Send email Copy Email Address

Andrea Ruffing

Summer School on System Security

Summer School 2023 taking place at CISPA from August 21-25 on System Security.

We are inviting applications from undergraduate, graduate students and researchers in the area of Cybersecurity and related fields. This year's school will be focusing on System Security. During our annual scientific event, students will have the opportunity to follow one week of scientific talks and workshops, present their own work during poster sessions and discuss relevant topics in System Security with fellow researchers and expert speakers. The program will be complemented by social activities. 

The Summer School is a full-week event, kicking off with a Check-in from 10-11 am on Monday, August 21. The program will be running daily from 9am to 6-7pm, providing enough room for sessions, discussions and socializing during coffee and lunch breaks. The event is finishing on Friday, August 25, around 2:30 pm. 

Application Process: Please apply by filling in our application form and uploading your CV, your study transcript, and a short Motivation Letter. 

Application Deadline: (CEST) July 31, 2023 (regular application closed)

                                            Late Registration (depending on availability or waiting list): August 7, 2023 (CEST) (application closed)

Notification of Acceptance: Several rounds of acceptance, roughly 3 weeks after application at the latest. 

Fee: 200,-€  (includes full program, food and beverages during the week, and social activities)

Travel Grant: We are offering travel grants. With your application, you can apply for a grant of up to 500,-€  per person (actual travel cost spent, economy flight, train ticket 2nd class). Please do not book any travel arrangements before you have been selected by our jury and accepted to our Summer School. After acceptance, please send your travel arrangements to for approval prior to booking anything. We will confirm if/that your expenses will be covered and you will be reimbursed after completing the Summer School successfully. 

Presentations: There will be at least one session, during which participants can present their own work / scientific poster. The presentation is not mandatory to receive a certificate of attendance, but we are highly encouraging you to contribute your work to this session and  as it will provide you with valuable feedback from an expert audience and might kindle interesting discussions. 

When: August 21-25, 2023

Where: CISPA - Helmholtz Center for Information Security, Saarbruecken. 


Program featuring CISPA Faculty & Invited Speakers

Invited Speakers

Aanjhan Ranganathan (Northeastern University)

James Pavur (Defense Digital Service, US Department of Defense)

Lachlan Gunn (Aalto University, Finland)

N. Asokan (University of Waterloo)

Nassim Corteggiani (Intel)

Shweta Shinde (ETH Zuerich)

Yossi Oren (Ben-Gurion University, Israel)

Zhenyu Ning (Hunan University)

CISPA Faculty

Ali Abbasi

Michael Schwarz

Nils  Ole Tippenhauer

Sven Bugiel

Thorsten Holz




Title: Security Validation of Hardware Design: Process & Challenges

Speaker: Nassim Corteggiani (Intel)
Abstract:  Silicon chips are essential components of our modern lives, deeply embedded in many of the everyday objects around us. This industry is highly competitive, with relatively short time-to-market and high demand for performance, power efficiency and connectivity. These three criteria significantly increase the complexity of silicon chips, making security testing even more challenging.

In this talk, we will provide an overview of some existing methods used to maintain a high level of security for hardware. In particular, we will present the emerging research on hardware fuzzing. Finally, we will conclude the presentation with a discussion of the challenges that remain.



Title: Blinded Memory 

Speaker: N. Asokan 

Abstract: Outsourcing computing to a remote processor is popular and compelling. Cryptographic techniques like homomorphic encryption allow a client to outsource computation on sensitive data while ensuring that the data cannot be leaked. However, such techniques incur substantial computation and communication costs. Leveraging hardware assistance to efficiently ensure security is thus an attractive proposition. Trusted Execution Environments (TEEs), which saw widespread deployment in the early 2000s by mobile device manufacturers to run sensitive computations on commodity devices, can help to realize secure outsourced computing. But the security guarantees provided by traditional TEEs have been called into question by various recent attacks that exploit the inherent complexity of modern hardware and software. In this talk, I will describe Blinded Memory (BliMe): on-going work by my students to design minimal processor extensions that can help to efficiently realize secure outsourced computing. BliMe consists of a minimal set of Instruction Set Architecture (ISA) extensions that use taint-tracking to ensure confidentiality of sensitive (client) data even in the presence of server malware, run-time attacks, or side-channel attacks. To secure outsourced computation, BliMe extensions can be used together with an attestable, fixed-function hardware security module (HSM) and an encryption engine that provides atomic decrypt-and-taint and encrypt-and-untaint operations. I will describe the overall architecture, the current status of the work, and the challenges we face.

