ReTruSt
ReTruSt: Resilient, Trustworthy, Sustainable
The research groups consist of interdisciplinary team members with different expertise and research areas, coordinated by Prof. Dr. Claudia Eckert.
The goal of ReTruSt is to research and test technological, as well as socio-technical, legal and economical solutions in order to make complex networked, highly dynamic, socio-technical systems trustworthy and resilient to cyber-attacks throughout their entire life cycle and to operate them in a verifiable, sustainably secure manner.
With ReTruSt, fundamental methods, technical concepts, software tools, and system architectures are to be researched and tested in interdisciplinary collaboration, which provides the basis for mastering the challenges.
As the attack surface of networked systems increases, the risks of cyber-attacks increase. These cannot be ruled out even when using advanced protective measures. Therefore, future systems must be able to protect sensitive resources but at the same time continue to provide their core functionality, even if the system is exposed to cyber-attacks. This is the demand for Cyber-Resilience. Cyber-Resilient systems must have the ability to detect and defend against attacks, i.e. be prepared for them, plan for them, cope with them and recover from them. At the same time, they should be able to learn and continuously improve in order to sustainably maintain the required level of protection. The demand for Cyber-Resilience goes well beyond the protection of systems in the classic sense and is an indispensable property of future software-based systems, infrastructures and business processes.
Research Areas:
1. Resilient trusted software architectures, embedded systems and infrastructures
2. Theoretical, formal foundations and systems engineering
3. User acceptance, privacy and traceability
- Prof. Dr. Claudia Eckert (Chair of IT Security)
- Prof. Jens Großklags, Ph.D. (Cyber Trust)
- Prof. Dr. Pramod Bhatotia (Distributed Systems and Operating Systems)
- Prof. Dr.-Ing. Georg Carle (Chair of Network Architectures and Services)
- Prof. Dr.-Ing. Georg Sigl (Chair of Security in Information Technology)
Research projects
The Retrust network includes various research projects with numerous industry partners:
- Hardware-Assisted Memory Safety and Security (Martin Fink, Distributed Systems and Operating Systems)
- Cyber-Resilient and Secure Systems (Lukas Gehrke, IT Security)
- Cyber Resilience, in collaboration with industry partners (Utku Budak, Security in Information Technology)
- QUIC Post-Quantum Transport Layer Security, Measurements and Modeling (Marcel Kempf, Network Architectures and Services)
Speaker Series
The network organizes reoccurring events, open to university students, researchers and industry partners.
Vol. 1 on 25th of June:
"The Linux kernel architecture faces inherent limitations in its security design, primarily due to constraints imposed by the underlying hardware. The Linux kernel must not only isolate user-space processes but also protect itself from unauthorized access—a task made increasingly challenging by the presence of vulnerabilities. Since modern security mechanisms rely on the Linux kernel's integrity, their effectiveness collapses as soon as the kernel is compromised. Therefore, the kernel's resilience is crucial to the security of the entire system, raising the fundamental question: how can we maintain robust security despite the presence of kernel vulnerabilities?
In this presentation, we introduce a virtualization-assisted security architecture for the Linux kernel to address these challenges. Our solution provides a lightweight virtualization layer comprising a thin, formally-verifiable virtual machine monitor on top of the open-source NOVA microhypervisor. Acting as a security support layer, this architecture enables the Linux kernel to effectively leverage the system's virtualization extensions to fortify its defenses. In-line with virtualization-based state-of-the-art security mechanisms, our solution enforces Linux kernel code integrity and protects selected data structures from being abused by malicious actors. Beyond these capabilities, it enables advanced security features, such as isolating selected security-critical subsystems within the Linux kernel itself and providing a versatile event monitoring facility targeting the activity of applications and containers in user space. Overall, by bridging the traditional separation between the OS and system virtualization technologies, our open source implementation integrates both to create a more robust and resilient security foundation. We present our implementation as a promising approach to mitigating the risks posed by kernel vulnerabilities while significantly enhancing the security posture of modern systems."
Sergej Proskurin works as a Senior Staff Security Engineer at BlueRock Security, specializing in virtualization-assisted operating system security. He received his Ph.D. in Computer Science from the Technical University of Munich. His research interests cover a wide range of low-level topics. In particular, he is passionate about operating system design and leveraging virtualization technology for dynamic binary analysis and operating system security. In the past, Sergej actively contributed to open source projects, including the Xen Project hypervisor and the black-box binary analysis system DRAKVUF.
Publications
Lukas Gehrke et al. Report: "Proceedings of the Seminar Cyber-Resilient Systems: Summer Semester 2024", doi:10.14459/2024md1759337
Utku Budak, Fabrizio De Santis, and Georg Sigl. "A Lightweight Firmware Resilience Engine for IoT Devices Leveraging Minimal Processor Features." 2024 IEEE International Conference on Cyber Security and Resilience (CSR). IEEE, 2024. (Best Paper Award) doi.org/10.1109/CSR61664.2024.10679408
Martin Fink, Dimitrios Stavrakakis, Dennis Sprokholt, Soham Chakraborty, Jan-Erik Ekberg, and Pramod Bhatotia. 2025. “Cage: Hardware-Accelerated Safe WebAssembly.” In Proceedings of the 23rd ACM/IEEE International Symposium on Code Generation and Optimization (CGO '25). Association for Computing Machinery, New York, NY, USA, 538–552. doi.org/10.1145/3696443.3708920
Marcel Kempf et al. "A Quantum of QUIC: Dissecting Cryptography with Post-Quantum Insights," 2024 IFIP Networking Conference (IFIP Networking), Thessaloniki, Greece, 2024, pp. 195-203, doi.org/10.23919/IFIPNetworking62109.2024.10619916