Cross-platform Open Security Stack for Connected Devices

Leistungen

Extended description of use cases and scenarios including technical diagrams and specification of all scenarios’ components, security services, settings (T1.1).

Validation Criteria Initial Version

Presents the identified validation criteria for the CROSSCON IoT stack (T1.3).

CROSSCON Open Security Stack Documentation - Draft

A report on first research and development results of the CROSSCON stack components across tasks T3.1 to T3.5.

Requirements Elicitation Final Technical Specification

Second and final specification of CROSSCON IoT stack requirement elicitation based on technical and end users’ feedback (T1.2).

Use Cases Definition Initial Version

First version of use cases and scenarios definition including architecture, infrastructure, security services, and stakeholders’ relation (T1.1).

Requirements Elicitation Initial Technical Specification

First version of requirement elicitation for the CROSSCON IoT security stack (T1.2).

Dissemination and Communication Plan

A detailed plan for dissemination and communication of project results including stakeholders’ engagement plan and online channels development (T6.1).

Project Website

A report on the Website created, its layout, structure, and content management (T6.1).

CROSSCON Extensions to Domain Specific Hardware Architectures Documentation - Draft

A report of the first research and development results of the CROSSCON hardware/software extension primitives, algorithms and APIs for domain specific hardware architectures (T4.1, T4.2, T4.3).

Dissemination, Communication and Community Building First Report

A report on the dissemination and communication, stakeholders’ engagement, advisory board, and training activities for the first half of the project (T6.1, T6.3, T6.4).

Data Management Plan

A report describing the project’s data management plan, ethics and gender policy (T7.4).

CROSSCON Open Specification - Draft

A document with code and diagrams describing the initial version of the developed Open Specification and HW/SW co-design (T2.1,T2.3).

CROSSCON Open Security Stack - Initial Version

Software, technical diagrams and algorithms of experimental proof of concept of the CROSSCON stack components developed across tasks T3.1 to T3.5. TRL 3.

CROSSCON Extension Primitives to Domain Specific Hardware Architectures - Initial Version

Development board FPGA implementation of hardware/software extension primitives complemented with technical diagrams of the initial versions, experimental proof of concept, of the CROSSCON extension primitives and mechanisms developed across tasks T4.1, T4.2, and T4.3. TRL 3.

CROSSCON Formal Framework - Draft

A document with code, diagrams, repositories describing the initial formal framework and the developed/adapted tools (T2.2).

Veröffentlichungen

Securing Embedded and IoT Systems with SPMP-based Virtualization

Autoren: Sandro Pinto, José Martins, Manuel Rodriguez, Tilen Nedanovski, Ziga Putrle, Matjaz Breskvar
Veröffentlicht in: RISC-V Summit Europe 2024, 2024
Herausgeber: RISC-V Summit Europe 2024

WhisperFuzz: White-Box Fuzzing for Detecting and Locating Timing Vulnerabilities in Processors

Autoren: Pallavi Borkar, Chen Chen, Mohamadreza Rostami, Nikhilesh Singh, Rahul Kande, Ahmad-Reza Sadeghi, Chester Rebeiro, Jeyavijayan Rajendran
Veröffentlicht in: USENIX, 2024
Herausgeber: USENIX

μIPS: Software-Based Intrusion Prevention for Bare-Metal Embedded Systems

Autoren: Luca Degani , Majid Salehi , Fabio Martinelli, Bruno Crispo
Veröffentlicht in: ESORICS 2023, 2023
Herausgeber: Springer-Verlag
DOI: 10.1007/978-3-031-51482-1_16

BUSted!!! Microarchitectural Side-Channel Attacks on the MCU Bus Interconnect

Autoren: Cristiano Rodrigues, Daniel Oliveira, Sandro Pinto
Veröffentlicht in: 2024 IEEE Symposium on Security and Privacy (SP), 2024, ISSN 2375-1207
Herausgeber: IEEE Computer Society
DOI: 10.1109/SP54263.2024.00062

CROSSCON: Interoperable IoT Security Stack - The RISC-V Opportunity

Autoren: Sandro Pinto, Matjaz Breskvar, Tiago Gomes, Hristo Koshutanski, Aljosa Pasic, Piotr Król, Emna Amri, David Purón, Zoltan Hornak, Marco Roveri, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Bruno Crispo
Veröffentlicht in: RISC-V Europe Summit 2023, 2023
Herausgeber: RISC-V Europe Summit

