About me

I am a professor in the DistriNet lab at the Department of Computer Science of KU Leuven, Belgium. My research explores attacks and defenses at the hardware-software boundary, with particular attention to privileged side channels in trusted execution environments.

Publications

2025
Confusing Value with Enumeration: Studying the Use of CVEs in Academia
Moritz Schloegel, Daniel Klischies, Simon Koch, David Klein, Lukas Gerlach, Malte Wessels, Leon Trampert, Martin Johns, Mathy Vanhoef, Michael Schwarz, Thorsten Holz, Jo Van Bulck
34th USENIX Security Symposium, 2025.
USENIX Security 2025 Distinguished Paper Award Artifacts evaluated: Available
@inproceedings{schloegel2025confusing,
  title     = {Confusing Value with Enumeration: Studying the Use of {CVEs} in Academia},
  author    = {Schloegel, Moritz and Klischies, Daniel and Koch, Simon and Klein, David and Gerlach, Lukas and Wessels, Malte and Trampert, Leon and Johns, Martin and Vanhoef, Mathy and Schwarz, Michael and Holz, Thorsten and Van Bulck, Jo},
  booktitle = {34th {USENIX} Security Symposium ({USENIX} Security 25)},
  month     = Aug,
  year      = 2025
}

This paper analyzes the use of CVE identifiers in A* security papers through quantitative analysis, qualitative review, and a user study. We highlight an increasing trend in CVE inclusion, widespread misconceptions about the CVE ecosystem, and advise caution against using CVEs as proxies for real-world impact beyond mere identification.

Topics: meta-science

SCASE: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution
Daniel Weber, Lukas Gerlach, Leon Trampert, Youheng Lü, Jo Van Bulck, Michael Schwarz
34th USENIX Security Symposium, 2025.
Artifacts evaluated: Available, Functional, Reproduced
@inproceedings{weber2025scase,
  title     = {{SCASE}: Automated Secret Recovery via Side-Channel-Assisted Symbolic Execution},
  author    = {Weber, Daniel and Gerlach, Lukas and Trampert, Leon and L\"u, Youheng and Van Bulck, Jo  and Schwarz, Michael},
  booktitle = {34th {USENIX} Security Symposium ({USENIX} Security 25)},
  month     = Aug,
  year      = 2025
}

Side-channel-assisted symbolic execution (SCASE) is a novel methodology for automated key extraction from opaque binaries using concrete side-channel traces to effectively prune the symbolic-execution search space. We demonstrate SCASE's effectiveness and ability to combat state explosion using page-access traces extracted with SGX-Step, recovering OpenSSL cryptographic keys and other inputs.

Topics: attack, symbolic-execution, side-channel, intel-sgx, sgx-step

openIPE: An Extensible Memory Isolation Framework for Microcontrollers
Marton Bognar, Jo Van Bulck
10th IEEE European Symposium on Security and Privacy (EuroS&P), 2025.
EuroS&P 2025 Distinguished Paper Award
@inproceedings{bognar25openipe,
  title     = {{openIPE}: An Extensible Memory Isolation Framework for Microcontrollers},
  author    = {Bognar, Marton and Van Bulck, Jo},
  year      = 2025,
  booktitle = {10th {IEEE} European Symposium on Security and Privacy (EuroS{\&}P)},
}

OpenIPE is an open research platform for enhancing memory isolation in low-end microcontrollers. We introduce minimal hardware extensions, compatible with Texas Instruments' proprietary IPE specification and resistant against our earlier IP Exposure attacks, alongside a versatile firmware layer enabling rapid prototyping of advanced hardware-software co-design security features.

