Professor David Oswald

Professor David Oswald

School of Computer Science
Professor in Computer Security
Head of Research of Computer Science

Contact details

Email
d.f.oswald@bham.ac.uk
View my research portal
Address
School of Computer Science
University of Birmingham
Edgbaston
Birmingham
B15 2TT
UK

David Oswald is a Full Professor in the Centre for Cyber Security and Privacy at the University of Birmingham, UK. His main field of research is the security of embedded systems and trusted execution. On the one hand, the focus is on attack methods that exploit weaknesses in the physical implementation of mathematically secure cryptographic algorithms. Those techniques include both (passive) side-channel analysis and (active) fault injection, as well as reverse engineering.

On the other hand, David is working on the practical realization of security systems in embedded applications. His research on vulnerabilities of various wide-spread systems (e.g. DESFire RFID smartcards, VW/Hitag2 RKE systems, and Intel SGX) has created awareness for the crucial importance of security among developers of embedded devices.

For more information please visit David's Computer Science profile

Qualifications

  • PhD (“Dr.-Ing.”) in IT Security (Ruhr-University Bochum) 2013
  • Combined MSc/BSc in IT Security (“Dipl.-Ing.”) 2009

Postgraduate supervision

  • Murdock, main supervisor, since 2018: FaultFinder: From Faulty Output to Fault Model --- An Automated Approach

  • Pemberton, main supervisor, since 2018: BioLeak: Side-Channel Analysis of Fingerprint Matching Algorithms

  • Aldoseri, main supervisor since 2018: Security of TEEs

  • Zhang, main supervisor since 2019: Next-generation security protocols for medical devices

  • Spielman, main supervisor since 2021: SCAvenger - Attacking Machine Learning with Side Channel Attacks
  • Jacqueline, main supervisor since 2021: Capability architectures: attacks and defenses

Research

  • Embedded system security

  • IoT, RFID and wireless communication

  • Real-world implementation attacks

  • Side-channel analysis

  • Trusted Execution Environments

Publications

Recent publications

Article

Jackson, J, Jiang, M & Oswald, D 2025, 'CHERI-Crypt: Transparent Memory Encryption on Capability Architectures', IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2025, no. 2, pp. 268-292. https://doi.org/10.46586/tches.v2025.i2.268-292

Zhang, M, Wang, C, Jiang, W, Oswald, D, Murray, T, Marin, E, Wei, J, Ryan, M & Kostakos, V 2025, 'Using Vibration for Secure Pairing with Implantable Medical Devices: Development and Usability Study', JMIR Biomedical Engineering, vol. 10, e57091. https://doi.org/10.2196/57091

Conference contribution

Spielman, J, Oswald, D, Ryan, M & Van Bulck, J 2025, Activation Functions Considered Harmful: Recovering Neural Network Weights through Controlled Channels. in 28th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2025). IEEE, 28th International Symposium on Research in Attacks, Intrusions, and Defenses, Gold Coast, Australia, 19/10/25.

De Meulemeester, J, Wilke, L, Oswald, D, Eisenbarth , T, Verbauwhede, I & Van Bulck, J 2025, BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments. in 2025 IEEE Symposium on Security and Privacy (SP): San Francisco, CA, USA, 2025. 1 edn, IEEE Symposium on Security and Privacy, IEEE, pp. 104-104, 46th IEEE Symposium on Security and Privacy, San Francisco, California, United States, 12/05/25. https://doi.org/10.1109/SP61157.2025.00104.

