Staff profile

Prof David Oswald

David Oswald is Professor of Cyber Security at the Department of Computer Science at Durham University, UK. Previously, he held academic positions at the University of Birmingham (UK) and Ruhr University Bochum (Germany).His main field of research is the security of embedded systems and trusted execution. One area of focus is on attack methods that exploit weaknesses in the physical implementation of mathematically secure cryptographic algorithm, including both (passive) side-channel analysis and (active) fault injection, as well as reverse engineering.

His work also includes the practical realisation of security systems in embedded applications, and, more recently, analysis of trusted execution technologies like Intel SGX AMD SEV-SNP, as well as applications of CHERI in this context as part of the Digital Security by Design initiative. 

He has numerous papers at top-tier security conferences such as (T)CHES, IEEE S&P, ACM CCS, and USENIX Security. He participates in the programme committees of major hardware security conferences, including Usenix Security, TCHES, and ACM CCS, and was general chair for CARDIS 2022 hosted at the University of Birmingham.

• Trusted execution and confidential computing
• Embedded systems security
• Security of real-world systems (e.g. automotive and IoT devices), including the interactions with safety and related areas
• Side-channel analysis, fault injection and other implementation attacks

Conference Paper

• Activation Functions Considered Harmful: Recovering Neural Network Weights through Controlled Channels
  
  Spielman, J., Oswald, D., Ryan, M., & Van Bulck, J. (in press). Activation Functions Considered Harmful: Recovering Neural Network Weights through Controlled Channels. Presented at The 28th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2025), Gold Coast, Australia.
• Battering RAM: Low-Cost Interposer Attacks on Confidential Computing via Dynamic Memory Aliasing
  
  De Meulemeester, J., Oswald, D., Verbauwhede, I., & Van Bulck, J. (in press). Battering RAM: Low-Cost Interposer Attacks on Confidential Computing via Dynamic Memory Aliasing. Presented at IEEE Symposium on Security and Privacy, San Francisco, USA.
• BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments
  
  De Meulemeester, J., Wilke, L., Oswald, D., Eisenbarth, T., Verbauwhede, I., & Van Bulck, J. (2025, June 16). BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments. Presented at 2025 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA. https://doi.org/10.1109/sp61157.2025.00104
• Eva: Efficient Privacy-Preserving Proof of Authenticity for Lossily Encoded Videos
  
  Zhang, C., Yang, X., Oswald, D., Ryan, M., & Jovanovic, P. (2025, June 16). Eva: Efficient Privacy-Preserving Proof of Authenticity for Lossily Encoded Videos. Presented at 2025 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA. https://doi.org/10.1109/sp61157.2025.00237
• PLATYPUS: Software-based Power Side-Channel Attacks on x86
  
  Lipp, M., Kogler, A., Oswald, D., Schwarz, M., Easdon, C., Canella, C., & Gruss, D. (2021, August 26). PLATYPUS: Software-based Power Side-Channel Attacks on x86. Presented at 2021 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA. https://doi.org/10.1109/sp40001.2021.00063
• Plundervolt: Software-based Fault Injection Attacks against Intel SGX
  
  Murdock, K., Oswald, D., Garcia, F. D., Van Bulck, J., Gruss, D., & Piessens, F. (2020, July 30). Plundervolt: Software-based Fault Injection Attacks against Intel SGX. Presented at 2020 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA. https://doi.org/10.1109/sp40000.2020.00057

Journal Article

• CHERI-Crypt: Transparent Memory Encryption on Capability Architectures
  
  Jackson, J., Jiang, M., & Oswald, D. (2025). CHERI-Crypt: Transparent Memory Encryption on Capability Architectures. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025(2), 268-292. https://doi.org/10.46586/tches.v2025.i2.268-292