Lost and Found in Speculation: Hybrid Speculative Vulnerability Detection

Autoren: Mohamadreza Rostami,Shaza Zeitouni,Rahul Kande, Chen Chen, Pouya Mahmoody, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Veröffentlicht in: Design Automation Conference, 2024, 2024
Herausgeber: Design Automation Conference

Misbehavior Detection and Mitigation on 5G Core Services in Kubernetes

Autoren: H. Koshutanski, S. Kahvazadeh, J. Villalobos, A. Garcia Bedoya, and J. Mangues-Bafalluy
Veröffentlicht in: NDSS, 2026
Herausgeber: n.a.

One for All and All for One: GNN-based Control-Flow Attestation for Embedded Devices

Autoren: Marco Chilese,Richard Mitev,Meni Orenbach, Robert Thorburn, Ahmad Atamli, Ahmad-Reza Sadeghi
Veröffentlicht in: 2024 IEEE Symposium on Security and Privacy (SP), 2024, ISSN 2375-1207
Herausgeber: IEEE Computer Society
DOI: 10.1109/SP54263.2024.00182

AppBox: A Black-Box Application Sandboxing Technique for Mobile App Management Solutions

Autoren: Maqsood Ahmad, Francesco Bergadano, Valerio Costamagna, Bruno Crispo, Giovanni Russello
Veröffentlicht in: IEEE Symposium on Computers and Communications (ISCC), 2023, ISSN 2642-7389
Herausgeber: IEEE
DOI: 10.1109/ISCC58397.2023.10217861

The Nonce-nce of Web Security: an Investigation of CSP Nonces Reuse

Autoren: Matteo Golinelli; Francesco Bonomi; Bruno Crispo
Veröffentlicht in: Computer Security. ESORICS 2023 International Workshops, 2023, ISBN 978-3-031-54129-2
Herausgeber: Springer Nature Switzerland
DOI: 10.1007/978-3-031-54129-2_27

Beyond random inputs: A novel ML-based hardware fuzzing

Autoren: Mohamadreza Rostami, Marco Chilese, Shaza Zeitouni, Rahul Kande, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Veröffentlicht in: IEEE Design, Automation and Test in Europe Conference (DATE), 2024
Herausgeber: IEEE Design, Automation and Test in Europe

Open-source SPMP-based CVA6 Virtualization

Autoren: Manuel Rodríguez, José Martins, Bruno Sá and Sandro Pinto
Veröffentlicht in: RISC-V Summit EU, 2025
Herausgeber: N.A.

CVA6 MMU-less Virtualization – From Hardware to Software, and Vice Versa!

Autoren: Sandro Pinto
Veröffentlicht in: Embedded World, 2025
Herausgeber: N.A.

A Novel Trusted Execution Environment for Next-Generation RISC-V MCUs

Autoren: Sandro Pinto, Matjaz Breskvar
Veröffentlicht in: Embedded World, 2024
Herausgeber: n.a.

LightShed: Defeating Perturbation-based Image Copyright Protections

Autoren: Hanna Foerster, Sasha Behrouzi, Phillip Rieger, Murtuza Jadliwala, Ahmad-Reza Sadeghi
Veröffentlicht in: Usenix Security Symposium, 2025
Herausgeber: N.A.

Cyber-physical metropolitan area digital substations test bench for evaluating intrusion detection systems

Autoren: Santiago Sanchez-Acevedo, Tesfaye Amare Zerihun, Hristo Koshutanski, Alejandro Garcia-Bedoya
Veröffentlicht in: IEEE GPECOM 2024, 2024
Herausgeber: IEEE GPECOM 2024
DOI: 10.36227/techrxiv.171778519.94792591/v1

An open-source Trusted Execution Environment for Resource-Constrained RISC-V MCUs

Autoren: Luís Cunha∗ , Daniel Oliveira, João Sousa, Tiago Gomes, Sandro Pinto
Veröffentlicht in: RISC-V Summit EU, 2025
Herausgeber: N.A.

