"},
 year = {2018},
 month = {11},
 doi = {10.13140/RG.2.2.16373.83681}
}
PDF
[7] Addressing the Effects of Temperature Variations on Intrinsic Memory-Based Physical Unclonable Functions ( , , , , and ), In 28th Crypto-Day ,
BIB
@inproceedings{Anagnostopoulos2018_CT28,
 author = {Nikolaos Athanasios Anagnostopoulos and Tolga Arul and Yufan Fan
	and Christian Hatzfeld and Fatemeh Tehranipoor and Stefan Katzenbeisser},
 title = {{Addressing the Effects of Temperature Variations on Intrinsic Memory-Based
	Physical Unclonable Functions}},
 booktitle = {28th Crypto-Day},
 year = {2018},
 series = {GI},
 month = {8},
 doi = {10.18420/cdm-2018-28-23},
 keywords = {Primitives; P3}
}
[6] Insights into the Potential Usage of the Initial Values of DRAM Arrays of Commercial Off-the-Shelf Devices for Security Applications ( , , , , , , , , and ), In 26th Crypto-Day ,
BIB
@inproceedings{Anagnostopoulos2017_CT26,
 author = {Nikolaos Athanasios Anagnostopoulos and Andr{\'e} Schaller and Yufan
	Fan and Wenjie Xiong and Fatemeh Tehranipoor and Tolga Arul and Sebastian
	Gabmeyer and Jakup Szefer and John A. Chandy and Stefan Katzenbeisser},
 title = {{Insights into the Potential Usage of the Initial Values of DRAM
	Arrays of Commercial Off-the-Shelf Devices for Security Applications}},
 booktitle = {26th Crypto-Day},
 year = {2017},
 month = {6},
 doi = {10.13140/RG.2.2.21396.50569},
 keywords = {Primitives;P3}
}
PDF
[5] An extensive classification and analysis of attacks against Physical Unclonable Functions (PUFs) ( , , and ), In 27th Crypto-Day ,
BIB
@inproceedings{Anagnostopoulos2017_CT27,
 author = {Nikolaos Athanasios Anagnostopoulos and Sebastian Gabmeyer and Tolga
	Arul and Stefan Katzenbeisser},
 title = {An extensive classification and analysis of attacks against {Physical
	Unclonable Functions (PUFs)}},
 booktitle = {27th Crypto-Day},
 year = {2017},
 month = {12},
 doi = {10.13140/RG.2.2.25411.91689}
}
PDF
[4] An investigation of the effects of radiation on current key storage solutions and on Physical Unclonable Functions (PUFs) being used as key storage ( , , , , , , , , , and ), In 27th Crypto-Day ,
BIB
@inproceedings{Sarangdhar2017_CT27_1,
 author = {Ravi Sarangdhar and Yufan Fan and Nikolaos Athanasios Anagnostopoulos
	and Udo Gayer and Frank Flederer and Tobias Mikschl and Tolga Arul
	and Philipp R. John and Kirsten Hierholz and Sergio Montenegro and
	Stefan Katzenbeisser},
 title = {{An investigation of the effects of radiation on current key storage
	solutions and on Physical Unclonable Functions (PUFs) being used
	as key storage}},
 booktitle = {27th Crypto-Day},
 year = {2017},
 month = {12},
 doi = {10.13140/RG.2.2.33800.52483},
 keywords = {Primitives;P3}
}
PDF
[3] Lightweight Anti-counterfeiting Solution for Low-End Commodity Hardware Using Inherent PUFs ( , , and ), In Trust and Trustworthy Computing (Holz, Thorsten, Ioannidis, Sotiris, eds.), Springer International Publishing,
BIB
@inproceedings{Schaller2014_Springer,
 author = {Andr{\'e} Schaller and Tolga Arul and Vincent van der Leest and Stefan
	Katzenbeisser},
 title = {{Lightweight Anti-counterfeiting Solution for Low-End Commodity Hardware
	Using Inherent PUFs}},
 booktitle = {Trust and Trustworthy Computing},
 year = {2014},
 editor = {Holz, Thorsten and Ioannidis, Sotiris},
 pages = {83--100},
 address = {Cham},
 month = {6},
 publisher = {Springer International Publishing},
 abstract = {This paper presents a lightweight anti-counterfeiting solution using
	intrinsic Physically Unclonable Functions (PUFs), which are already
	embedded in most commodity hardware platforms. The presented solution
	is particularly suitable for low-end computing devices without on-board
	security features. Our anti-counterfeiting approach is based on extracting
	a unique fingerprint for individual devices exploiting inherent PUF
	characteristics from the on-chip static random-access memory (SRAM),
	which in turn allows to bind software to a particular hardware platform.
	Our solution does not require additional hardware, making it flexible
	as well as cost efficient. In a first step, we statistically analyze
	the characteristics of the intrinsic PUF instances found in two device
	types, both based on a widely used ARM Cortex-M microcontroller.
	We show that the quality of the PUF characteristics is almost ideal.
	Subsequently, we propose a security architecture to protect the platform's
	firmware by using a modified boot loader. In a proof of concept,
	we embed our solution on a state-of-the-art commodity system-on-a-chip
	platform equipped with an MCU similar to the ones previously analyzed.},
 doi = {10.1007/978-3-319-08593-7_6},
 isbn = {978-3-319-08593-7}
}
PDF
[2] A novel architecture for a secure update of cryptographic engines on trusted platform module ( , , , and ), In 2011 International Conference on Field-Programmable Technology ,
BIB
@inproceedings{Malipatlolla2011_FPT,
 author = {Sunil Malipatlolla and Thomas Feller and Abdulhadi Shoufan and Tolga
	Arul and Sorin. A. Huss},
 title = {A novel architecture for a secure update of cryptographic engines
	on trusted platform module},
 booktitle = {2011 International Conference on Field-Programmable Technology},
 year = {2011},
 pages = {1-6},
 month = {Dec},
 doi = {10.1109/FPT.2011.6132705},
 keywords = {cloud computing;cryptography;field programmable gate arrays;information
	technology;trusted computing;IT systems;STPM;TPM cryptographic engines;Xilinx
	Virtex-5 FPGA platform;cloud computing;cryptographic hardware engines;hard-wired
	security modules;powerful computing systems;quantum computers;security
	modules;security requirements;side channel analysis;sustainable trusted
	platform module;trusted computing;Computer architecture;Cryptography;Engines;Field
	programmable gate arrays;Heuristic algorithms;Nonvolatile memory;Cryptography;Field
	Programmable Gate Arrays;Secure Update;Trusted Platform Module;Trustworthiness}
}
PDF
[1] Multicast Rekeying: Performance Evaluation ( and ), In Design Methodologies for Secure Embedded Systems (Biedermann, Alexander, Molter, H. Gregor, eds.), Springer Berlin Heidelberg,
BIB
@inproceedings{Shoufan2010_Springer,
 author = {Abdulhadi Shoufan and Tolga Arul},
 title = {{Multicast Rekeying: Performance Evaluation}},
 booktitle = {Design Methodologies for Secure Embedded Systems},
 year = {2010},
 editor = {Biedermann, Alexander and Molter, H. Gregor},
 pages = {85--104},
 address = {Berlin, Heidelberg},
 month = {11},
 publisher = {Springer Berlin Heidelberg},
 abstract = {This paper presents a new approach for performance evaluation of rekeying
	algorithms. New system metrics related to rekeying performance are
	defined: Rekeying Quality of Service and Rekeying Access Control.
	These metrics are estimated in relation to both group size and group
	dynamics. A simultor prototype demonstrates the merit of this unified
	assessment method by means of a comprehensive case study.},
 doi = {10.1007/978-3-642-16767-6_5},
 isbn = {978-3-642-16767-6}
}
Refereed Workshop Papers
[5] Low-Temperature Attacks Against Digital Electronics: A Challenge for the Security of Superconducting Modules in High-Speed Magnetic Levitation (MagLev) Trains ( , , , , , , , , and ), In 2021 IEEE 14th Workshop on Low Temperature Electronics (WOLTE) (WOLTE14) (In Press) ,
BIB
@inproceedings{Anagnostopoulos2021_WOLTE,
 author = {Nikolaos Athanasios Anagnostopoulos and Yufan Fan and Markus Heinrich
	and Nikolay Matyunin and Dominik {P{\"u}llen} and Philipp Muth and
	Christian Hatzfeld and Markus Rosenstihl and Tolga Arul and Stefan
	Katzenbeisser},
 title = {{Low-Temperature Attacks Against Digital Electronics: A Challenge
	for the Security of Superconducting Modules in High-Speed Magnetic
	Levitation (MagLev) Trains}},
 booktitle = {2021 IEEE 14th Workshop on Low Temperature Electronics (WOLTE) (WOLTE14)
	(In Press)},
 year = {2021},
 address = {Matera, Italy},
 month = {apr},
 days = {14},
 doi = {10.1109/WOLTE49037.2021.9555437}
}
PDF
[4] Lightweight security solutions for IoT implementations in space ( , , , and ), In 2019 IEEE Topical Workshop on Internet of Space (TWIOS) ,
BIB
