Skip to main content
Department of Information Technology

The Cyber Security Arena @ UU/IT

Facilitating research collaborations between divisions and between the department of Information technology and external parts.

About The Security Arena @ IT/UU

Security is a broad area with many different meanings. One view is that security is about protecting people, places, strategic sites and society's vital functions against for example terrorism, organised crime, and natural disasters. Cyber Security (CS) or Computer Security is aimed at protecting digital infrastructure against (malicious) disruption of the service as provided. This website (arena) collects relevant expertise at the Department of Information Technology of Uppsala University.

Focus Areas

2.1. Cybersecurity and formal verification

Many security vulnerabilities are a result of mistakes in system
design, protocol design, or just programming errors and incorrect use
of APIs. Every single mistake looks like a wide open door to an
attacker trying to hack into the system. A number of techniques,
including blackbox fuzzing, whitebox fuzzing, model checking, program
analysis, and theorem proving, have been developed with an impressive
ability to prevent and detect such vulnerabilities. However, since
vulnerabilities are still very much with us, these and other
techniques must be developed further. At the department, we are
working on

  • blackbox testing techniques, including blackbox fuzzing;
  • symbolic execution, model checking, and automatic approaches in testing;
  • SMT methods to efficiently reason about constraints representing program instructions and specifications.

We apply such techniques in multiple contexts, among others to analyze
software on small networked embedded platforms, such as Contiki, and
to analyze the string-processing code (e.g., JavaScript) that is
prevalent in modern web applications (contact: Bengt Jonsson or Philipp Ruemmer).

2.2. Fault/Fraud/Outliers and Anomaly detection

Faults, fraud, outliers or anomalies point to subjects, individuals or objects presented to a (computer) system that do not follow normal behavior. Techniques of machine learning can be used to learn normal behaviour based on past observations. Those then imply what abnormal ones look like, hence leading to a detection scheme. While traditional research in the area is founded on stochastic models assumed to underly the involved processes, this is a questionable assumption in settings of cyber security. We investigate instead robust methods of fraud/fault or anomaly detection, not based on such assumptions. This line of research is based on classical results in data compression and game theory, and is related to methods of online machine learning and adversarial learning. This line of research is especially fruitful when confronted with high-dimensional, streaming and non-ergodic data. See this paper (contact:kristiaan Pelckmans).

2.3. IoT Security

To implement security on resource-constrained devices running on batteries requires new light-weight protocol designs. At the department, we worked on:

  • key distributions aligned to the communication topology to allow for homomorphic operations
  • location privacy frameworks to enable location based services with privacy guarantees
  • security for visible light communication
  • security for in-body sensor networks in the project LifeSec: Don't Hack my Body

Most recently we apply security to in-body networks. (contact: Christian Rohner).

2.4. Cyber-Security and Privacy in Digital Control Systems

Control systems are ubiquitous in modern societies, supporting the continuous operation of critical infrastructures such as power systems, transportation networks, and water distribution networks. Reports on cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies, and shed light on their modus operandi: first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have a significant impact on the physical system. It is therefore of the utmost importance for control systems to be able to early detect and mitigate malicious cyber-attacks, which aim at extracting sensitive information from the system, and having a significant impact on the system while remaining undetected.

We aim to bring together information security and control engineering under a risk management framework, by leveraging physics-based models to analyze the impact and vulnerability of feedback control systems to cyber-attacks, and to develop novel methods to detect attacks and efficiently deploy protection mechanisms. See for instance this paper, and this one. (contact: André Teixeira)

paper 1 and paper 2


3.1. Seminars

2022 (upcoming):

Date Time Place Speaker Title

2021 (Past):

Date Time Place Speaker Title
Dec. 03 15:00-16:00 Zoom Konrad-Lorenz Krentz, UU A Middlebox-Centered Remote Denial-of-Sleep Defense with Reduced Trust Assumptions
Nov. 12 15:00-16:00 Zoom Shahid Raza, RISE Cybersecurity Research at RISE and outlook in EU and Sweden
Sept. 24 14:00-15:00 Zoom Rikard Höglund, RISE Self-Adaptive Reaction against Denial of Service in the Internet of Things
Sept. 10 14:00-15:00 Zoom Panos Papadimitratos, KTH Scaling up Security and Privacy for Wireless Networked Systems
09 April 14:00-15:00 Zoom David Sands, Chalmers Privacy: Caught between a Rock and a Hard Place?
12 March 14:00-15:00 Zoom Omar Javid, Università della Svizzera italiana, Switzerland An Evaluation of Container Security Vulnerability Detection Tools in the Wild
Februari 18 14:00-15:00 Zoom Tommy Schönberg, Vinnova Cybersecurity initiatives, upcoming calls and Q&A


Date Time Place Speaker Title
Thursday Jan 23 11:00 - 12:00 ITC 1211 David Kotz Challenges to ensuring human safety throughout the life-cycle of Smart Environments
Tuesday Aug 20 11:00 - 13:00 Å2005 Bengt Jonsson and others Workshop on strategic planning for Cybersecurity
Wednesday September 23 13:15 - 14:00 Zoom Samuel Lindemer (RISE/UU) Real-time Thread Isolation and Trusted Execution on Embedded RISC-V
Friday Oct 11 14:15 - 15:00 ITC 1311 Sam Hylamia Two-tier Authentication and Key Distribution for Wearable Devices
Thursday Nov 12 09:00 - 15:00 Zoom List of Speakers Uppsala University Workshop on Cybersecurity
Tuesday December 8 10:00 - 11:00 Zoom André Teixeira (UU) Security Metrics for Control Systems: from Analysis to Design
Tuesday December 8 14:00 - 15:00 Zoom Martin Ochoa (AppGate Inc) On the multiple facets of Cybersecurity
Thursday December 10 09:00 - 10:00 Zoom Guo Huaqun (Institute for Infocomm Research I2R) Cyber Security for Transportation Systems, Vehicular Network and Industrial Internet of Things
Friday Dec 13 10:15 - 11:00 ITC 4306 Musard Balliu Securing Web Applications across Tiers

The first Matariki workshop on Cybersecurity was held 16-17 December 2019, Dartmouth (see here).


The following courses with security-related content are offered at Uppsala University:

  • 1DL003 Cybersecurity in a Societal Perspective
  • 1DT072 Secure Computer Systems I
  • 1DT075 Cryptology
  • 1DT098 Security and Privacy
  • 1DT111 Introduction to Cybersecurity and its Applications
  • 1RT004 Safety and Security in Control Systems

In Nov.-Dec. 2020, we have organised an open web-based course on cyber security. For more info, see here

Thesis Projects

For (future) thesis projects, do get in touch directly with the contact person of your preferred focus area.

Contact Us

The Security Arena is part of the Department of Information Technology and is situated at the Information Technology Centre (ITC) in Uppsala, Sweden.

Arena Security e-mail list
To subscribe to the list, send a message to with the following message subject:

subscribe it-security <My Name>

The list (it-security -AT- will be used for announcements.

  • Next seminar: Dec. 03, 15:00-16:00, Konrad-Lorenz Krentz, UU - A Middlebox-Centered Remote Denial-of-Sleep Defense with Reduced Trust Assumptions
Updated  2022-04-08 15:58:30 by Christian Rohner.