Zhang, C, Yang, X, Oswald, D, Ryan, M & Jovanovic, P 2025, Eva: Efficient Privacy-Preserving Proof of Authenticity for Lossily Encoded Videos. in 2025 IEEE Symposium on Security and Privacy (SP)., 11023495, IEEE Symposium on Security and Privacy, IEEE, pp. 4643-4662, 46th IEEE Symposium on Security and Privacy, San Francisco, California, United States, 12/05/25. https://doi.org/0.1109/SP61157.2025.00237

Henes, J, Muench, M, Oswald, D & Ragab, H 2025, Talk: Transient-execution attacks on the CHERI Morello platform. in 2025: Proceedings of the Microarchitecture Security Conference (uASC '25). Proceedings of the Microarchitecture Security Conference, vol. 1, Ruhr University Bochum, Bochum, 1st Microarchitecture Security Conference, Bochum, North Rhine-Westphalia, Germany, 19/02/25. https://doi.org/10.46586/uasc.2025.104

Murdock, K, Thompson, M & Oswald, D 2024, FaultFinder: lightning-fast, multi-architectural fault injection simulation. in ASHES '24: Proceedings of the 2024 Workshop on Attacks and Solutions in Hardware Security. Association for Computing Machinery (ACM), 8th Workshop on Attacks and Solutions in Hardware Security, Salt Lake City, Utah, United States, 18/10/24.

Zhang, M, Marin, E, Ryan, M, Kostakos, V, Murray, T, Tag, B & Oswald, D 2024, OOBKey: Key Exchange with Implantable Medical Devices Using Out-Of-Band Channels. in ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security., 191, Association for Computing Machinery (ACM), 19th International Conference on Availability, Reliability and Security, Vienna, Austria, 30/07/24. https://doi.org/10.1145/3664476.3670876

Bowden, M, Chothia, T, Clee, A, Collins, S, Henes, J & Oswald, D 2024, Teaching Adversarial Thinking by Having Students Circumvent Exam Rules. in P Legg, N Coull & C Clarke (eds), Advances in Teaching and Learning for Cyber Security Education. 1 edn, Lecture Notes in Networks and Systems, vol. 1213, Springer, pp. 75–95, The 4th Annual Advances in Cyber Security Education, Bristol, United Kingdom, 2/07/24. https://doi.org/10.1007/978-3-031-77524-6_5

Pemberton, O & Oswald, D 2023, BioLeak: Exploiting Cache Timing to Recover Fingerprint Minutiae Coordinates. in ASHES '23: Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security. CCS: Computer and Communications Security, Association for Computing Machinery (ACM), pp. 61–72, 2023 Workshop on Attacks and Solutions in Hardware Security (ASHES ’23), Copenhagen, Denmark, 30/11/23. https://doi.org/10.1145/3605769.3623994

Van Strydonck , T, Noorman , J, Jackson, J, Dias, L, Vanderstraeten , R, Oswald, D, Piessens, F & Devriese , D 2023, CHERI-TrEE: Flexible enclaves on capability machines. in EuroS&P - 8th IEEE European Symposium on Security and Privacy. IEEE European Symposium on Security and Privacy, IEEE, pp. 1143-1159, 8th IEEE European Symposium on Security and Privacy, Delft, Netherlands, 3/07/23. https://doi.org/10.1109/EuroSP57164.2023.00070.

Preprint

Spielman, J, Oswald, D, Ryan, M & Van Bulck, J 2025 'Activation Functions Considered Harmful: Recovering Neural Network Weights through Controlled Channels' arXiv. <https://arxiv.org/abs/2503.19142>

Wang, Q, Sander, J, Jiang, M, Eisenbarth , T & Oswald, D 2025 'BarkBeetle: Stealing Decision Tree Models with Fault Injection' arXiv. https://doi.org/10.48550/arXiv.2507.06986

Wang, Q & Oswald, D 2024 'Confidential Computing on Heterogeneous CPU-GPU Systems: Survey and Future Directions' arXiv. https://doi.org/10.48550/arXiv.2408.11601

Zhang, C, Yang, X, Oswald, D, Ryan, M & Jovanovic, P 2024 'Eva: Efficient IVC-Based Authentication of Lossy-Encoded Videos' Cryptology ePrint Archive. <https://eprint.iacr.org/2024/1436>

View all publications in research portal