Embedded Computer Security Workgroup

Arbeitsgruppe Computersicherheit in eingebetteten Systemen

Head of group
Dr. Vassilis Prevelakis is professor at the Technical University, Braunschweig, in Germany. He has worked in various areas of security in Systems and Networks both in his current academic capacity and as a freelance consultant.  Prevelakis current research involves issues related to automation network security, secure software design, auto-configuration issues in secure VPNs, etc. He has published numerous papers in these areas and is actively involved in standards bodies such as the IETF.  He has received research funding from the European Union, the German DFG and US funding agencies such as DARPA and NSF. He was awarded the CAREER award from NSF and recently received the "Test of Time" award at CCS'13 for his work on Instruction Set Randomization. Prevelakis received his Ph.D.  from the University of Geneva in Switzerland and his M.Sc. and B.Sc. from the University of Kent in the U.K.

Link: Webpage[EXTERNAL]

Staff
Mohammad Hamad is a Ph.D. candidate and research staff member at Embedded Computer Security at the Institute of Computer and Network Engineering at TU Braunschweig, Germany.  He is working as a researcher in the CCC project since 2014.  He holds a bachelor's degree in software engineering from the faculty of Informatics Engineering, University of Aleppo, Syria in 2009.

His interest is security in embedded and cyber-physical systems, mainly in the vehicular domain. His research aims to improve security at the operating system level and protect the network communications of such systems.
Link: Webpage[EXTERNAL]
Marinos Tsantekidis is a Ph.D. candidate at the Institute of Computer and Network Engineering at TU Braunschweig, Germany. He received his Bachelor's degree in Computer Science from the Technological Educational Institute of Thessaloniki, Greece in 2011 and his Master's degree in Digital Systems Security from the University of Piraeus, Greece in 2014. His research focuses on security at the operating system level.
Link: Webpage[EXTERNAL]
Jihane Najar is a research assistant at TUBS. She got her Bachelor's degree in 2009. In 2012, she received her Diploma in Computer Science at the Higher Institute of Management of Gabes, Tunisia. She was awarded her Master's Degree in Computer Science by the Higher Institute of Management of Gabes, Tunisia in 2016. 

Former staff
Mustafa Rajeb Agha was a postdoctoral researcher at TUBS, working as a researcher with the CCC project at IDA/TUBS from 2016 to 2018. He graduated from Electrical and Communication department for an engineer, Mosul University, Iraq with a Bachelor's degree in 2000. He got his MSc Degree in the field of Electrical Engineer in Baghdad University, Iraq on 2004. He holds a PhD degree from the Department of Electrical Engineering, Information Technology, Physics TUBS on 2015 and his thesis was on "Making Use of Cryptographic Functions for System Reliability Improvement." His research interests are in Security, Coding theory, and Cryptology System Design.
  
Projects

The Research Unit CCC 
(standing for Controlling Concurrent Change) is an organization of the TU Braunschweig Research Center for Digitalization, Informatics and Information Technology  (TUBS.digital). The challenge of CCC is to provide methods and mechanisms for the control of independent software updates in an increasingly interconnected future. Individual applications will compete for resources, as the integration of a variety of subsystems and applications on a computer platform creates ever more complex structures and relationships. While competing updates in the field have long found their way into the manageable world of standard computers or smartphones, software updates in cars or other complex and distributed safety critical systems are still thoroughly lab-tested using models and prototypes under controlled conditions before they can be released to the field.

CCC
 is funded by the Deutsche Forschungs-gemeinschaft (German Research Foundation)

Project duration:
 6 years  started on April 1, 2013.

Project url: ccc-project.org[EXTERNAL]


THREAT-ARREST
 project aims to develop an advanced training platform incorporating emulation, simulation, serious gaming and visualization capabilities to adequately prepare stakeholders with different types of responsibility and levels of expertise in defending high-risk cyber systems and organizations to counter advanced, known and new cyber-attacks. 

THREAT-ARREST is funded by the European Commission Horizon 2020 project under Grant Agreement No.  786890. 

Project duration:
 48 months started September 01, 2018.


CONCORDIA
 (stands for Cyber security cOmpeteNCe fOr Research anD InnovAtion) aims to build the European Secure, Resilient and Trusted Ecosystem. The vision of CONCORDIA is to build a community with a strong cooperation between all stakeholders, understanding that all stakeholders have their KPIs, bridging among them and fostering the development of IT products and solutions along the whole supply chain. Technologically, it projects a broad and evolvable data-driven and cognitive E2E Security approach for the ever-complex ever-interconnected compositions of emergent data-driven cloud, IoT and edge-assisted ICT ecosystems.