@inproceedings{Anagnostopoulos2019_TWIOS,
 author = {Nikolaos Athanasios Anagnostopoulos and Yufan Fan and Tolga Arul
	and Ravi Sarangdhar and Stefan Katzenbeisser},
 title = {{Lightweight security solutions for IoT implementations in space}},
 booktitle = {2019 IEEE Topical Workshop on Internet of Space (TWIOS)},
 year = {2019},
 pages = {1-4},
 month = {1},
 doi = {10.1109/TWIOS.2019.8771257},
 keywords = {Random access memory;Security;Temperature measurement;Temperature
	sensors;Temperature dependence;Internet of Things}
}
[3] MagneticSpy: Exploiting Magnetometer in Mobile Devices for Website and Application Fingerprinting ( , , , , ), In Proceedings of the 2019 Workshop on Privacy in the Electronic Society , ACM,
BIB
@inproceedings{Matyunin2019_WPES,
 author = {Nikolay Matyunin and Yujue Wang and Tolga Arul and Jakub Szefer and
	Stefan Katzenbeisser},
 title = {{MagneticSpy: Exploiting Magnetometer in Mobile Devices for Website
	and Application Fingerprinting}},
 booktitle = {Proceedings of the 2019 Workshop on Privacy in the Electronic Society},
 year = {2019},
 series = {WPES'19},
 pages = {66--70},
 address = {New York, NY, USA},
 month = {11},
 publisher = {ACM},
 acmid = {3268963},
 doi = {10.1145/3338498.3358650},
 location = {London, UK},
 numpages = {5}
}
[2] A Reference Architecture for Integrating Safety and Security Applications on Railway Command and Control Systems ( , , , , , , , , and ), In 4th International Workshop on MILS: Architecture and Assurance for Secure Systems , Zenodo,
BIB
@inproceedings{Birkholz2018_MILS,
 author = {Henk Birkholz and Christoph Krau{\ss} and Maria Zhdanova Don Kuzhiyelil
	and Tolga Arul and Markus Heinrich and Stefan Katzenbeisser and Neeraj
	Suri and Tsvetoslava Vateva-Gurova and Christian Schlehuber},
 title = {{A Reference Architecture for Integrating Safety and Security Applications
	on Railway Command and Control Systems}},
 booktitle = {4th International Workshop on MILS: Architecture and Assurance for
	Secure Systems},
 year = {2018},
 number = {4},
 address = {Luxembourg},
 month = {6},
 publisher = {Zenodo},
 doi = {10.5281/zenodo.1314095}
}
[1] Consumer Opinions on Short-Interval Charging for Pay-TV over IPTV ( and ), In 2012 26th International Conference on Advanced Information Networking and Applications Workshops ,
BIB
@inproceedings{Arul2012_WAINA,
 author = {Tolga Arul and Abdulhadi Shoufan},
 title = {{Consumer Opinions on Short-Interval Charging for Pay-TV over IPTV}},
 booktitle = {2012 26th International Conference on Advanced Information Networking
	and Applications Workshops},
 year = {2012},
 pages = {147-153},
 month = {3},
 doi = {10.1109/WAINA.2012.95},
 keywords = {IPTV;video on demand;IPTV;Internet Protocol Television;pay-TV;short-interval
	charging;video on demand;Cable TV;IPTV;Pricing;Satellite broadcasting;Satellites;Subscriptions;IPTV;charging
	model;pay-TV;survey}
}
PDF
Other Publications
[6] On the Sustainability of Lightweight Cryptography Based on PUFs Implemented on NAND Flash Memories Using Programming Disturbances ( , , , , , and ), Workshop on "Sustainability in Security & Security for Sustainability" (co-located with the 25th Design, Automation and Test in Europe Conference & Exhibition (DATE 2022) as Workshop 09),
BIB
@misc{Anagnostopoulos2022_Date,
 author = {Nikolaos Athanasios Anagnostopoulos and Yufan Fan and Muhammad Umair
	Saleem and Nico Mexis and Florian Frank and Tolga Arul and Stefan
	Katzenbeisser},
 title = {{On the Sustainability of Lightweight Cryptography Based on PUFs
	Implemented on NAND Flash Memories Using Programming Disturbances}},
 howpublished = {Workshop on "Sustainability in Security \& Security for Sustainability"
	(co-located with the 25th Design, Automation and Test in Europe Conference
	\& Exhibition (DATE 2022) as Workshop 09)},
 month = {03},
 year = {2022},
 note = {Proceedings not published. Links to relevant preprint versions of
	this work: TechRxiv and arXiv},
 doi = {10.48550/ARXIV.2204.02498},
 keywords = {Cryptography and Security (cs.CR), FOS: Computer and information sciences,
	FOS: Computer and information sciences},
 publisher = {arXiv},
 url = {ia.cr/2016/769}
}
PDF
[5] Abusing Commodity DRAMs in IoT Devices to Remotely Spy on Temperature ( , , , , , , , and ),
BIB
@misc{Frank2022_Arxiv,
 author = {Florian Frank and Wenjie Xiong and Nikolaos Athanasios Anagnostopoulos
	and Andr{\'e} Schaller and Tolga Arul and Farinaz Koushanfar and
	Stefan Katzenbeisser and Ulrich Ruhrmair and Jakub Szefer},
 title = {Abusing Commodity DRAMs in IoT Devices to Remotely Spy on Temperature},
 month = {9},
 year = {2022},
 copyright = {Creative Commons Attribution Non Commercial No Derivatives 4.0 International},
 doi = {10.48550/ARXIV.2208.02125},
 keywords = {Cryptography and Security (cs.CR), FOS: Computer and information sciences,
	FOS: Computer and information sciences},
 publisher = {arXiv}
}
PDF
[4] Development of Nanomaterial-Based Physically Unclonable Functions and Dedicated Measurement and Testing Devices ( , , , , and ), Fall School on Nano-Electronics for Secure Systems (NESSY), 10-11 November 2021, Lübeck, Germany,
BIB
@misc{Boettger2021_NESSY,
 author = {Simon B\"{o}ttger and Florian Frank and Nikolaos Athanasios Anagnostopoulos
	and Tolga Arul and Stefan Katzenbeisser and Sascha Hermann},
 title = {{Development of Nanomaterial-Based Physically Unclonable Functions
	and Dedicated Measurement and Testing Devices}},
 howpublished = {Fall School on Nano-Electronics for Secure Systems (NESSY), 10-11
	November 2021, L\"{u}beck, Germany},
 month = {11},
 year = {2021},
 url = {ia.cr/2016/769}
}
[3] MagneticSpy: Exploiting Magnetometer in Mobile Devices for Website and Application Fingerprinting ( , , , and ),
BIB
@misc{Matyunin2019_arXiv,
 author = {Nikolay Matyunin and Yujue Wang and Tolga Arul and Jakub Szefer and
	Stefan Katzenbeisser},
 title = {{MagneticSpy: Exploiting Magnetometer in Mobile Devices for Website
	and Application Fingerprinting}},
 month = {6},
 year = {2019},
 archiveprefix = {arXiv},
 eprint = {1906.11117},
 primaryclass = {cs.CR},
 url = {ia.cr/2016/769}
}
[2] Intrinsic Run-Time Row Hammer PUFs: Leveraging the Row Hammer Effect for Run-Time Cryptography and Improved Security ( , , , , , , , , , , and ), Preprints,
BIB
@misc{Anagnostopoulos2018_Preprint,
 author = {Nikolaos Athanasios Anagnostopoulos and Tolga Arul and Yufan Fan
	and Christian Hatzfeld and Andr{\'e} Schaller and Wenjie Xiong and
	Manishkumar Jain and Muhammed Umair Saleem and Jan Lotichius and
	Sebastian Gabmeyer and Jakup Szefer and Stefan Katzenbeisser},
 title = {Intrinsic {Run-Time} Row Hammer PUFs: Leveraging the Row Hammer Effect
	for Run-Time Cryptography and Improved Security},
 howpublished = {Preprints},
 month = {4},
 year = {2018},
 doi = {10.20944/preprints201804.0369.v1},
 url = {ia.cr/2016/769}
}
[1] Low-temperature data remanence attacks against intrinsic SRAM PUFs ( , , , , and ), Cryptology ePrint Archive, Report 2016/769,
BIB
@misc{Anagnostopoulos2016_Eprint,
 author = {Nikolaos Athanasios Anagnostopoulos and Stefan Katzenbeisser and
	Markus Rosenstihl and Andr{\'e} Schaller and Sebastian Gabmeyer and
	Tolga Arul},
 title = {Low-temperature data remanence attacks against intrinsic SRAM PUFs},
 howpublished = {Cryptology ePrint Archive, Report 2016/769},
 month = {8},
 year = {2016},
 url = {ia.cr/2016/769}
}
Theses
[2] Channel Switching-Triggered Charging for Pay-TV over IPTV ( ), PhD thesis, Technische Universität Darmstadt,
BIB
@phdthesis{Arul2017_Diss,
 author = {Tolga Arul},
 title = {{Channel Switching-Triggered Charging for Pay-TV over IPTV}},
 school = {Technische Universit{\"a}t Darmstadt},
 year = {2017},
 month = {9},
 abstract = {IPTV as an alternative transmission path for broadcast is gaining
	in importance increasingly. Promoted by the continuous expansion
	of broadband networks and IP convergence, IPTV is an enabler for
	several service-based developments such as time-, device-, and place-shifted
	viewing. In this regard, IPTV is attractive for multiple service
	operators as it can be used both as an instrument of customer retention
	and an additional source of revenue.
	
