Skip to main content
Department of Information Technology

The Cyber Security Arena @ UU/IT

Facilitating research collaborations between divisions and between the department of Information technology and external parts.

About The Security Arena @ IT/UU

Security is a broad area with many different meanings. One view is that security is about protecting people, places, strategic sites and society's vital functions against for example terrorism, organised crime, and natural disasters. Cyber Security (CS) or Computer Security is aimed at protecting digital infrastructure against (malicious) disruption of the service as provided. This website (arena) collects relevant expertise at the Department of Information Technology of Uppsala University.

Focus Areas

2.1. Cybersecurity and formal verification

Many security vulnerabilities are a result of mistakes in system
design, protocol design, or just programming errors and incorrect use
of APIs. Every single mistake looks like a wide open door to an
attacker trying to hack into the system. A number of techniques,
including blackbox fuzzing, whitebox fuzzing, model checking, program
analysis, and theorem proving, have been developed with an impressive
ability to prevent and detect such vulnerabilities. However, since
vulnerabilities are still very much with us, these and other
techniques must be developed further. At the department, we are
working on

  • blackbox testing techniques, including blackbox fuzzing;
  • symbolic execution, model checking, and automatic approaches in testing;
  • SMT methods to efficiently reason about constraints representing program instructions and specifications.

We apply such techniques in multiple contexts, among others to analyze
software on small networked embedded platforms, such as Contiki, and
to analyze the string-processing code (e.g., JavaScript) that is
prevalent in modern web applications (contact: Bengt Jonsson or Philipp Ruemmer).

2.2. Fault/Fraud/Outliers and Anomaly detection

Faults, fraud, outliers or anomalies point to subjects, individuals or objects presented to a (computer) system that do not follow normal behavior. Techniques of machine learning can be used to learn normal behaviour based on past observations. Those then imply what abnormal ones look like, hence leading to a detection scheme. While traditional research in the area is founded on stochastic models assumed to underly the involved processes, this is a questionable assumption in settings of cyber security. We investigate instead robust methods of fraud/fault or anomaly detection, not based on such assumptions. This line of research is based on classical results in data compression and game theory, and is related to methods of online machine learning and adversarial learning. This line of research is especially fruitful when confronted with high-dimensional, streaming and non-ergodic data. See this paper (contact:kristiaan Pelckmans).

2.3. IoT Security

To implement security on resource constrained devices running on batteries requires new light-weight protocol designs. At the department, we worked on:

  • key distributions aligned to the communication topology to allow for homomorphic operations
  • location privacy frameworks to enable location based services with privacy guarantees
  • security for visible light communication
  • security for in-body sensor networks in the project LifeSec: Don't Hack my Body

Most recently we apply security to in-body networks. (contact: Christian Rohner).

2.4. Cyber-Security and Privacy in Digital Control Systems

Control systems are ubiquitous in modern societies, supporting the continuous operation of critical infrastructures such as power systems, transportation networks, and water distribution networks. Reports on cyber-attacks, such as Stuxnet, have shown their devastating consequences on digitally controlled systems supporting modern societies, and shed light on their modus operandi: first learn the system, then tamper the visible information so the attack is undetected, and meanwhile have significant impact on the physical system. It is therefore of the utmost importance for control systems to be able to early detect and mitigate malicious cyber-attacks, which aim at extracting sensitive information from the system, and having a significant impact on the system while remaining undetected.

We aim to bring together information security and control engineering under a risk management framework, by leveraging physics-based models to analyse the impact and vulnerability of feedback control systems to cyber-attacks, and to develop novel methods to detect attacks and efficiently deploy protection mechanisms. See for instance this paper, and this one. (contact: André Teixeira)

paper 1 and paper 2


3.1. Workshop

The first Matariki workshop on Cybersecurity was held 16-17 December 2019, Dartmouth (see here).
The first Uppsala University Workshop on Cybersecurity of the arena is held online 12e Nov. 2020. For more information (incl. slides of the keynote speakers), see here.

3.2. Seminars


Date Time Place Speaker Title
Thursday Jan 23 11:00 - 12:00 ITC 1211 David Kotz Challenges to ensuring human safety throughout the life-cycle of Smart Environments
Tuesday Aug 20 11:00 - 13:00 Å2005 Bengt Jonsson and others Workshop on strategic planning for Cybersecurity
Wednesday September 23 13:15 - 14:00 Zoom Samuel Lindemer (RISE/UU) Real-time Thread Isolation and Trusted Execution on Embedded RISC-V
Friday Oct 11 14:15 - 15:00 ITC 1311 Sam Hylamia Two-tier Authentication and Key Distribution for Wearable Devices
Tuesday December 8 10:00 - 11:00 Zoom André Teixeira (UU) Security Metrics for Control Systems: from Analysis to Design
Tuesday December 8 14:00 - 15:00 Zoom Martin Ochoa (AppGate Inc) On the multiple facets of Cybersecurity
Thursday December 10 09:00 - 10:00 Zoom Guo Huaqun (Institute for Infocomm Research I2R) Cyber Security for Transportation Systems, Vehicular Network and Industrial Internet of Things
Friday Dec 13 10:15 - 11:00 ITC 4306 Musard Balliu Securing Web Applications across Tiers


Date Time Place Speaker Title
Februari 18 14:00-15:00 Zoom Tommy Schönberg Cybersecurity initiatives, upcoming calls and Q&A
12 March 14:00-15:00 Zoom Omar javid An Evaluation of Container Security Vulnerability Detection Tools in the Wild
09 April 14:00-15:00 Zoom David Sands Privacy: Caught between a Rock and a Hard Place?



In Nov.-Dec. 2020, we organised an open web-based course on cyber security. For more info and registration, see here.

Thesis Projects

For (future) thesis projects, do get in touch directly with the contact person of your preferred focus area.

Contact Us

The Security Arena is part of the Department of Information Technology and is situated at the Information Technology Centre (ITC) in Uppsala, Sweden.

Arena Security e-mail list
To subscribe to the list, send a message to with the following message subject:

subscribe it-security <My Name>

The list (it-security -AT- will be used for announcements.

  • Next seminar: Stay tuned
Updated  2021-04-12 08:59:34 by Kristiaan Pelckmans.