Topics: defense, side-channel, symbolic-execution, interface-shielding, mcu

Wait a Cycle: Eroding Cryptographic Trust in Low-End TEEs via Timing Side Channels
Ruben Van Dijck, Marton Bognar, Jo Van Bulck
8th Workshop on System Software for Trusted Execution (SysTEX), 2025.
SysTEX 2025 Best Paper with Artifacts Award Artifacts evaluated: Available, Functional, Reusable
@inproceedings{vandijck2025wait,
    title     = {Wait a Cycle: Eroding Cryptographic Trust in Low-End {TEEs} via Timing Side Channels},
    author    = {Van Dijck, Ruben and Bognar, Marton and Van Bulck, Jo},
    booktitle = {8th Workshop on System Software for Trusted Execution {(SysTEX)}},
    month     = Jun,
    year      = 2025,
}
Principled Symbolic Validation of Enclaves on Low-End Microcontrollers
Gert-Jan Goossens, Jo Van Bulck
8th Workshop on System Software for Trusted Execution (SysTEX), 2025.
Artifacts evaluated: Available, Functional, Reusable
@inproceedings{goossens2025principled,
    title     = {Principled Symbolic Validation of Enclaves on Low-End Microcontrollers},
    author    = {Goossens, Gert-Jan and Van Bulck, Jo},
    booktitle = {8th Workshop on System Software for Trusted Execution {(SysTEX)}},
    month     = Jun,
    year      = 2025,
}
TLBlur: Compiler-Assisted Automated Hardening against Controlled Channels on Off-the-Shelf Intel SGX Platforms
Daan Vanoverloop, Andres Sanchez, Flavio Toffalini, Frank Piessens, Mathias Payer, Jo Van Bulck
34th USENIX Security Symposium, 2025.
Artifacts evaluated: Available, Functional, Reproduced
@inproceedings{vanoverloop2025tlblur,
  title     = {{TLBlur}: Compiler-Assisted Automated Hardening against Controlled Channels on Off-the-Shelf {Intel SGX} Platforms},
  author    = {Vanoverloop, Daan and Sanchez, Andres and Toffalini, Flavio and Piessens, Frank and Payer, Mathias and Van Bulck, Jo},
  booktitle = {34th {USENIX} Security Symposium ({USENIX} Security 25)},
  month     = Aug,
  year      = 2025
}

TLBlur is a compiler-assisted mitigation for Intel SGX that uses the AEX-Notify hardware extension to transparently limit, i.e., "blur", the bandwidth of controlled-channel attacks to the set of recently accessed pages.

Topics: defense, side-channel, intel-sgx, sgx-step

BadRAM: Practical Memory Aliasing Attacks on Trusted Execution Environments
Jesse De Meulemeester, Luca Wilke, David Oswald, Thomas Eisenbarth, Ingrid Verbauwhede, Jo Van Bulck
46th IEEE Symposium on Security and Privacy (S&P), 2025.
CVE-2024-21944 AMD response
@inproceedings{demeulemeester24-badram,
  title     = {{BadRAM}: Practical Memory Aliasing Attacks on Trusted Execution Environments},
  author    = {De Meulemeester, Jesse and Wilke, Luca and Oswald, David and Eisenbarth, Thomas and Verbauwhede, Ingrid and Van Bulck, Jo},
  booktitle = {46th {IEEE} Symposium on Security and Privacy ({S\&P})},
  month     = May,
  year      = 2025,
}

BadRAM is a novel attack technique which modifies DRAM SPD metadata to create aliases in the physical address space and effectively bypass processor-level access restrictions. Using this powerful aliasing primitive, we dismantle trust in the AMD SEV-SNP ecosystem by replaying critical attestation reports.