	Despite these technical advantages we observe, that the technical
	potential of IPTV has not been fully re?ected by any pay-TV charging
	model for broadcast content so far. In particular, a consumer-oriented
	charging model can act as an advantage for pioneering service operators
	who offer novel content and technologies in highly competitive markets.
	
	In this work, we develop a novel short-interval charging model for
	linear pay-TV over IPTV called channel switching-triggered charging.
	For the design, implementation, and evaluation of this model we consider
	requirements of pay-TV consumers and service operators. In particular,
	a special emphasis is placed on the aspects of acceptance. This charging
	model is based on the conventional channel switching actions of users
	and is realized by employing multicast encryption schemes. After
	implementing the proposed model we present a case study. We prove
	that our contribution provides additional benefits for the consumer
	and the service provider while maintaining an equivalent level of
	service quality compared to Free-TV.},
 url = {http://tuprints.ulb.tu-darmstadt.de/6680/}
}
[1] Multicast-Rekeying für kundenorientiertes IPTV : Marktanalyse - Prototyp - Performance-Evaluierung ( and ), Master's thesis, Technische Universität Darmstadt,
BIB
@mastersthesis{Arul2009_Diploma,
 author = {Tolga Arul and Peter M{\"u}ller},
 title = {{Multicast-Rekeying f{\"u}r kundenorientiertes IPTV : Marktanalyse
	- Prototyp - Performance-Evaluierung}},
 school = {Technische Universit{\"a}t Darmstadt},
 year = {2009},
 type = {Diploma Thesis},
 month = {July},
 url = {https://hds.hebis.de/ulbda/Record/HEB322907470}
}