Efficient and Safe I/O Operations for Intermittent Systems

Autoren: Eren Yıldız, Saad Ahmed, Bashima Islam, Josiah Hester, Kasım Sinan Yıldırım
Veröffentlicht in: EuroSys: European Conference on Computer Systems, 2023, ISBN 9781450394871
Herausgeber: Association for Computing Machinery
DOI: 10.1145/3552326.3587435

GenHuzz: An Efficient Generative Hardware Fuzzer

Autoren: Lichao Wu, Mohamadreza Rostami, Huimin Li, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Veröffentlicht in: Usenix Security Symposium, 2025
Herausgeber: N.A

AuthentiSafe: Lightweight and Future-Proof Device-to-Device Authentication for IoT

Autoren: T. Krauß, L. Petzi, G. Tsudik, and A. Dmitrienko.
Veröffentlicht in: ACM ASIA Conference on Computer and Communications Security, 2025
Herausgeber: N.A.

RLFuzz: Accelerating Hardware Fuzzing with Deep Reinforcement Learning

Autoren: Raphael Götz, Christoph Sendner, Nico Ruck, Mohamadreza Rostami, Alexandra Dmitrienko, Ahmad-Reza Sadeghi
Veröffentlicht in: 2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2025
Herausgeber: IEEE
DOI: 10.1109/HOST64725.2025.11050051

Mind the CORS

Autoren: Golinelli, Matteo; Arshad, Elham; Kashchuk, Dmytro; Crispo, Bruno
Veröffentlicht in: IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), 2023
Herausgeber: N.A.
DOI: 10.1109/TPS-ISA58951.2023.00035

Lichao Wu, Mohamadreza Rostami, Huimin Li, Nikhilesh Singh, Ahmad-Reza Sadeghi

Autoren: Kavita Kumari, Sasha Behrouzi, Alessandro Pegoraro, Ahmad-Reza Sadeghi
Veröffentlicht in: NDSS, 2026
Herausgeber: n.a.

PUF-based Authentication in IoT against Strong Physical Adversary using Zero-Knowledge Proofs

Autoren: Lukas Petzi, Alexandra Dmitrienko, Ivan Visconti
Veröffentlicht in: SafeThings 2024, 2024
Herausgeber: SafeThings

Device Behavioral Profiling for Autonomous Protection Using Deep Neural Networks

Autoren: Sandeep Gupta, Bruno Crispo
Veröffentlicht in: 2023 IEEE Symposium on Computers and Communications (ISCC), 2023
Herausgeber: IEEE Computer Society
DOI: 10.1109/ISCC58397.2023.10218275

Shedding Light on Static Partitioning Hypervisors for Arm-based Mixed-Criticality Systems

Autoren: Martins, José; Pinto, Sandro
Veröffentlicht in: 2023 IEEE 29th Real-Time and Embedded Technology and Applications Symposium (RTAS), 2023, ISSN 2642-7346
Herausgeber: IEEE Computer Society
DOI: 10.1109/rtas58335.2023.00011

Towards a formal verification of the Bao Hypervisor

Autoren: Alberto Tacchella, Jurij Mihelič, David Cerdeira, José Martins, Sandro Pinto, Bruno Crispo, Marco Roveri
Veröffentlicht in: FPS, 2025
Herausgeber: n.a.

GoldenFuzz: Generative Golden Reference Hardware Fuzzing

Autoren: Lichao Wu, Mohamadreza Rostami, Huimin Li, Nikhilesh Singh, Ahmad-Reza Sadeghi
Veröffentlicht in: NDSS, 2026
Herausgeber: n.a.

Fuzzilicon: A Post-Silicon Microcode-Guided x86 CPU Fuzzer

Autoren: Johannes Lenzen, Mohamadreza Rostami, Lichao Wu, Ahmad-Reza Sadeghi
Veröffentlicht in: NDSS, 2026
Herausgeber: n.a.

HFL: Hardware Fuzzing Loop with Reinforcement Learning

Autoren: Lichao Wu, Mohamadreza Rostami, Huimin Li, Ahmad-Reza Sadeghi
Veröffentlicht in: 2025 Design, Automation &amp; Test in Europe Conference (DATE), 2025
Herausgeber: IEEE
DOI: 10.23919/DATE64628.2025.10993080

VoiceRadar: Voice Deepfake Detection using Micro-Frequency and Compositional Analysis

Autoren: Kavita Kumari , Maryam Abbasihafshejani , Alessandro Pegoraro, Phillip Rieger, Kamyar Arshi, Murtuza Jadliwala and Ahmad-Reza Sadeghi
Veröffentlicht in: Network and Distributed System Security (NDSS), 2025
Herausgeber: N.A.