Bio: N. Asokan is a Professor of Computer Science at the University of Waterloo where he holds a David R. Cheriton chair and serves as the Executive Director of Waterloo Cybersecurity and Privacy Institute (CPI). He is also an Adjunct Professor of Computer Science at Aalto University, where he was the founding director of Helsinki-Aalto Institute for Cybersecurity (HAIC). Asokan's primary research theme is systems security broadly, including topics like the development and use of novel platform security features, applying cryptographic techniques to design secure protocols for distributed systems, applying machine learning techniques to security/privacy problems, and understanding/addressing the security and privacy of machine learning applications themselves. Asokan is a Fellow of both ACM and IEEE. For more information about Asokan’s work, visit his website at or follow him on Twitter (@nasokan) or Mastodon ( 

Title: Formally verifying properties of the Blinded Memory architecture using F*

Speaker: Lachlan J. Gunn

Abstract: The Blinded Memory (BliMe) extensions enforce a security property based on information flows: the observable system state, including state observable by side channels, must be independent of any sensitive data stored in the system.  Achieving this requires modifications to every instruction in the architecture.  Given the breadth of these changes, we want to ensure that the changes that we plan to make are really sufficient to enforce our security property.  We achieve this by building a formal model using the F* language.  Well-known for its use in the formally-verified HACL* cryptographic library and miTLS TLS implementation, F* is a dependently-typed functional language in the ML family that can verify program properties with the aid of SMT.  We use F* to build a model of a simple CPU incorporating BliMe, and show that it enforces our information flow property. In this talk we will present a brief introduction to the F* language, and show how we used it to prove the correctness of our model of a BliMe-supporting CPU.

Bio:  Lachlan J. Gunn is a University Lecturer at Aalto University in Espoo, Finland, where he also holds an Academy of Finland Postdoctoral Researcher position.  He received his Ph.D in Electrical and Electronic Engineering from the University of Adelaide, Australia in 2017, and since then his primary research interests are in platform security, distributed systems, and privacy-enhancing technology. His current work focusses on how to incorporate cryptographic methods into hardware and software to provide benefits beyond those that can be achieved by cryptography at the application layer alone.  For more information on Lachlan’s work, please see


Title: From CPUs to Peripherals: The Next Frontier of Confidential Computing

Speaker: Shweta Shinde

Abstract: Trusted execution environments in several existing and upcoming CPUs demonstrate the success of confidential computing, with the caveat that they leave out peripherals both on mobile (e.g., camera, display) and server (e.g., GPUs, FPGAs) platforms. While desirable, extending the notion of confidential computing from CPUs to peripherals is not straightforward.
As a first case in point, I will present a new smartphone architecture that maintains compatibility with the existing smartphone ecosystem but allows balancing the control that users, OS vendors, and manufacturers exert over the phones. Our architecture, named TEEtime implements novel, TEE-based, resource and interrupt isolation mechanisms that allow the users to flexibly choose which resources (including peripherals) to dedicate to different isolated domains, namely, to legacy OSes and the user’s proprietary software.
As the second case in point, we reconsider the Arm Confidential Computing Architecture (CCA) design--an upcoming TEE feature in Arm v9-to address the gap between CPUs and accelerators on server platforms. We build Acai based on the observation that CCA offers the right abstraction and mechanisms to allow confidential VM to use accelerators as a first-class abstraction while relying on hardware-based memory protection to preserve security. Acai achieves its goals without changes to hardware or software on the CPU and the accelerator as well as achieves strong security guarantees with low performance overheads.