Service

08/2022 Reviewer: 6th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2022, 7 November 2022,
CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, CA, USA,
Association for Computing Machinery (ACM), ISBN: 978-1-4503-9884-8
08/2022 Reviewer: Journal of Cryptographic Engineering, Volume 12, issue 3, ISSN: 2190-8508
03/2022 Reviewer: Elsevier Computer Communications, Volume 194, ISSN: 0140-3664
12/2021 Reviewer: 2022 IEEE International Symposium on Circuits and Systems, ISCAS 2022, 28 May-1 June 2022,
Austin, USA, Institute of Electrical and Electronics Engineers (IEEE)
10/2021 Reviewer: Journal of Cryptographic Engineering, Volume 11, Issue 4, ISSN: 2190-8508
08/2021 Reviewer: 2022 Design, Automation & Test in Europe Conference & Exhibition, DATE 2022, 14-23 March 2022,
Antwerp, Belgium, Institute of Electrical and Electronics Engineers (IEEE), ISBN: 978-1-6654-9637-7
08/2021 Reviewer: 5th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2021, 19 November 2021,
CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea,
Association for Computing Machinery (ACM), ISBN: 978-1-4503-8662-3
01/2021 Reviewer: 42nd IEEE Symposium on Security & Privacy, SP 2021, 24-27 May 2021,
Virtual Conference, USA, Institute of Electrical and Electronics Engineers (IEEE), ISBN: 978-1-7281-8935-2
08/2020 Reviewer: 4th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES 2020, 13 November 2020,
CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA,
Association for Computing Machinery (ACM), ISBN: 978-1-4503-8090-4
08/2020 Reviewer: Elsevier Computer Networks, Volume 178, ISSN: 1389-1286
07/2020 Reviewer: Nature Electronics, Volume 4, Issue 5, ISSN: 2520-1131
05/2020 Reviewer: MDPI Electronics, Volume 9, Issue 5, ISSN: 2079-9292
04/2019 Reviewer: 30th International Workshop on Combinatorial Algorithms, IWOCA 2019, Pisa, 23-25 July,
Lecture Notes in Computer Science, volume 11638, Springer, ISBN: 978-3-030-25004-1
08/2018 Reviewer: Elsevier Computers & Security, Volume 78, ISSN: 0167-4048
08/2017 Reviewer: Elsevier Computers & Security, Volume 71, ISSN: 0167-4048

