Cross-platform Open Security Stack for Connected Devices

Resultado final

Extended description of use cases and scenarios including technical diagrams and specification of all scenarios’ components, security services, settings (T1.1).

Validation Criteria Initial Version

Presents the identified validation criteria for the CROSSCON IoT stack (T1.3).

CROSSCON Open Security Stack Documentation - Draft

A report on first research and development results of the CROSSCON stack components across tasks T3.1 to T3.5.

Requirements Elicitation Final Technical Specification

Second and final specification of CROSSCON IoT stack requirement elicitation based on technical and end users’ feedback (T1.2).

Use Cases Definition Initial Version

First version of use cases and scenarios definition including architecture, infrastructure, security services, and stakeholders’ relation (T1.1).

Requirements Elicitation Initial Technical Specification

First version of requirement elicitation for the CROSSCON IoT security stack (T1.2).

Dissemination and Communication Plan

A detailed plan for dissemination and communication of project results including stakeholders’ engagement plan and online channels development (T6.1).

Project Website

A report on the Website created, its layout, structure, and content management (T6.1).

CROSSCON Extensions to Domain Specific Hardware Architectures Documentation - Draft

A report of the first research and development results of the CROSSCON hardware/software extension primitives, algorithms and APIs for domain specific hardware architectures (T4.1, T4.2, T4.3).

Dissemination, Communication and Community Building First Report

A report on the dissemination and communication, stakeholders’ engagement, advisory board, and training activities for the first half of the project (T6.1, T6.3, T6.4).

Data Management Plan

A report describing the project’s data management plan, ethics and gender policy (T7.4).

CROSSCON Open Specification - Draft

A document with code and diagrams describing the initial version of the developed Open Specification and HW/SW co-design (T2.1,T2.3).

CROSSCON Open Security Stack - Initial Version

Software, technical diagrams and algorithms of experimental proof of concept of the CROSSCON stack components developed across tasks T3.1 to T3.5. TRL 3.

CROSSCON Extension Primitives to Domain Specific Hardware Architectures - Initial Version

Development board FPGA implementation of hardware/software extension primitives complemented with technical diagrams of the initial versions, experimental proof of concept, of the CROSSCON extension primitives and mechanisms developed across tasks T4.1, T4.2, and T4.3. TRL 3.

CROSSCON Formal Framework - Draft

A document with code, diagrams, repositories describing the initial formal framework and the developed/adapted tools (T2.2).

Publicaciones

Securing Embedded and IoT Systems with SPMP-based Virtualization

Autores: Sandro Pinto, José Martins, Manuel Rodriguez, Tilen Nedanovski, Ziga Putrle, Matjaz Breskvar
Publicado en: RISC-V Summit Europe 2024, 2024
Editor: RISC-V Summit Europe 2024

WhisperFuzz: White-Box Fuzzing for Detecting and Locating Timing Vulnerabilities in Processors

Autores: Pallavi Borkar, Chen Chen, Mohamadreza Rostami, Nikhilesh Singh, Rahul Kande, Ahmad-Reza Sadeghi, Chester Rebeiro, Jeyavijayan Rajendran
Publicado en: USENIX, 2024
Editor: USENIX

μIPS: Software-Based Intrusion Prevention for Bare-Metal Embedded Systems

Autores: Luca Degani , Majid Salehi , Fabio Martinelli, Bruno Crispo
Publicado en: ESORICS 2023, 2023
Editor: Springer-Verlag
DOI: 10.1007/978-3-031-51482-1_16

BUSted!!! Microarchitectural Side-Channel Attacks on the MCU Bus Interconnect

Autores: Cristiano Rodrigues, Daniel Oliveira, Sandro Pinto
Publicado en: 2024 IEEE Symposium on Security and Privacy (SP), 2024, ISSN 2375-1207
Editor: IEEE Computer Society
DOI: 10.1109/SP54263.2024.00062

CROSSCON: Interoperable IoT Security Stack - The RISC-V Opportunity

Autores: Sandro Pinto, Matjaz Breskvar, Tiago Gomes, Hristo Koshutanski, Aljosa Pasic, Piotr Król, Emna Amri, David Purón, Zoltan Hornak, Marco Roveri, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Bruno Crispo
Publicado en: RISC-V Europe Summit 2023, 2023
Editor: RISC-V Europe Summit