CONCORDIA   is funded by the European Commission Horizon 2020 project under Grant Agreement No.  830927.

Project duration:
48 months  will start on  December 01, 2018.


SmartShip 
aims to bring together Information and Communication Technologies (ICT) of focused Universities, Research Institutions and Companies oriented into the maritime sector in order to build a holistic integrated ICT-based framework for the sustainable, individualized and completely automated energy management of ships. 
SmartShip is funded by the European Commission Horizon 2020 project under Grant Agreement No.  823916. 

Project duration: 48 months will start on January 01, 2019.


SHARCS (
standing for Secure Hardware-Software Architectures for Robust System) designs, builds and demonstrates secure-by-design system architectures that achieve end-to-end security for their users. SHARCS achieves this by systematically analyzing and extending, as necessary, every hardware and software layer in a computing system. 
SHARCS was funded by the European Commission Horizon 2020 project under Grant Agreement No. 644571.

Project duration: 36 months, started on January 01, 2015. Ended on January 01, 2018 

Project url: http://sharcs-project.eu[EXTERNAL]

  
Publications

Mohammad Hamad, Mustafa R. Agha , and  Vassilis Prevelakis , "ProSEV: Proxy-Based Secure and Efficient Vehicular Communication" in 2018 IEEE Vehicular Networking Conference (VNC), (Taiwan), December 2018. 


Mohammad Hamad, Zain A. H. Hammadeh, Selma Saidi, Vassilis Prevelakis and Rolf Ernst, "Prediction of Abnormal Temporal Behavior in Real-Time Systems" in The 33rd ACM/SIGAPP Symposium On Applied Computing (SAC 2018), 2018.


Muhammad Ali Siddiqi, Robert M. Seepers, Mohammad Hamad, Vassilis Prevelakis and Christos Strydis, "Attack-tree-based Threat Modeling of Medical Implants" in The 7th International Workshop on Security Proofs for Embedded Systems (PROOFS), 2018.


Jihane Najar and Vassilis Prevelakis , "A Secure and Efficient File System Access Control Mechanism (FlexFS)" in the International workshop on Information & Operational Technology (IT & OT) security systems IOSec 2018


Mohammad Hamad, Marcus Nolte and Vassilis Prevelakis, "A Framework for Policy Based Secure Intra Vehicle Communication" in 2017 IEEE Vehicular Networking Conference (VNC), (Italy ), November 2017.


Marinos Tsantekidis and Vassilis Prevelakis, "Library-Level Policy Enforcement", in SECURWARE: The Eleventh International Conference on Emerging Security Information, Systems and Technologies, 2017.


Mohammad Hamad and Vassilis Prevelakis, "Secure APIs for Applications in Microkernel-based Systems" in 3rd International Conference on Information Systems Security and Privacy, vol. 1, 2017.


Mustafa Ayoob, Wael Adi, and Vassilis Prevelakis. "Using ciphers for failure-recovery in its systems" In Proceedings of the 12th International Conference on Availability, Reliability and Security, ARES ’17, pages 98:1–98:7, New York, NY, USA, 2017. ACM.


Mohammad Hamad, Marcus Nolte and Vassilis Prevelakis, "Towards Comprehensive Threat Modeling for Vehicles" in 1st Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS), November 2016.


Mohammad Hamad, Johannes Schlatow, Vassilis Prevelakis and Rolf Ernst, "A communication framework for distributed access control in microkernel-based systems" in 12th Annual Workshop on Operating Systems Platforms for Embedded Real-Time Applications (OSPERT16), (Toulouse, France), pp. 11-16, Juli 2016.


Mohammad Hamad and Vassilis Prevelakis, "Implementation and Performance Evaluation of Embedded IPsec on Microkernel OS" in The 2nd World Symposium On Computer Networks and Information Security 2015, 2015.


Vassilis Prevelakis and Mohammad Hamad, "A Policy-Based Communications Architecture for Vehicles" in International Conference on Information Systems Security and Privacy, France, 2015.


Vassilis Prevelakis and Mohammad Hamad, "Extending the Operational Envelope of Applications" in 8th International Conference on Trust & Trustworthy Computing (TRUST 2015), 2015.

  
Instituts-Anschrift:
Hans-Sommer-Straße 66
38106 Braunschweig

Fon: (0531) 391-3734
Fax: (0531) 391-4587
sekretariat(at)ida.ing.tu-bs.de

Anschrift AG Prof. Jukan:

Hans-Sommer-Straße 66
38106 Braunschweig

Fon: (0531) 391-5286
Fax: (0531) 391-5296