Teaching

10/2022 - 04/2023 Lab course: Advanced Security Engineering Lab
Teaching assistant for organization of lab course, development and implementation of a placement procedure, development of lab topics at University of Passau.
Seminar: Master Seminar Security Engineering
Teaching assistant for development of research topics, supervision, review and grading of student papers and presentations at University of Passau.
04/2022 - 10/2022 Lab course: Advanced Security Engineering Lab
Teaching assistant for organization of lab course, development and implementation of a placement procedure, development of lab topics at University of Passau.
10/2021 - 04/2022 Lecture: IT Security
Course lecturer at Turkish-German University in Istanbul/Turkey. Acceptance of official teaching assignment ("Lehrauftrag") based on the flying faculty programme in cooperation with the German Research Foundation (DFG) and the German Academic Exchange Service (DAAD). Design of course structure and contents, teaching of lectures and exercises, design and supervision of exercises, development, conducting and correction of final exam, assignment of grades.
Lab course: Advanced Security Engineering Lab
Teaching assistant for organization of lab course, development and implementation of a placement procedure, development of lab topics at University of Passau.
04/2021 - 10/2021 Lecture: Computer Architecture
Course lecturer at University of Passau. Acceptance of official teaching assignment ("Lehrauftrag"). Design of course structure and contents, teaching of lectures, design and supervision of assignments, development, conducting and correction of final exam, assignment of grades, conducting of post-exam review.
Lab course: Advanced Security Engineering Lab
Teaching assistant for organization of lab course, development and implementation of a placement procedure, development of lab topics at University of Passau.
10/2020 - 04/2021 Lecture: IT Security
Course lecturer at Turkish-German University in Istanbul/Turkey. Acceptance of official teaching assignment ("Lehrauftrag") based on the flying faculty programme in cooperation with the German Research Foundation (DFG) and the German Academic Exchange Service (DAAD). Design of course structure and contents, teaching of lectures and exercises, design and supervision of exercises, development, conducting and correction of final exam, assignment of grades.
Lab course: Advanced Security Engineering Lab
Teaching assistant for organization of lab course, development and implementation of a placement procedure at University of Passau.
Seminar: Master Seminar Security Engineering
Teaching assistant for development of research topics, supervision, review and grading of student papers and presentations at University of Passau.
04/2020 - 10/2020 Lab course: Advanced Security Engineering Lab
Teaching assistant for organization of lab course, development and implementation of a placement procedure at University of Passau.
Seminar: Master Seminar Security Engineering
Teaching assistant for development of research topics, supervision, review and grading of student papers and presentations at University of Passau.
10/2019 - 04/2020 Lecture: Hardware-oriented Security
Course lecturer at Technical University of Darmstadt. Acceptance of official teaching assignment ("Lehrauftrag"). Design of course structure and contents, teaching of lectures, design and supervision of assignments, development, conducting and correction of final exam as well as assignment of grades, conducting of post-exam review.
Lecture: Distributed Systems
Course lecturer at Turkish-German University in Istanbul/Turkey. Acceptance of official teaching assignment ("Lehrauftrag") based on the flying faculty programme in cooperation with the German Research Foundation (DFG) and the German Academic Exchange Service (DAAD). Design of course structure and contents, teaching of lectures, design and supervision of assignments, development of final exam and assignment of grades.
Lecture: IT Security
Course lecturer at Turkish-German University in Istanbul/Turkey. Acceptance of official teaching assignment ("Lehrauftrag") based on the flying faculty programme in cooperation with the German Research Foundation (DFG) and the German Academic Exchange Service (DAAD). Design of course structure and contents, teaching of lectures, design and supervision of assignments, development of final exam and assignment of grades.
Lab course: Security Engineering Lab
Teaching assistant for organization of lab course, development and implementation of a placement procedure at Technical University of Darmstadt. Development of lab topic, supervision of lab groups, assessment and grading of assignments.
04/2019 - 10/2019 Lecture: Distributed Systems
Course lecturer at the Baden-Wuerttemberg Cooperative State University in Mannheim. Acceptance of official teaching assignment ("Lehrauftrag"). Design of course structure and contents, teaching of lectures, design and supervision of assignments, development, conducting and correction of final exam and assignment of grades, conducting of post-exam review.
Lecture: Computer Architecture
Teaching assistant for selected courses at University of Passau. Course lecturer for selected lectures, participation in the design of exercises and assignments.
10/2018 - 04/2019 Lab course: Bachelor-Praktikum
Teaching assistant for organization of lab course, development and implementation of a placement procedure at Technical University of Darmstadt.
Seminar: Privacy Enhancing Technologies
Teaching assistant for development of research topics, supervision, review and grading of student papers and presentations at Technical University of Darmstadt.
04/2018 - 10/2018 Lab course: Project Practicum
Teaching assistant for organization of lab course, development and implementation of a placement procedure at Technical University of Darmstadt.
Seminar: Privacy by Design
Teaching assistant for development of research topics, supervision, review and grading of student papers and presentations at Technical University of Darmstadt.
10/2017 - 04/2018 Lecture: Critical Infrastructure Protection
Teaching assistant for drafting, correcting and grading of exam at Technical University of Darmstadt.
Lab course: Bachelor-Praktikum
Teaching assistant for organization of lab course, development and implementation of a placement procedure. Development of lab topic, supervision of lab groups, assessment and grading of assignments at Technical University of Darmstadt.
Seminar: Privacy Enhancing Technologies
Teaching assistant for development of research topics, supervision, review and grading of student papers and presentations at Technical University of Darmstadt.
04/2017 - 10/2017 Lecture: Formal Principles of Computer Science III
Teaching assistant for correcting and grading of final exam at Technical University of Darmstadt.
Seminar: Privacy by Design
Teaching assistant for development of research topics, supervision, review and grading of student papers and presentations at Technical University of Darmstadt.
04/2012 - 10/2012 Lecture: Modelling of Heterogenous Systems
Teaching assistant for grading assignments and drafting, correcting as well as grading the exam at Technical University of Darmstadt.
10/2009 - 04/2010 Lecture: Reconfigurable Processors
Teaching assistant for grading assignments and drafting, correcting as well as grading the exam at Technical University of Darmstadt.