Lost and Found in Speculation: Hybrid Speculative Vulnerability Detection

Autores: Mohamadreza Rostami,Shaza Zeitouni,Rahul Kande, Chen Chen, Pouya Mahmoody, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Publicado en: Design Automation Conference, 2024, 2024
Editor: Design Automation Conference

Misbehavior Detection and Mitigation on 5G Core Services in Kubernetes

Autores: H. Koshutanski, S. Kahvazadeh, J. Villalobos, A. Garcia Bedoya, and J. Mangues-Bafalluy
Publicado en: NDSS, 2026
Editor: n.a.

One for All and All for One: GNN-based Control-Flow Attestation for Embedded Devices

Autores: Marco Chilese,Richard Mitev,Meni Orenbach, Robert Thorburn, Ahmad Atamli, Ahmad-Reza Sadeghi
Publicado en: 2024 IEEE Symposium on Security and Privacy (SP), 2024, ISSN 2375-1207
Editor: IEEE Computer Society
DOI: 10.1109/SP54263.2024.00182

AppBox: A Black-Box Application Sandboxing Technique for Mobile App Management Solutions

Autores: Maqsood Ahmad, Francesco Bergadano, Valerio Costamagna, Bruno Crispo, Giovanni Russello
Publicado en: IEEE Symposium on Computers and Communications (ISCC), 2023, ISSN 2642-7389
Editor: IEEE
DOI: 10.1109/ISCC58397.2023.10217861

The Nonce-nce of Web Security: an Investigation of CSP Nonces Reuse

Autores: Matteo Golinelli; Francesco Bonomi; Bruno Crispo
Publicado en: Computer Security. ESORICS 2023 International Workshops, 2023, ISBN 978-3-031-54129-2
Editor: Springer Nature Switzerland
DOI: 10.1007/978-3-031-54129-2_27

Beyond random inputs: A novel ML-based hardware fuzzing

Autores: Mohamadreza Rostami, Marco Chilese, Shaza Zeitouni, Rahul Kande, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Publicado en: IEEE Design, Automation and Test in Europe Conference (DATE), 2024
Editor: IEEE Design, Automation and Test in Europe

Open-source SPMP-based CVA6 Virtualization

Autores: Manuel Rodríguez, José Martins, Bruno Sá and Sandro Pinto
Publicado en: RISC-V Summit EU, 2025
Editor: N.A.

CVA6 MMU-less Virtualization – From Hardware to Software, and Vice Versa!

Autores: Sandro Pinto
Publicado en: Embedded World, 2025
Editor: N.A.

A Novel Trusted Execution Environment for Next-Generation RISC-V MCUs

Autores: Sandro Pinto, Matjaz Breskvar
Publicado en: Embedded World, 2024
Editor: n.a.

LightShed: Defeating Perturbation-based Image Copyright Protections

Autores: Hanna Foerster, Sasha Behrouzi, Phillip Rieger, Murtuza Jadliwala, Ahmad-Reza Sadeghi
Publicado en: Usenix Security Symposium, 2025
Editor: N.A.

Cyber-physical metropolitan area digital substations test bench for evaluating intrusion detection systems

Autores: Santiago Sanchez-Acevedo, Tesfaye Amare Zerihun, Hristo Koshutanski, Alejandro Garcia-Bedoya
Publicado en: IEEE GPECOM 2024, 2024
Editor: IEEE GPECOM 2024
DOI: 10.36227/techrxiv.171778519.94792591/v1

An open-source Trusted Execution Environment for Resource-Constrained RISC-V MCUs

Autores: Luís Cunha∗ , Daniel Oliveira, João Sousa, Tiago Gomes, Sandro Pinto
Publicado en: RISC-V Summit EU, 2025
Editor: N.A.

