[Page under development]

TEcoSA members are notified by email each time a publication is submitted and have the chance to offer feedback to the authors before the paper is accepted. Once a paper is published, it will be posted here as open information. This page will be updated quarterly. The TECoSA authors are shown in blue. Authors should email tecosa-admin@kth if they spot that an update is required.


A Permissioned Blockchain based Feature Management System for Assembly Devices Lifei Tang, Martin Törngren, Lihui Wang
Advanced Far Field EM Side-Channel Attack on AERuize Wang, Huanyu Wang, Elena Dubrova, Martin Brisfors
An FPGA Implementation of 4×4 Arbiter PUSCan Aknesil, Elena Dubrova
Bitstream Modification with Interconnect In MindMichail Moraitis, Elena Dubrova
Caching Policies over Unreliable ChannelsPaulo Sena, Igor Carvalho, Antonio Abelem, György Dán, Daniel Menaschex, Don Towsley
Can Deep Learning Break a True Random Number Generator?Yang Yu, Michail Moraitis, Elena Dubrova
Cyber-Physicals Systems have Far-reaching ImplicationsMartin Törngren
Energy-Optimal Sampling and Processing of Edge-Based Feedback SystemsVishnu Moothedath>, Jaya Champati, James Gross
Federated Learning in Side-Channel AnalysisElena Dubrova, Huanyu Wang
Joint Resource Dimensioning and Placement for Dependable Virtualized Services in Mobile Edge CloudsPeiyue Zhao, György Dán
Nordic Industrial IoT roadmap: Research and innovation for the Green Transitionedited by Paul Pop and Martin Törngren
Resilient Resource Allocation for Service Placement in Mobile Edge CloudsPeiyue Zhaos
Risk-Aware Motion Planning in Partially Known EnvironmentsFernando S. Barbosa, Bruno Lacerda, Paul Duckworth, Jana Tumova and Nick Hawes
Tandem Deep Learning Side-Channel Attack on FPGA Implementation of AESHuanyu Wang, Elena Dubrova


TECoSA Project (remove if not relevant):
Type and Venue:
Links to DOI (if available) and/or PDF:

Published 2021

Advanced Far Field EM Side-Channel Attack on AE

TECoSA Project (remove if not relevant):
Authors: Ruize Wang, Huanyu Wang, Elena Dubrova, Martin Brisfors
Type and Venue: (Conference) 7th ACM Cyber-Physical System Security Workshop (CPSS)

Abstract: Several attacks on AES using far field electromagnetic (EM) emission as a side channel have been recently presented. Unlike power analysis or near filed EM analysis, far field EM attacks do not require a close physical proximity to the device under attack. However, in all previous attacks traces for the profiling stage are also captured at a distance (fixed or variable) from the profiling devices. This degenerates the quality of profiling traces due to noise and interference. In this paper, we train deep learning models on “clean” traces, captured through a coaxial cable. Our experiments show that the resulting models can extract the AES key from less than 500 traces on average captured at 15 m from the victim device without repeating each encryption more than once. This is a 20-fold improvement over the previous attacks which require about 10K traces for the same conditions.

Resilient Resource Allocation for Service Placement in Mobile Edge Clouds

TECoSA Project (remove if not relevant):
Author: Peiyue Zhao
Type and Venue: PhD thesis
Read more or download as PDF here:

Abstract: Mobile edge computing makes available distributed computation and storage resources in close proximity to end users and allows to provide low-latency and high-capacity services within mobile networks. Therefore, mobile edge computing is emerging as a promising architecture for hosting critical services with stringent latency and performance requirements, which otherwise are challenging to be addressed in conventional cloud computing architectures. Notable use cases of mobile edge computing include real-time data analytic services, industrial process control, and computation offloading for Internet of things devices. However, those services rely on efficient resource management, including resource dimensioning and service placement, and require to be resilient to cyber-attacks, to faulty components and to operation mistakes. The work in this thesis proposes models of resilient resource management that support rapid response to incidents in mobile edge computing and develops efficient algorithms for the resulting resource management problems.

Nordic Industrial IoT Roadmap: Research and Innovation for the Green Transition

Editors: Paul Pop, Martin Törngren
Type and Venue: Nordic Industrial IoT Roadmap
Read more or download as PDF here:

Abstract: Five Nordic universities have developed a roadmap on Industrial IoT (IIoT). IIoT is a key enabling technology for the green transition, bringing together several technological paradigms, from smart electronic components, 5G technologies, to AI and Edge Computing. The roadmap supplements the existing European roadmaps released recently, however, since the Nordic countries are far ahead on digitalization compared to the rest of Europe it calls for specific Nordic measures. According to the EU’s digital DESI index the Nordic countries are ranked at numbers one, two, three and four within the EU. Therefore, the Nordic countries are years ahead of their EU counterparts in the digital roll out of implementing digital services and infrastructure. The Nordic roadmap suggests several measures to be pursued in the next decade.

Cyber-Physicals Systems have Far-reaching Implications

Author: Martin Törngren
Type and Venue: HIPEAC Roadmap
Read more or download as PDF here:

Abstract: Our world is evolving very rapidly, both from the technological point of view – with impressive advances in articial intelligence and new hardware challenging longstanding PC hardware traditions, for example – and as a result of unexpected events. e year 2020 was quite exceptional, an annus horribilis, according to some. It is hard to disagree with this statement, but every dark cloud has a silver lining. 2020 was also the year that accelerated digital transformation beyond what could have been imagined in 2019. Vaccine development happened faster than would ever have been conceivable a year ago, digital payment became the norm for many people and e-commerce and online sales threatened brick and mortar shops. Employees were encouraged to work from home – with its advantages and disadvantages, videoconferencing became the de facto way to interact with both family and colleagues, schools were forced to experiment with distance learning. e list goes on. Aer living for over a year in an online world, most people will not return completely to the “old normal”. ey will go for a combination of the “old normal” and things they discovered and experimented with in the circumstances forced upon us by COVID-19; they might keep their home oce on some days, and be in the workplace on other days. Higher education will certainly also continue to offer online teaching. The rapidly evolving digital world has also had an impact on the HiPEAC Vision: updating it every two years no longer seems quite in keeping with the speed of the evolution of computing systems. erefore, we decided to move from producing a large roadmap document every other year, to an agile, rapidly evolving electronic magazine-like set of articles.

An FPGA Implementation of 4 x 4 Arbiter PUF

TECoSA Project (remove if not relevant):
Authors: Can Aknesil, Elena Dubrova
Type and Venue: (Conference) 51st IEEE International Symposium on Multiple-Valued Logic (ISMVL’2021)
Links to DOI (if available) and/or PDF:
Also a full Master thesis (2020.08), downloadable as a PDF:

Abstract: The need of protecting data and bitstreams increasesin computation environments such as FPGA as a Service (FaaS). Physically Unclonable Functions (PUFs) have been proposedas a solution to this problem. In this paper, we present animplementation of Arbiter PUF with 4×4 switch blocksin Xilinx Series 7 FPGA, perform its statistical analysis, andcompare it to other Arbiter PUF variants. We show that thepresented implementation utilizes five times less area than 2×2 Arbiter PUF-based implementations. It is suitable for manyreal-world applications, including identification, authentication,key provisioning, and random number generation.

Published 2020

Caching Policies over Unreliable Channels

TECoSA Project (remove if not relevant):
Authors: Paulo Sena, Igor Carvalho, Antonio Abelem, György Dán, Daniel Menaschex, Don Towsley
Type and Venue: (Conference) WiOpt 2020 Workshop on Content Caching and Data Delivery over Wireless Networks (CCDWN)
Read more or download as PDF here:

Abstract: Recently, there has been substantial progress in the formal understanding of how caching resources should be allocated when multiple caches each deploy the common LRU policy. Nonetheless, the role played by caching policies beyond LRU in a networked setting where content may be replicated across multiple caches and where channels are unreliable is still poorly understood. In this paper, we investigate this issue by first analyzing the cache miss rate in a system with two caches of unit size each, for the LRU, and the LFU caching policies, and their combination. Our analytical results show that joint use of the two policies outperforms LRU, while LFU outperforms all these policies whenever resource pooling is not optimal. We provide empirical results with larger caches to show that simple alternative policies, such as LFU, provide superior performance compared to LRU even if the space allocation is not fine tuned. We envision that fine tuning the cache space used by such policies may lead to promising additional gains.

Federated Learning in Side-Channel Analysis

TECoSA Project (remove if not relevant):
Authors: Elena Dubrova, Huanyu Wang
Type and Venue: (Conference) International Conference on Information Security and Cryptology 2020
Link to DOI:

Abstract: Recently introduced federated learning is an attractive framework for the distributed training of deep learning models with thousands of participants. However, it can potentially be used with malicious intent. For example, adversaries can use their smartphones to jointly train a classifier for extracting secret keys from the smartphones’ SIM cards without sharing their side-channel measurements with each other. With federated learning, each participant might be able to create a strong model in the absence of sufficient training data. Furthermore, they preserve their anonymity. In this paper, we investigate this new attack vector in the context of side-channel attacks. We compare the federated learning, which aggregates model updates submitted by N participants, with two other aggregating approaches: (1) training on combined side-channel data from N devices, and (2) using an ensemble of N individually trained models. Our first experiments on 8-bit Atmel ATxmega128D4 microcontroller implementation of AES show that federated learning is capable of outperforming the other approaches.

A Permissioned Blockchain based Feature Management System for Assembly Devices

TECoSA Project (remove if not relevant):
Authors: Lifei Tang, Martin Törngren, Lihui Wang
Type and Venue: (Journal) IEEE Access
Links to DOI (if available) and/or PDF: DOI: 10.1109/ACCESS.2020.3028606

Abstract: With the increasing spread and adoption of electronics and software as integral parts of all kinds of physical devices, such devices are becoming controlled by their embedded software. Correspondingly, the manufacturing business has started the transition from selling hardware to selling features (e.g. “insane mode” and “ludicrous mode” in Tesla Model S). Consequently, a trustworthy system to automate such a process becomes essential. This article introduces a permissioned blockchain-based feature management system for assembly devices. Firstly, it leverages software licensing technology to control assembly devices’ features. Secondly, by recording the license ownership transaction data in a permissioned blockchain, the approach (1) takes advantage of blockchain’s trust mechanism and its distributed nature to improve the trustworthiness of the feature management system, and (2) adopts the permissioned blockchain technology to ensure that the license transactions are only visible and applicable to authenticated actors. We further describe an implementation, a proof-of-concept evaluation focusing on functionality and performance, as well as a security analysis.

Bitstream Modification with Interconnect In Mind

TECoSA Project (remove if not relevant):
Authors: Michail Moraitis, Elena Dubrova
Type and Venue: (Conference) Hardware and Architectural Support for Security and Privacy Workshop (HASP’2020)
Links to DOI (if available) and/or PDF:

Abstract: Bitstream reverse engineering is traditionally associated with Intellectual Property (IP) theft. Another, less known, threat deriving from that is bitstream modification attacks. It has been shown that the secret key can be extracted from FPGA implementations of cryp-tographic algorithms by injecting faults directly into the bitstream. Such bitstream modification attacks rely on changing the content of Look Up Tables (LUTs). Therefore, related counter measures aim to make the task of identifying a LUT more difficult (e.g. by masking LUT content). However, recent advances in FPGA reverse engineering revealed information on how interconnects are encoded in the bitstream of Xilinx 7 series FPGAs. In this paper, we show that this knowledge can be used to break or weaken existing counter measures, as well as improve existing attacks. Furthermore, a straight-forward attack that re-routes the key to an output pin becomes possible. We demonstrate our claims on an FPGA implementationof SNOW 3G stream cipher, a core algorithm for confidentiality and integrity used in several 3GPP wireless communication standards, including the new Next Generation 5G.