Bridging the Interoperability Gaps Among Trusted Architectures in MCUs

Autoren: Sandro Pinto, Luís Cunha, Daniel Oliveira, Michele Grisafi, Emanuele Beozzo, Bruno Crispo
Veröffentlicht in: Lecture Notes in Computer Science, Information and Communications Security, 2025
Herausgeber: Springer Nature Singapore
DOI: 10.1007/978-981-95-3543-9_15

SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks in Split Learning

Autoren: Phillip Rieger, Alessandro Pegoraro, Kavita Kumari, Tigist Abera, Jonathan Knauer Ahmad-Reza Sadeghi
Veröffentlicht in: Network and Distributed System Security (NDSS), 2025
Herausgeber: N.A.

Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning

Autoren: Torsten Krauß, Jan König, Alexandra Dmitrienko, Christian Kanzow
Veröffentlicht in: NDSS, 2024
Herausgeber: N.A.

Valkyrie: A Response Framework to Augment Runtime Detection of Time-Progressive Attacks

Autoren: Nikhilesh Singh, Chester Rebeiro
Veröffentlicht in: 2025 55th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2025
Herausgeber: IEEE
DOI: 10.1109/DSN64029.2025.00053

CROSSCON: Interoperable IoT Security Stack for Embedded Connected Devices

Autoren: Sandro Pinto, Matjaz Breskvar, Tiago Gomes, Hristo Koshutanski, Aljosa Pasic, Piotr Król, Emna Amri, David Purón, Zoltan Hornak, Marco Roveri, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Bruno Crispo
Veröffentlicht in: Embbeded World 2024, 2024
Herausgeber: Embbeded World Exhibition&Conference

Certified Secure Updates for IoT Devices

Autoren: Tacchella, A., Beozzo, E., Crispo, B., Roveri, M.
Veröffentlicht in: ICT Systems Security and Privacy Protection, 2025
Herausgeber: Springer, Cham
DOI: 10.1007/978-3-031-92882-6_11

Virtualization today, Virtualization tomorrow

Autoren: Sandro Pinto
Veröffentlicht in: Embedded World, 2023
Herausgeber: N.A.

FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning

Autoren: Fereidooni, Hossein; Pegoraro, Alessandro; Rieger, Phillip; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza
Veröffentlicht in: Network and Distributed System Security (NDSS) Symposium, 2024
Herausgeber: Network and Distributed System Security (NDSS) Symposium
DOI: 10.48550/arxiv.2312.04432

Revisiting Formal Verification in VeriSolid: An Analysis and Enhancements

Autoren: Chahoki, A. Z.; Roveri, M.; Amyot, D.; Mylopoulos, J.
Veröffentlicht in: CEUR-WS, 2023
Herausgeber: N.A.

Software and Systems Modeling

Autoren: Aidin Rasti; Amal Ahmed Anda; Sofana Alfuhaid; Alireza Parvizimosaed; Daniel Amyot; Marco Roveri; Luigi Logrippo; John Mylopoulos
Veröffentlicht in: Software and Systems Modeling, 2024, ISSN 1619-1366
Herausgeber: Springer-Verlag
DOI: 10.5281/ZENODO.7897782

FLAShadow: A Flash-based Shadow Stack for Low-end Embedded Systems

Autoren: Michele Grisafi, Mahmoud Ammar, Marco Roveri, Bruno Crispo
Veröffentlicht in: ACM Transactions on Internet of Things, Ausgabe 5, 2025, ISSN 2691-1914
Herausgeber: Association for Computing Machinery (ACM)
DOI: 10.1145/3670413

Marionette: Manipulate Your Touchscreen via A Charging Cable

Autoren: Yan Jiang, Xiaoyu Ji,Kai Wang,Chen Yan, Richard Mitev, Ahmad-Reza Sadeghi, Wenyuan Xu
Veröffentlicht in: IEEE Transactions on Dependable and Secure Computing, 2023, ISSN 1941-0018
Herausgeber: IEEE Computer Society
DOI: 10.1109/TDSC.2023.3326181