Efficient and Safe I/O Operations for Intermittent Systems

Autores: Eren Yıldız, Saad Ahmed, Bashima Islam, Josiah Hester, Kasım Sinan Yıldırım
Publicado en: EuroSys: European Conference on Computer Systems, 2023, ISBN 9781450394871
Editor: Association for Computing Machinery
DOI: 10.1145/3552326.3587435

GenHuzz: An Efficient Generative Hardware Fuzzer

Autores: Lichao Wu, Mohamadreza Rostami, Huimin Li, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Publicado en: Usenix Security Symposium, 2025
Editor: N.A

AuthentiSafe: Lightweight and Future-Proof Device-to-Device Authentication for IoT

Autores: T. Krauß, L. Petzi, G. Tsudik, and A. Dmitrienko.
Publicado en: ACM ASIA Conference on Computer and Communications Security, 2025
Editor: N.A.

RLFuzz: Accelerating Hardware Fuzzing with Deep Reinforcement Learning

Autores: Raphael Götz, Christoph Sendner, Nico Ruck, Mohamadreza Rostami, Alexandra Dmitrienko, Ahmad-Reza Sadeghi
Publicado en: 2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2025
Editor: IEEE
DOI: 10.1109/HOST64725.2025.11050051

Mind the CORS

Autores: Golinelli, Matteo; Arshad, Elham; Kashchuk, Dmytro; Crispo, Bruno
Publicado en: IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), 2023
Editor: N.A.
DOI: 10.1109/TPS-ISA58951.2023.00035

Lichao Wu, Mohamadreza Rostami, Huimin Li, Nikhilesh Singh, Ahmad-Reza Sadeghi

Autores: Kavita Kumari, Sasha Behrouzi, Alessandro Pegoraro, Ahmad-Reza Sadeghi
Publicado en: NDSS, 2026
Editor: n.a.

PUF-based Authentication in IoT against Strong Physical Adversary using Zero-Knowledge Proofs

Autores: Lukas Petzi, Alexandra Dmitrienko, Ivan Visconti
Publicado en: SafeThings 2024, 2024
Editor: SafeThings

Device Behavioral Profiling for Autonomous Protection Using Deep Neural Networks

Autores: Sandeep Gupta, Bruno Crispo
Publicado en: 2023 IEEE Symposium on Computers and Communications (ISCC), 2023
Editor: IEEE Computer Society
DOI: 10.1109/ISCC58397.2023.10218275

Shedding Light on Static Partitioning Hypervisors for Arm-based Mixed-Criticality Systems

Autores: Martins, José; Pinto, Sandro
Publicado en: 2023 IEEE 29th Real-Time and Embedded Technology and Applications Symposium (RTAS), 2023, ISSN 2642-7346
Editor: IEEE Computer Society
DOI: 10.1109/rtas58335.2023.00011

Towards a formal verification of the Bao Hypervisor

Autores: Alberto Tacchella, Jurij Mihelič, David Cerdeira, José Martins, Sandro Pinto, Bruno Crispo, Marco Roveri
Publicado en: FPS, 2025
Editor: n.a.

GoldenFuzz: Generative Golden Reference Hardware Fuzzing

Autores: Lichao Wu, Mohamadreza Rostami, Huimin Li, Nikhilesh Singh, Ahmad-Reza Sadeghi
Publicado en: NDSS, 2026
Editor: n.a.

Fuzzilicon: A Post-Silicon Microcode-Guided x86 CPU Fuzzer

Autores: Johannes Lenzen, Mohamadreza Rostami, Lichao Wu, Ahmad-Reza Sadeghi
Publicado en: NDSS, 2026
Editor: n.a.

HFL: Hardware Fuzzing Loop with Reinforcement Learning

Autores: Lichao Wu, Mohamadreza Rostami, Huimin Li, Ahmad-Reza Sadeghi
Publicado en: 2025 Design, Automation &amp; Test in Europe Conference (DATE), 2025
Editor: IEEE
DOI: 10.23919/DATE64628.2025.10993080

VoiceRadar: Voice Deepfake Detection using Micro-Frequency and Compositional Analysis

Autores: Kavita Kumari , Maryam Abbasihafshejani , Alessandro Pegoraro, Phillip Rieger, Kamyar Arshi, Murtuza Jadliwala and Ahmad-Reza Sadeghi
Publicado en: Network and Distributed System Security (NDSS), 2025
Editor: N.A.