Shweta Shinde is an assistant professor at ETH Zurich, where she leads the Secure and Trustworthy Systems Group. Her research is broadly at the intersection of trusted computing, system security, program analysis, and formal verification.  


Title: Reinforcing TEE Confidentiality with Cryptographic Coprocessors

Speaker: Sven Bugiel

Abstract: Platforms are nowadays typically equipped with trusted execution environments (TEEs), such as Intel SGX or ARM TrustZone. However, recent microarchitectural attacks on TEEs repeatedly broke their confidentiality guarantees, including leaking long-term cryptographic secrets. On the other hand, these systems are typically also equipped with a cryptographic coprocessor, such as a TPM or Google Titan. These coprocessors offer a unique set of security features focused on safeguarding cryptographic secrets. Still, despite their simultaneous availability, the integration between these technologies is practically nonexistent, which prevents them from benefitting from each other’s strengths.

In this session, we first provide a brief introduction to the relevant aspects of TPMs and Intel SGX. Based on this knowledge, we then step through a general design and a set of three main requirements for a secure symbiosis between TEEs and cryptographic coprocessors. Afterward, we show, based on the concrete example of TPM and SGX, how the long-term secrets in SGX enclaves can be moved to the TPM for better protection. We demonstrate that our design is robust even in the presence of transient execution attacks, preventing an entire class of attacks due to the reduced attack surface on the shared hardware.



Title: Beyond the Noise: Automated Discovery of Microarchitectural Security Leaks

Speaker: Michael Schwarz

Abstract: Microarchitectural security is still a relatively young research area with many unexplored territories with exciting discoveries to be made, even for newcomers. Experiments in this area often yield strange and seemingly random observations, appearing as noise. Surprisingly, these oddities can reveal side channels or even processor vulnerabilities.

However, even for domain experts, designing experiments to discover new side-channel leakage can be a tedious and time-consuming process that also requires a non-negligible amount of luck.

In this talk, we show how automation can help in this discovery process. We cover recent advances in tooling and automation for microarchitectural leakage discovery, drawing parallels to the field of software testing. Although automation in this domain is still taking its first steps compared to software testing, we showcase how it has already led to the uncovering of previously hidden side channels and transient-execution attacks. With the existing techniques and open-source tools, you might even be the next to find an exciting security vulnerability.

Bio: Michael Schwarz is Faculty at the CISPA Helmholtz Center for Information Security in Saarbruecken, Germany, with a focus on microarchitectural side-channel attacks and system security. He obtained his PhD with the title "Software-based Side-Channel Attacks and Defenses in Restricted Environments" in 2019 from Graz University of Technology. He holds two master's degrees, one in computer science and one in software engineering with a strong focus on security. He was part of the discovery of multiple CPU vulnerabilities, including Meltdown, Spectre, LVI, PLATYPUS, ZombieLoad, and ÆPIC Leak. He was also part of the KAISER patch, the basis for Meltdown countermeasures now deployed in every modern operating system under names such as KPTI or KVA Shadow.

Title: Timing Instructions for Fun and Profit (hands-on session)

Speaker: Michael Schwarz

Abstract: Nowadays, modern CPUs and their microarchitectures are complex constructs packed with various performance optimizations. Similar to bugs in complex software projects, the complexity of CPUs can lead to hardware bugs that attackers can exploit to cross security boundaries. However, finding and observing these bugs is often tricky.

In this hands-on session, we start with one of the essential building blocks most microarchitectural attacks require: taking reliable high-precision timing measurements. These measurements allow us to observe subtle differences in the execution time of instructions executed on modern CPUs. After briefly introducing the security mechanism Kernel Address Space Layout Randomization (KASLR), we will exploit differences in the execution time of specific instructions to circumvent KASLR.