Supervised Theses


PhD theses
ongoing Physical Unclonable Functions on Emerging Non-Volatile Commercial-off-the-Shelf Memories
Florian Frank (co-supervised with Prof. Stefan Katzenbeisser)
Master theses
ongoing Security Analysis of IoT Systems in Railways
Ali Fathi (co-supervised with Prof. Stefan Katzenbeisser)
ongoing Extracting physical unclonable function behaviour from non-volatile memories under different environmental conditions: An example of FRAM and MRAM
Rihab Ziani (co-supervised with Florian Frank)
09/2022 Investigation of Commercial-Off-the-Shelf Ferroelectric RAM and Resistive RAM for their use as Physical Unclonable Functions
Basma Dakech
07/2022 Channel-based key extraction for 6G
Shoya Takebuchi
03/2022 Back-End and Management Services for a Channel Switching-Triggered Charging System
Marcelo Cajamarca Bermeo
01/2022 Implementation of a PUF Measurement and Characterization Framework
Zakaria Takki Chebihi
01/2022 Implementation and Investigation of a Real-World Stream Encryption Mechanism Based
on Synchronised Chua Chaotic Circuits, Emiliia Nazarenko
(co-supervised with Nikolaos A. Anagnostopoulos)
08/2021 PUF Implementations on Resistive and Magnetoresistive Random Access Memory
Yuki Okumura
01/2021 Implementation and Investigation of a Real-World Stream Encryption Mechanism Based on Synchronised Chua Chaotic Circuits
Emiliia Nazarenko (co-supervised with Nikolaos A. Anagnostopoulos)
08/2014 Design und Implementierung einer plattformunabhängigen software-basierten IPTV Set-Top-Box
Stefan Pöschel
10/2012 A Novel Set-Top-Box Architecture Providing Dynamically Reconfigurable Security Components
Leonardo Solis-Vasquez, ERASMUS - Politecnico di Torino (co-supervised with Thomas Feller)
Diploma theses
11/2013 Hardware-based Measures against Packet Loss in Streaming Applications
Konrad Stahlschmidt
Bachelor theses
06/2019 Authenticated Train Localization based on Track Ballast Imagery
Fatma Çağı
05/2019 IMS Integration of a Channel Switching-Triggered Charging System
Tobias Wies
03/2012 Implementierung einer IPTV Set-Top-Box mit Hilfe eines FPGA-Entwicklungsboards
Björn Alexander Flubacher
01/2012 MPEG2-TS MUX / DEMUX mit Sicherheitsfunktionen für DVB-IPTV
Patrick Neugebauer
Other
09/2013 Extensions on an FPGA-based Multiplexer Design
Goutham Samala
11/2011 Dynamic routing setup for multicast traffic
Sarmad Javed
08/2011 System on a chip set-top box for IPTV
Zuhaib Ahmed Chohan
05/2011 Traffic shaping, quality of service and resilience for IPTV traffic transport in multicast
Evgeny Bubnov

Projects

Ongoing
PUFMem: Manipulation-proof fingerprints for new-type memory modules
sponsor DFG
period 3y
funding €77k
DFG Logo The analogue world could make the Internet of Things more secure. In the DFG project PUFmem, a research team in Passau is investigating future possibilities for the deployment of physically unclonable functions in memory structures. [continue]
In the analogue world, the way chips are produced causes unwanted, minimal deviations. However, these unplanned variations make each chip unique in its own right. 'In computer science, we can take advantage of these differences because they enable us to identify hardware unambiguously', explains Professor Stefan Katzenbeisser, holder of the Chair of Computer Engineering at the University of Passau. These unique codes are known as physically unclonable functions, or PUFs for short. With the aid of PUFs, devices can be identified unambiguously, which means that the PUFs are rather like a digital fingerprint. At the present time, this is regarded as a robust and simple solution by means of which the Internet of Things, for example, can be made more secure.

In the DFG project "PUFmem – intrinsic physically unclonable functions from new-type non-volatile memories", the team around Professor Katzenbeisser are researching whether new-type memory structures can be used as PUFs. What is special about that is that the memories then function both as data storage media and as unique protection for the device concerned. The computer scientists are experimenting with memory modules which will be installed in devices in the near future. Among other things, the research team are examining various physical properties of these memory cells and researching the resistivity of the PUFs by exposing the memory modules to different environmental conditions, for example fluctuations in temperature, magnetic fields and radiation.
NANOSEC: Maximum IT security for tiny particles
sponsor DFG
period 3y
funding €250k
DFG Logo The analogue world could make the Internet of Things more secure. In the DFG project NANOSEC, a research team in Passau is investigating future possibilities for the deployment of physically unclonable functions in memory structures and nanomaterial-based components. [continue]
In the analogue world, the way chips are produced causes unwanted, minimal deviations. But in fact, these unplanned variations make each chip unique in its own right. 'In computer science, we can take advantage of these differences because they enable us to identify hardware unambiguously', explains Professor Stefan Katzenbeisser, holder of the Chair of Computer Engineering at the University of Passau. These unique codes are known as physically unclonable functions, or PUFs for short. With the aid of PUFs, devices can be identified unambiguously, which means that the PUFs are rather like a digital fingerprint. At the present time, this is regarded as a robust and simple solution by means of which the Internet of Things, for example, can be made more secure.

