From Exploits to Defenses: Building Trustworthy Digital Systems
Thorsten Holz
Max Planck Institute for Security and Privacy
(hosted by Krishna Gummadi)
(hosted by Krishna Gummadi)
17 Sep 2025, 12:15 pm - 1:15 pm
Kaiserslautern building G26, room 111
AICS Distinguished Speaker Colloquium
Building trustworthy software systems has become increasingly challenging as
complexity grows across the hardware-software stack. Adversaries exploit
sophisticated techniques such as return-oriented programming and timing side
channels to bypass traditional defenses and compromise critical components.
This talk examines these classes of low-level attacks and presents defenses we
have developed, including control-flow integrity mechanisms and memory tagging.
I will further discuss how automated approaches such as fuzzing can help us to
systematically expose latent vulnerabilities and strengthen the design of
security-critical systems, ...
Building trustworthy software systems has become increasingly challenging as
complexity grows across the hardware-software stack. Adversaries exploit
sophisticated techniques such as return-oriented programming and timing side
channels to bypass traditional defenses and compromise critical components.
This talk examines these classes of low-level attacks and presents defenses we
have developed, including control-flow integrity mechanisms and memory tagging.
I will further discuss how automated approaches such as fuzzing can help us to
systematically expose latent vulnerabilities and strengthen the design of
security-critical systems, aiming for resilience against both current and
emerging threats. I will conclude with an overview of future challenges.
Read more