Title: Micro-architectural attacks: in your webs, attacking your privacy 

Speaker: Yossi Oren

Abstract:  Web browsers are happy to execute any code sent to them by web servers, as long as it follows some basic sandboxing and isolation rules. This fact makes the web setting a very interesting playground for micro-architectural attacks of all sorts. In this session I will review and demonstrate several of these attacks, discuss the challenges involved in porting attacks from native code into portable web content, and discuss some of the steps taken by browser vendors to make micro-architectural attacks more challenging to launch in this setting. 

A particular focus will be on attacks which do not try to steal cryptographic keys or other secret state information, but instead target the privacy of the humans using the computer.

Bio: Yossi Oren is a Senior Lecturer in the Department of Software and Information Systems Engineering at Ben Gurion University of the Negev, and a member of BGU's Cyber Security Research Center. Prior to joining BGU, Yossi was a Post-Doctoral Research Scientist in the Network Security Lab at Columbia University in the City of New York and a member of the security lab at Samsung Research Israel. He holds a Ph.D. in Electrical Engineering from Tel-Aviv University, and an M.Sc. in Computer Science from the Weizmann Institute of Science.

His research interests include implementation security (side-channel attacks, micro-architectural attacks, power analysis and other hardware attacks and countermeasures; low-resource cryptographic constructions for lightweight computers) and cryptography in the real world (consumer and voter privacy in the digital era; web application security). He has been recognized by The Register as a Top Boffin. Twitter:


Title: Adventures in Cyber Space: An introduction to satellite cybersecurity

Speaker: James Pavur

Over the next decade, the number of satellites in orbit will increase by an order of magnitude. As thousands of new space missions launch, touching almost every aspect of modern life, it is increasingly vital to ensure they are protected from attack. What does this work look like and where should we start when it comes to identifying the most important unsolved problems in space security?

This lecture will explore those questions from a variety of angles. Will start with an understanding of the theory of counterspace and the policy and strategic implications of digital counterspace. From there, we'll walk through several cyber-attack techniques targeting space missions. These examples will run the gamut from sophisticated state-level deception attacks on critical situational awareness data to exploits which can be replicated with inexpensive home-television equipment.

Over the course of these examples, we'll identify common aspects that underpin the domain of satellite hacking and highlight areas where those passionate about securing space can make a contribution. By the end of the lecture, audience members will have an understanding of what makes space security a unique topic, what the major unresolved questions in the domain look like, and how they might contribute to a truly multidisciplinary effort.

While this lecture references technical concepts, no prior knowledge of space systems security, astrodynamics, or cybersecurity is assumed.

Bio: James Pavur is the Lead Cybersecurity Software Engineer at Istari - a technology startup modernizing the development of cyber-physical systems. Prior to joining Istari, he worked at the Pentagon for the Defense Digital Service where he advised and assisted the Office of the Secretary of Defense on a variety of software-engineering and technology modernization efforts. He received his doctorate from Oxford University, courtesy of a Rhodes Scholarship, where he researched space systems security under Ivan Martinovic in the Department of Computer Science. His space systems security research has been published in top academic and industry venues, such as IEEE S&P, NDSS, BlackHat and DEFCON and covered by many major media outlets.


Title:  Nailgun: Break the privilege isolation on Arm

Speaker: Zhenyu Ning

Abstract: Modern processors are equipped with debugging features to facilitate program debugging and analysis. Although the debugging architecture has been in use for years, the security of the debugging features has not been thoroughly examined. Our research shows that the debugging architecture allows a processor to pause and debug another processor, even when the target has a higher privilege. Through our experiments, we have identified a number of vulnerable devices including IoT devices, ARM-based cloud platforms, and commercial mobile phones. To further verify our findings, we demonstrate that the attack can be used to extract the fingerprint image stored in the secure memory of Huawei Mate 7 using a non-secure kernel module. We design a lightweight defense mechanism to restrict the attack and also explore the potential to launch similar attacks on Arm-R and Arm-M architecture.  

Bio: Zhenyu Ning is an Associate Professor in the College of Computer Science and Electronic Engineering at Hunan University. He received his Ph.D. degree in Computer Science from Wayne State University in 2020. Prior to that, he has a 4-year industry experience. His research interests are in the areas of hardware-assisted system security, trusted execution environments, and system security. Over the years, his work has been published in top venues in the fields of security and software engineering, including Oakland, USENIX Security, CCS, NDSS, and ISSTA.