In the DFG project "NANOSEC – manipulation-proof PUFs based on nanostructures for secure and robust hardware security primitives", the researchers in Passau have teamed up with the TU Chemnitz to combine their skills in the areas of hardware security (University of Passau) and nanomaterial-based components (TU Chemnitz). The tandem team are investigating the extent to which new semi-conductors based on carbon nanotubes are suitable for use in PUFs. Here, the team are developing and researching hybrid PUFs, which have both sensor and PUF functionalities. 'This could be a promising building block for security-relevant applications, for example in autonomous driving, because it delivers trustworthy, hardware-proof sensor data', explains Professor Katzenbeisser.
6G-RIC: 6G Research and Innovation Cluster
sponsor BMBF
period 4y
funding €50m
Logo of 6G-RIC project The University Passau is a participant in the research hub "6G Research and Innovation Cluster (6G-RIC)", which is coordinated by Fraunhofer HHI and funded by the Federal Ministry of Education and Research (BMBF). A team around IT security expert Professor Stefan Katzenbeisser has set itself the task of developing a security architecture that takes into account energy efficiency. [continue]
The Federal Ministry of Education and Research (BMBF) has selected four German research hubs to explore the next generation of "6G" mobile technology. These hubs are trans-regional associations comprising several universities and research institutions that have decided to pool their technology development skills and accelerate the discovery-to-application process. The research initiative "6G Research and Innovation Cluster (6G-RIC)" is one of these research hubs coordinated by the Fraunhofer Institute for Telecommunications, Heinrich Hertz Institute, HHI. The purpose of the initiative is to develop mobile telecommunications systems of the sixth generation by pushing back the limits of technology. Efforts focus on developing the technology and creating a high-performance test infrastructure. The test infrastructure will be used to trial new technology components under realistic and open conditions. The purpose is to accelerate direct exploitation and facilitate the creation of a new ecosystem in the medium term.

The 6G-RIC consortium consists of a nationwide cluster of eleven universities. Participants include a team from the University of Passau that is headed by Professor Stefan Katzenbeisser who holds the Chair of Computer Engineering. It has expert knowledge in IT security to contribute to the cluster: the researchers from Passau are tasked with analysing security risks and threats. Plans include conducting a case study on 6G application in critical railway security systems. Building on this, the team from the University of Passau is developing a security architecture for future 6G networks using special building blocks like cryptographic protocols and machine learning processes.

"It is essential that security in 6G networks be based on processes that are resistant to quantum-hardware-based attacks right from the start," says Professor Katzenbeisser. However, research is also focused on energy efficiency, particularly with a view to achieving the long-term climate goals: "One of the biggest challenges is to reconcile the massive level of network densification that will come with 6G and the explosive growth in data traffic with the call for global sustainability and fairness." Aside from the University of Passau, the 6G-RIC cluster includes Technische Universität Berlin, Technische Universität Braunschweig, Chemnitz University of Technology, the Technical University of Darmstadt, Kiel University, the University of Tübingen, RWTH Aachen University, Freie Universität Berlin, Humboldt-Universität and Friedrich-Alexander-Universität Erlangen-Nürnberg. Five non-university research institutes are likewise involved: the Max Planck Society, the Fraunhofer-Gesellschaft, the German Aerospace Center, the Ferdinand-Braun-Institut, Leibniz-Institut für Höchstfrequenztechnik as well as the Leibniz Institute for High Performance Microelectronics.
UNICARagil: Research Collaboration on the Mobility of the Future
sponsor BMBF
period 4y
funding €27m
Logo of UnicarAgil project Leading German universities have joined forces in the BMBF's UNICARagil research network to redevelop the automobile and its development processes. A research team from the University of Passau is also involved. [continue]
Autonomous electric vehicles will play a key role in overcoming the challenges posed by the increasing need for mobility and urbanisation. They will create the basis for sustainable and intelligent road traffic, innovative mobility and transport concepts as well as improvements in traffic safety and quality of life in urban areas.

In the UNICARagil project, completely driverless electric vehicles will be developed on the basis of the latest research results on automated and networked driving and electric mobility. The basis for this is a modular and scalable vehicle concept consisting of a utility and drive unit. It can be flexibly adapted to a wide range of applications in logistics and passenger transport, which can be exploited in particular by driverless, emission-free vehicles. The core element of the research and development work is the functional vehicle architecture, which is linked up to the cloud, the road infrastructure and a sensor drone. Additional focal points include the development of generic sensor modules for detecting surroundings, a flexibly expandable and updatable software and hardware architecture as well as highly dynamic wheel hub drives that allow completely new forms of mobility in road traffic. The project concludes with a demonstration in four different applications on test fields in Germany.

Among other things, the novel approach of the project provides for the comprehensive linking up of vehicles with their respective surroundings. To this end, it will be important to protect user data and ward off possible cyber attacks. A team led by Prof. Dr. Stefan Katzenbeisser, Chair of Computer Engineering at the University of Passau, will design and develop a corresponding IT security architecture that includes a package of measures for the defence and detection of cyber attacks that could have devastating consequences for passenger security. The designed architecture will be prototypically implemented in the UNICARagil vehicles.