Bridging the Interoperability Gaps Among Trusted Architectures in MCUs

Autores: Sandro Pinto, Luís Cunha, Daniel Oliveira, Michele Grisafi, Emanuele Beozzo, Bruno Crispo
Publicado en: Lecture Notes in Computer Science, Information and Communications Security, 2025
Editor: Springer Nature Singapore
DOI: 10.1007/978-981-95-3543-9_15

SafeSplit: A Novel Defense Against Client-Side Backdoor Attacks in Split Learning

Autores: Phillip Rieger, Alessandro Pegoraro, Kavita Kumari, Tigist Abera, Jonathan Knauer Ahmad-Reza Sadeghi
Publicado en: Network and Distributed System Security (NDSS), 2025
Editor: N.A.

Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning

Autores: Torsten Krauß, Jan König, Alexandra Dmitrienko, Christian Kanzow
Publicado en: NDSS, 2024
Editor: N.A.

Valkyrie: A Response Framework to Augment Runtime Detection of Time-Progressive Attacks

Autores: Nikhilesh Singh, Chester Rebeiro
Publicado en: 2025 55th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2025
Editor: IEEE
DOI: 10.1109/DSN64029.2025.00053

CROSSCON: Interoperable IoT Security Stack for Embedded Connected Devices

Autores: Sandro Pinto, Matjaz Breskvar, Tiago Gomes, Hristo Koshutanski, Aljosa Pasic, Piotr Król, Emna Amri, David Purón, Zoltan Hornak, Marco Roveri, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Bruno Crispo
Publicado en: Embbeded World 2024, 2024
Editor: Embbeded World Exhibition&Conference

Certified Secure Updates for IoT Devices

Autores: Tacchella, A., Beozzo, E., Crispo, B., Roveri, M.
Publicado en: ICT Systems Security and Privacy Protection, 2025
Editor: Springer, Cham
DOI: 10.1007/978-3-031-92882-6_11

Virtualization today, Virtualization tomorrow

Autores: Sandro Pinto
Publicado en: Embedded World, 2023
Editor: N.A.

FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning

Autores: Fereidooni, Hossein; Pegoraro, Alessandro; Rieger, Phillip; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza
Publicado en: Network and Distributed System Security (NDSS) Symposium, 2024
Editor: Network and Distributed System Security (NDSS) Symposium
DOI: 10.48550/arxiv.2312.04432

Revisiting Formal Verification in VeriSolid: An Analysis and Enhancements

Autores: Chahoki, A. Z.; Roveri, M.; Amyot, D.; Mylopoulos, J.
Publicado en: CEUR-WS, 2023
Editor: N.A.

Software and Systems Modeling

Autores: Aidin Rasti; Amal Ahmed Anda; Sofana Alfuhaid; Alireza Parvizimosaed; Daniel Amyot; Marco Roveri; Luigi Logrippo; John Mylopoulos
Publicado en: Software and Systems Modeling, 2024, ISSN 1619-1366
Editor: Springer-Verlag
DOI: 10.5281/ZENODO.7897782

FLAShadow: A Flash-based Shadow Stack for Low-end Embedded Systems

Autores: Michele Grisafi, Mahmoud Ammar, Marco Roveri, Bruno Crispo
Publicado en: ACM Transactions on Internet of Things, Edición 5, 2025, ISSN 2691-1914
Editor: Association for Computing Machinery (ACM)
DOI: 10.1145/3670413

Beyond Random Inputs: A Novel ML-Based Hardware Fuzzing

Autores: Rostami, Mohamadreza; Chilese, Marco; Zeitouni, Shaza; Kande, Rahul; Rajendran, Jeyavijayan; Sadeghi, Ahmad-Reza
Publicado en: DATE, 2024, ISSN 0000-0000
Editor: IEEE
DOI: 10.23919/DATE58400.2024.10546625

Phantom: Untargeted Poisoning Attacks on Semi-Supervised Learning (Full Version)

Autores: Knauer, Jonathan; Rieger, Phillip; Fereidooni, Hossein; Sadeghi, Ahmad-Reza
Publicado en: ACM SIGSAC, 2024, ISSN 0000-0000
Editor: Association for Computing Machinery
DOI: 10.1145/3658644.3690369

Marionette: Manipulate Your Touchscreen via A Charging Cable

Autores: Yan Jiang, Xiaoyu Ji,Kai Wang,Chen Yan, Richard Mitev, Ahmad-Reza Sadeghi, Wenyuan Xu
Publicado en: IEEE Transactions on Dependable and Secure Computing, 2023, ISSN 1941-0018
Editor: IEEE Computer Society
DOI: 10.1109/TDSC.2023.3326181

