System security is a cornerstone of today’s digital world.

Secure Systems

Modern systems use building blocks from many different areas and there are many interfaces between different components. In system security we look at systems in their entirety. This ranges from small embedded processors and operating systems to large cloud infrastructures with many connected servers. Our goal is to analyze the security of systems and discover potential vulnerabilities before they are exploited. At the same time, we design defenses to mitigate concrete attacks and to eliminate entire classes of vulnerabilities and bugs. In both areas we are an internationally recognized institution, not only constantly publishing cutting-edge research but our designs found their way into real-world products.
Team Mangard
Our research centers around hardware security, secure system architectures, cryptographic implementations and side channels. For example, we are analyzing and protecting of cryptographic implementations against power analysis and fault attacks. This research has a long tradition at IAIK and we have a dedicated hardware research lab for conducting experiments in this context. On the side of system architectures, we are focusing on extensions of RISC-V processors with respect to security. We are working with small embedded processors as well as with Linux-based platforms. Our goal is to rethink and to extend computer architectures and tools in order to create a strong security foundation for all types of computer systems.

Team Members

Team Gruss
Our team is interested in the security of systems from a low-level perspective. We developed many of the state-of-the-art techniques, attacks, and defenses in this area. We demonstrated the first Rowhammer attack from JavaScript running in a browser. We discovered and analyzed Meltdown and Spectre. From this the new research direction of transient execution attacks emerged, leading to more discoveries in this area, including the recent ZombieLoad attack. We developed the KAISER patch to make operating systems more resilient to attacks. This defense is now part of every operating system.

Team Members