AnyTEE: An Open and Interoperable Software Defined TEE Framework

Autoren: David Cerdeira, José Martins, Nuno Santos, Sandro Pinto
Veröffentlicht in: IEEE Access, Ausgabe 13, 2025, ISSN 2169-3536
Herausgeber: Institute of Electrical and Electronics Engineers (IEEE)
DOI: 10.1109/ACCESS.2025.3581487

CryptojackingTrap: An Evasion Resilient Nature-Inspired Algorithm to Detect Cryptojacking Malware

Autoren: Atefeh Zareh Chahoki; Hamid Reza Shahriari; Marco Roveri
Veröffentlicht in: IEEE Transactions on Information Forensics and Security, 2024, ISSN 1556-6021
Herausgeber: IEEE Transactions on Information Forensics and Security
DOI: 10.21227/kwh4-0g27

Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning

Autoren: Torsten Krauß; Jan König; Alexandra Dmitrienko; Christian Kanzow
Veröffentlicht in: Network and Distributed System Security Symposium, 2024, ISSN 0000-0000
Herausgeber: N.A.
DOI: 10.14722/NDSS.2024.241366

Fuzzerfly Effect: Hardware Fuzzing for Memory Safety

Autoren: Mohamadreza Rostami, Chen Chen, Rahul Kande, Huimin Li, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Veröffentlicht in: IEEE Security & Privacy, Ausgabe 22, 2024, ISSN 1540-7993
Herausgeber: Institute of Electrical and Electronics Engineers (IEEE)
DOI: 10.1109/MSEC.2024.3365070

BiRtIO: VirtIO for Real-Time Network Interface Sharing on the Bao Hypervisor

Autoren: João Peixoto; José Martins; David Cerdeira; Sandro Pinto
Veröffentlicht in: IEEE Access, 2024, ISSN 0000-0000
Herausgeber: N.A.
DOI: 10.1109/ACCESS.2024.3512777

Firmware Secure Updates meet Formal Verification

Autoren: Alberto Tacchella, Emanuele Beozzo, Bruno Crispo, Marco Roveri
Veröffentlicht in: ACM Transactions on Cyber-Physical Systems, 2025, ISSN 2378-962X
Herausgeber: Association for Computing Machinery (ACM)
DOI: 10.1145/3754455

HSP-V: Hypervisor-less Static Partitioning for RISC-V COTS Platforms

Autoren: João Sousa; José Martins; Tiago Gomes; Sandro Pinto
Veröffentlicht in: IEEE Access, 2024, ISSN 2169-3536
Herausgeber: IEEE Access
DOI: 10.1109/ACCESS.2024.3399601

Gain insights into the latest empirical Cyber Security trends and results from Horizon Europe Funded Projects

Autoren: AI4CYBER, CERTIFY, CROSSCON, ENCRYPT, KINAITICS, REWIRE, TRUMPET and TRUSTEE
Veröffentlicht in: CROSSCON Website, 2025
Herausgeber: N.A.

NeuroStrike: Neuron-Level Attacks on Aligned LLMs

Autoren: Lichao Wu, Sasha Behrouzi, Mohamadreza Rostami, Maximilian Thang, Stjepan Picek, Ahmad-Reza Sadeghi
Veröffentlicht in: NDSS, 2026
Herausgeber: N.A.

Automated Generation of Smart Contract Code from Legal Contract Specifications with Symboleo2SC

Autoren: Aidin Rasti; Amal Ahmed Anda; Sofana Alfuhaid; Alireza Parvizimosaed; Daniel Amyot; Marco Roveri; Luigi Logrippo; John Mylopoulos
Veröffentlicht in: Zenodo Platform, 2023
Herausgeber: N.A.
DOI: 10.5281/ZENODO.7897782

CROSSCON: Cross-platform Open Security Stack for Connected Devices

Autoren: Bruno Crispo, Marco Roveri; Sandro Pinto, Tiago Gomes; Aljosa Pasic; Akos Milankovich; David Purón, Ainara Garcia; Ziga Putrle; Peter Ten; Malvina Catalano
Veröffentlicht in: 2024
Herausgeber: CROSSCON Project

Leistungen

Veröffentlichungen

Diese Seite teilen Diese Seite in sozialen Netzwerken teilen

Herunterladen Den Inhalt der Seite herunterladen