The UNICARagil project will run for four years. It is supported by the Federal Ministry of Education and Research within the framework of the funding priority “Disruptive vehicle concepts for autonomous electric mobility” (Auto-Dis). The project volume amounts to EUR 23.3 million (94 percent of which is funded by the BMBF). Members of the consortium are the University of Passau, the RWTH Aachen, the TU Braunschweig, the TU Darmstadt, the Karlsruhe Institute of Technology, the TU Munich, the University of Stuttgart and the University of Ulm as well as the industrial partners ATLATEC GmbH, flyXdrive GmbH, iMAR Navigation GmbH, IPG Automotive GmbH, Schaeffler Technologies AG & Co. KG and VIRES Simulationstechnologie GmbH.


Completed
Haselnuss: Security for Next-Generation Railway Control and Safety
sponsor BMBF
period 3y
funding €3m
Logo of Haselnuss project Digitalisation increases the risk of cyber attacks on the railway infrastructure. In the BMBF project HASELNUSS, a research network is developing a hardware-based security platform adapted to the special requirements of the Deutsche Bahn. [continue]
Information technology (IT) is increasingly being used to introduce new functionalities and to increase process efficiency in railway facilities. As a result of the digitalisation of the railway infrastructure and the linking up of control and security technology, however, the risk of cyber attacks is also increasing. Since the railway systems are also part of the critical infrastructures in Germany, they are correspondingly strictly regulated by IT security law. This digital transformation of the railway leads to new requirements for IT-based systems in the railway sector and requires new IT security solutions.

The aim of the HASELNUSS research project is to develop a hardware-based security platform for control and security technology that is adapted to the special requirements of the railways and provides the necessary IT security functions without influencing functional security. The platform offers measures to ensure system integrity and forms the basis for secure networking of the railway infrastructure.

The HASELNUSS architecture is based on a hardware security module of the latest generation, the "Trusted Platform Module (TPM) 2.0", which serves as a security anchor, and the microkernel-based operating system PikeOS, which allows a secure coexistence of critical and non-critical applications and is easy to verify. On this basis, services for secure patch and update management, health monitoring, anomaly and attack detection are implemented. The developed security platform will then be implemented in demonstrators and practically tested in the DB Netz AG test centre and in the Darmstadt railway operations field.

The Fraunhofer Institute for Secure Information Technology in Darmstadt coordinates the project. A team from the University of Passau under the direction of Prof. Dr. Stefan Katzenbeisser, Chair of Computer Engineering, is involved in the project. The Federal Ministry of Education and Research (BMBF) is funding the project over a period of 3 years.
CYSIS: Cyberyscurity for Critical Infrastructures
sponsor DB
sponsor TUD
period 3y
Logo of Cysis project The CYSIS working group was established by Deutsche Bahn AG and TU Darmstadt within the framework of the Innovation Alliance and the existing DB RailLab on 25 January 2016. The purpose of the group is to discuss the cybersecurity challenges faced by the increasing digitalisation of the railway sector. [continue]
CYSIS forms a basis for an intensive exchange of information between industry and academia in the railway sector, in order to benefit from each other's knowledge. Effective defense mechanisms and countermeasures are investigated with the assistance of partners from academia. CYSIS regularly publishes whitepapers and technical guidelines. CYSIS consists of the following subgroups:
  • Resilient Architectures (completed): The group discussed resilient architecturesfor railway signalling. A whitepaper has been published. It presents requirements for signalling systems in order to be prepared against cyberattacks.
  • Business Continuity Management (completed): The operators of signalling systems need to be prepared for dealing with attacks. Concepts are developed to maintain a minimum of train operation even under attack.
  • Security for Safety (completed): Train operation needs to be security aware. To build security in future interlocking systems, design decisions have to be made now. The decisions cover the system architecture, the lifecycle, the operation and the homologation process. The subgroup created a whitepaper and a short version was published in Signal + Draht 5/2018 in English and German.
  • ETCS and Security (completed): Security aspects of the European Train Control System (ETCS) are investigated. It is currently the only signalling system in Germany that utilizes wireless information transmission, which has a significantly larger attack surface.
  • Holistic Security (completed): Typically, security is regarded separately in railway signalling, rolling stock, and fixed installations. For a strong security concept, a holistic approach is required that includes the consideration of all three parts together.
  • Internet of Railway Things: The group discusses essential security aspects of railway IoT by means of two realistic use cases. The security includes security requirements, attack vectors, threats, countermeasures, security architectures, and more.
PUFFIN: Physically Unclonable Functions found in Standard PC Components
sponsor EC-FP7
period 3y
funding €1.3m
Logo of Puffin project Physically Unclonable Functions (PUFs) are used to uniquely identify electronic components and to protect valuable objects against counterfeiting. They allow creating a root of trust in a hardware system through generating device-unique “fingerprints” and deriving secret keys from the underlying physical properties of the silicon. [continue]
Today they are typically found in specially designed hardware components and result from the silicon properties of individual transistors. They exist in many forms, among which are the so-called SRAM PUFs. The Physically unclonable functions found in standard PC components (PUFFIN) project intends to study and show the existence of SRAM PUFs and other types of PUFs in standard PCs, laptops, mobile phones and consumer electronics. This has not been attempted so far. The mere existence of physical properties that depend on a component and are reproducible is only the first step to guarantee appropriate robustness, reliability and randomness properties for use as secret keys or trust anchors in mass-market applications.

Contact

You can follow my work through the following platforms
(Please note that linked external websites may process personal data and
all product names, logos, and brands are the property of their respective owners and
their use does not imply endorsement) :



For professional inquiries, please use the following email address:
[forename][dot][surname][at]uni[dash]passau[dot]de.

Dr.-Ing. Tolga Arul
Chair of Computer Engineering
Computer Science Department
University of Passau
Room ITZ 117
Innstraße 43
94032 Passau

phone : +49(0)851 509 3044
web : https://t1p.de/TolgaArul