AnyTEE: An Open and Interoperable Software Defined TEE Framework

Autores: David Cerdeira, José Martins, Nuno Santos, Sandro Pinto
Publicado en: IEEE Access, Edición 13, 2025, ISSN 2169-3536
Editor: Institute of Electrical and Electronics Engineers (IEEE)
DOI: 10.1109/ACCESS.2025.3581487

CryptojackingTrap: An Evasion Resilient Nature-Inspired Algorithm to Detect Cryptojacking Malware

Autores: Atefeh Zareh Chahoki; Hamid Reza Shahriari; Marco Roveri
Publicado en: IEEE Transactions on Information Forensics and Security, 2024, ISSN 1556-6021
Editor: IEEE Transactions on Information Forensics and Security
DOI: 10.21227/kwh4-0g27

Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning

Autores: Torsten Krauß; Jan König; Alexandra Dmitrienko; Christian Kanzow
Publicado en: Network and Distributed System Security Symposium, 2024, ISSN 0000-0000
Editor: N.A.
DOI: 10.14722/NDSS.2024.241366

Fuzzerfly Effect: Hardware Fuzzing for Memory Safety

Autores: Mohamadreza Rostami, Chen Chen, Rahul Kande, Huimin Li, Jeyavijayan Rajendran, Ahmad-Reza Sadeghi
Publicado en: IEEE Security & Privacy, Edición 22, 2024, ISSN 1540-7993
Editor: Institute of Electrical and Electronics Engineers (IEEE)
DOI: 10.1109/MSEC.2024.3365070

BiRtIO: VirtIO for Real-Time Network Interface Sharing on the Bao Hypervisor

Autores: João Peixoto; José Martins; David Cerdeira; Sandro Pinto
Publicado en: IEEE Access, 2024, ISSN 0000-0000
Editor: N.A.
DOI: 10.1109/ACCESS.2024.3512777

Firmware Secure Updates meet Formal Verification

Autores: Alberto Tacchella, Emanuele Beozzo, Bruno Crispo, Marco Roveri
Publicado en: ACM Transactions on Cyber-Physical Systems, 2025, ISSN 2378-962X
Editor: Association for Computing Machinery (ACM)
DOI: 10.1145/3754455

HSP-V: Hypervisor-less Static Partitioning for RISC-V COTS Platforms

Autores: João Sousa; José Martins; Tiago Gomes; Sandro Pinto
Publicado en: IEEE Access, 2024, ISSN 2169-3536
Editor: IEEE Access
DOI: 10.1109/ACCESS.2024.3399601

Gain insights into the latest empirical Cyber Security trends and results from Horizon Europe Funded Projects

Autores: AI4CYBER, CERTIFY, CROSSCON, ENCRYPT, KINAITICS, REWIRE, TRUMPET and TRUSTEE
Publicado en: CROSSCON Website, 2025
Editor: N.A.

NeuroStrike: Neuron-Level Attacks on Aligned LLMs

Autores: Lichao Wu, Sasha Behrouzi, Mohamadreza Rostami, Maximilian Thang, Stjepan Picek, Ahmad-Reza Sadeghi
Publicado en: NDSS, 2026
Editor: N.A.

Automated Generation of Smart Contract Code from Legal Contract Specifications with Symboleo2SC

Autores: Aidin Rasti; Amal Ahmed Anda; Sofana Alfuhaid; Alireza Parvizimosaed; Daniel Amyot; Marco Roveri; Luigi Logrippo; John Mylopoulos
Publicado en: Zenodo Platform, 2023
Editor: N.A.
DOI: 10.5281/ZENODO.7897782

CROSSCON: Cross-platform Open Security Stack for Connected Devices

Autores: Bruno Crispo, Marco Roveri; Sandro Pinto, Tiago Gomes; Aljosa Pasic; Akos Milankovich; David Purón, Ainara Garcia; Ziga Putrle; Peter Ten; Malvina Catalano
Publicado en: 2024
Editor: CROSSCON Project

Resultado final

Publicaciones

Compartir esta página Compartir esta página en las redes sociales

Descargar Descargar el contenido de la página