Title: Race to the Bottom: A Journey Into Securing Embedded Systems

Speaker: Ali Abbasi

Abstract: Embedded systems, integral to both critical infrastructure and everyday gadgets, inherently possess vulnerabilities. This presentation will guide you through the intricate world of embedded system security. We'll begin by revisiting research focused on strengthening defenses for real-time and limited-resource systems, emphasizing their improved protection against potential threats.

Moving from defense to offense, we'll focus on uncovering vulnerabilities within embedded systems, with a particular interest on 'fuzzing' techniques for these limited-resource systems. Over recent years, fuzz testing, especially the randomized types, has evolved significantly, supported by tools like AFL++ and ongoing research in this area. In many cases, fuzzing has proven more effective than other advanced methods such as static analysis. However, there's a gap: fuzzing is not commonly used in the embedded system sector. To bridge this, we present new methods for automated fuzzing on embedded IoT firmware, impressively without needing specific hardware. High-end embedded systems, characterized by their complex software and IP protections, present their own set of challenges. We'll discuss the potential of side-channel techniques as a valuable testing tool for these systems.

Wrapping up our talk, we'll step into the vastness of space, discussing the challenges of embedded systems in space platforms and satellites. The unique nature of this field highlights the difficulties in ensuring their security.


Title:  From Skyjacking to Carjacking: Challenges and Opportunities in Securing Modern Navigation Technologies

Speaker: Aanjhan Ranganathan

Abstract: Modern transportation systems rely heavily on accurate positioning and navigation technologies, which have become increasingly vulnerable to security threats. In this talk, we will explore the security challenges associated with secure positioning and navigation in modern vehicles, including the impact of GPS spoofing on unmanned aerial vehicles (UAVs) and the security problems of instrument landing systems used in aviation as one of the primary means of navigation aid for landing. We will also discuss the security problems of automotive radar, where we will show how easily radio frequency radar signals can be manipulated to fake distances and velocities, compromising the safety of the vehicle and passengers. We will see how even with cryptographic primitives, the challenges to securing positioning, navigation, and timing technologies is no trivial task. The talk will aim to highlight the fundamental limits that exist in securing current technologies and a call for designing secure alternatives.

Bio: Aanjhan is an Assistant Professor in the Khoury College of Computer Sciences at Northeastern University in Boston, USA. He is also an affiliate faculty in the Department of Electrical and Computer Engineering. His current research revolves around the security and privacy of wireless networks with a strong focus on autonomous cyber-physical systems and smart ecosystems. He has worked on a wide variety of topics including physical-layer security of wireless systems, secure localization and proximity verification, trusted computing architectures, and side-channels. He is a recipient of several awards including the prestigious NSF CAREER award, outstanding dissertation award from ETH Zurich, regional winner of European Space Agency’s Satellite Navigation competition and a Cyber Award from Armasuisse (Switzerland’s Department of Defense). His research is currently funded by the US National Science Foundation, US Army research Laboratory, US Office of Naval Research, and armasuisse.

Title: Securing Engineered Systems

Speaker: Nils Ole Tippenhauer

Abstract: Engineered Systems (often also called Cyber-Physical Systems) consist of digitally controlled physical processes. Examples for such systems can range from consumer drones, autonomous cars, to criticial infrastructure such as the power grid. While those systems are diverse in their hardware, software, and control approaches, they are united by common security challenges that threaten their physical operation. In this talk, we discuss reasons for this situation, and how to realistically introduce basic security features into such environments. We provide an overview on recent offensive and defensive work for industrial protocols and hosts, their constraints on opportunities, and propose complementary approaches focusing on realtime monitoring of ICS.


Please have a look at last year's school or our Digital Summer School 2021 to get a general idea of the event. 

If you have any questions or queries, our Summer-School team will be glad to help via

If you want to be informed about scientific events and regular summer schools, please register to our newsletter: