Overview
Cybersecurity deals with the protection of information systems, and the services and operations that they support, against unauthorised access and disruption. Cybersecurity is essential in a highly digitalised society to protect devices and engineered infrastructures, from individual computers to complex socio-technical systems. It is a multidisciplinary research area, including aspects of information technology, human factors, ethics, law, policy, and risk management in the context of adversaries.
At the Department of Information Technology, we have identified cybersecurity as a strategic area for both research and education. Our research tackles challenges in a diverse range of areas, ranging from security aspects at the hardware and software levels, including security in computer networks and in the Internet-of-Things (IoT), to security and privacy in application areas such as machine learning, control systems, and online information. Our cybersecurity-related education offers courses at all higher-education levels, including introductory life-long-learning courses, basic and advanced courses, and doctoral courses at the current cybersecurity research frontier.
We warmly welcome contacts for collaboration and from prospective students and researchers!
Research Topics
- Cybersecurity and formal verification: automatically reasoning about the presence or absence of vulnerabilities in software and web applications through techniques from the formal methods area, including model checking, symbolic execution, and SMT (satisfiability modulo theories) solving.
- Anomaly detection: automatically detecting and identifying attacks and security breaches in a timely manner and distinguishing them from legitimate behaviours.
- Security in the Internet-of-Things: protecting the less powerful IoT devices and networks from attacks and detecting when they have been compromised. Examples include in-body sensor networks.
- Cybersecurity and Privacy in Learning and Control: protecting intelligent autonomous decision-making systems, powered by data-driven machine learning and model-based control engineering, against malicious adversaries. Examples include industrial control systems, smart grids, and artificial pancreas.
- Privacy-Preserving Federated Machine Learning: designing and developing large-scale training environments for millions of devices, with accurate model training based on local heterogeneous and unbalanced datasets, while ensuring data privacy and trust and auditability for the model preparation process.
- Secure Computer Architecture: designing the Computer Architecture 2.0 that closes the hardware security holes, without compromising performance and efficiency, and provides the substrate on which all other (software) security is built.
- Online Information Disorder: contributing to a higher quality of online information, for example exposing disinformation.
Research Entities
Faculty Members
- Bengt Jonsson (software security)
- Stefanos Kaxiras (secure computer architecture)
- Matteo Magnani (online information disorder)
- Sérgio Pequito (secure control systems)
- Christian Rohner (network security)
- Philipp Rümmer (formal methods for security)
- André Teixeira (secure learning and control, see also his homepage)
- Salman Toor (federated machine learning)
- Davide Vega (online information disorder)
- Björn Victor (security education)
- Thiemo Voigt (IoT security)
- José Mairton Barros da Silva Júnior (federated machine learning, see also his homepage)
Research Awards
- The Knut and Alice Wallenberg Foundation (KAW) has appointed André Teixeira as one of the Wallenberg Academy Fellows in 2023. Wallenberg Academy Fellows, the career program for young researchers launched by KAW in cooperation with the Swedish Royal Academies in 2012, provides long-term funding for young, promising Swedish and foreign researchers from all academic fields.
- The Royal Society of Sciences at Uppsala has awarded the Lilly and Sven Thuréus prize 2023, technology-economics class, to André Teixeira for his work in "designing intelligent autonomous decision-making systems that are secure and resilient to external attacks (cyber threats)".
- Chydenius medal to the Nordic observatory for digital media and information disorder (NORDIS)
Courses
- 1DL003 Cyber Security in a Societal Perspective
- 1DT072 Secure Computer Systems I
- 1DT075 Cryptology
- 1DT098 Security and Privacy
- 1DT111 Introduction to Cybersecurity and its Applications
- 1RT004 Safety and Security in Control Systems
- Cyber-physical Security of Networked Control Systems (PhD course)
- Modules inside courses: Computer Networks, Database security, Privacy-Preserving Data Mining, Automatic Control, Distributed Information Systems