Topics: attack, side-channel, amd-sev

2024
Exceptions Prove the Rule: Investigating and Resolving Residual Side Channels in Provably Secure Interrupt Handling
Matteo Busi, Pierpaolo Degano, Riccardo Focardi, Letterio Galletta, Flaminia Luccio, Frank Piessens, Jo Van Bulck
4th Workshop on Program Analysis and Verification on Trusted Platforms (PAVeTrust), 2024.
@inproceedings{busi2024exceptions,
    author    = {Busi, Matteo and Degano, Pierpaolo and Focardi, Riccardo and Galletta, Letterio  and Luccio, Flaminia and Piessens, Frank and Van Bulck, Jo},
    title     = {Exceptions Prove the Rule: Investigating and Resolving Residual Side Channels in Provably Secure Interrupt Handling},
    booktitle = {4th Workshop on Program Analysis and Verification on Trusted Platforms (PAVeTrust)},
    month     = Sept,
    year      = 2024,
}
Intellectual Property Exposure: Subverting and Securing Intellectual Property Encapsulation in Texas Instruments Microcontrollers
Marton Bognar, Cas Magnus, Frank Piessens, Jo Van Bulck
33rd USENIX Security Symposium, 2024.
TI-PSIRT-2023-040180 TI response Artifacts evaluated: Available, Functional, Reproduced
@inproceedings{bognar2024exposure,
    author    = {Bognar, Marton and Magnus, Cas and Piessens, Frank and Van Bulck, Jo},
    title     = {Intellectual Property Exposure: Subverting and Securing {Intellectual Property Encapsulation} in {Texas Instruments} Microcontrollers},
    booktitle = {33rd {USENIX} Security Symposium},
    month     = Aug,
    year      = 2024,
}
Pandora: Principled Symbolic Validation of Intel SGX Enclave Runtimes
Fritz Alder, Lesly-Ann Daniel, David Oswald, Frank Piessens, Jo Van Bulck
45th IEEE Symposium on Security and Privacy (S&P), 2024.
CVE-2022-26509, CVE-2023-37479, CVE-2023-38022, CVE-2023-38021, CVE-2022-46487, CVE-2022-46486, CVE-2023-38023, CVE-2023-42776
@inproceedings{alder2024pandora,
    title     = {Pandora: Principled Symbolic Validation of {Intel SGX} Enclave Runtimes},
    author    = {Alder, Fritz and Daniel, Lesly-Ann and Oswald, David and Piessens, Frank and Van Bulck, Jo},
    booktitle = {45th {IEEE} Symposium on Security and Privacy ({S\&P})},
    month     = May,
    year      = 2024,
}
2023
SGX-Step: An Open-Source Framework for Precise Dissection and Practical Exploitation of Intel SGX Enclaves
Jo Van Bulck, Frank Piessens
ACSAC 2023 Cybersecurity Artifacts Competition and Impact Award Finalist Short Paper, 2023.
ACSAC 2023 Cybersecurity Artifacts Competition and Impact Award
@inproceedings{vanbulck2023sgxstep,
    title     = {{SGX-Step}: An Open-Source Framework for Precise Dissection and Practical Exploitation of {Intel SGX} Enclaves},
    author    = {Van Bulck, Jo and Piessens, Frank},
    booktitle = {ACSAC 2023 Cybersecurity Artifacts Competition and Impact Award Finalist Short Paper},
    month     = Dec,
    year      = 2023,
}
AEX-Notify: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for Intel SGX Enclaves
Scott Constable, Jo Van Bulck, Xiang Cheng, Yuan Xiao, Cedric Xing, Ilya Alexandrovich, Taesoo Kim, Frank Piessens, Mona Vij, Mark Silberstein
32nd USENIX Security Symposium, 2023.
@inproceedings{constable2023aexnotify,
    title     = {{AEX-Notify}: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for {Intel SGX} Enclaves},
    author    = {Constable, Scott and Van Bulck, Jo and Cheng, Xiang and Xiao, Yuan and
	         Xing, Cedric and Alexandrovich, Ilya and Kim, Taesoo and
                 Piessens, Frank and Vij, Mona and Silberstein, Mark },
    booktitle = {32nd {USENIX} Security Symposium},
    pages     = {4051--4068},
    month     = Aug,
    year      = 2023,
}
MicroProfiler: Principled Side-Channel Mitigation through Microarchitectural Profiling
Marton Bognar, Hans Winderix, Jo Van Bulck, Frank Piessens
8th IEEE European Symposium on Security and Privacy (EuroS&P), 2023.
@inproceedings{bognar2023microprofiler,
    title     = {MicroProfiler: Principled Side-Channel Mitigation through Microarchitectural Profiling},
    author    = {Bognar, Marton and Winderix, Hans and Van Bulck, Jo and Piessens, Frank},
    booktitle = {8th {IEEE} European Symposium on Security and Privacy {(EuroS\&P)}},
    month     = Jul,
    year      = 2023,
}
About Time: On the Challenges of Temporal Guarantees in Untrusted Environments
Fritz Alder, Gianluca Scopelliti, Jo Van Bulck, Jan Tobias Mühlberg
6th Workshop on System Software for Trusted Execution (SysTEX), 2023.
@inproceedings{alder2023about,
    title     = {About Time: On the Challenges of Temporal Guarantees in Untrusted Environments},
    author    = {Alder, Fritz and Scopelliti, Gianluca and Van Bulck, Jo and M\"uhlberg, Jan Tobias},
    booktitle = {6th Workshop on System Software for Trusted Execution {(SysTEX)}},
    month     = May,
    year      = 2023,
}
2022
A Case for Unified ABI Shielding in Intel SGX Runtimes
Jo Van Bulck, Fritz Alder, Frank Piessens
5th Workshop on System Software for Trusted Execution (SysTEX), 2022.
Patched in Enarx v0.2.1
@inproceedings{vanbulck2022abi,
    title     = {A Case for Unified {ABI} Shielding in {Intel SGX} Runtimes},
    author    = {Van Bulck, Jo and Alder, Fritz and Piessens, Frank},
    booktitle = {5th Workshop on System Software for Trusted Execution {(SysTEX)}},
    month     = Mar,
    year      = 2022,
}
Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectures
Marton Bognar, Jo Van Bulck, Frank Piessens
43rd IEEE Symposium on Security and Privacy (S&P), 2022.
@inproceedings{bognar2022gap,
    title     = {Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectures},
    author    = {Bognar, Marton and Van Bulck, Jo and Piessens, Frank},
    booktitle = {43rd {IEEE} Symposium on Security and Privacy {(S\&P)}},
    month     = May,
    year      = 2022,
}
Faulty Point Unit: ABI Poisoning Attacks on Trusted Execution Environments
Fritz Alder, Jo Van Bulck, Jesse Spielman, David Oswald, Frank Piessens
ACM Digital Threats: Research and Practice (DTRAP), 2022.
@article{alder2022fpu,
    title     = {Faulty Point Unit: ABI Poisoning Attacks on Trusted Execution Environments},
    author    = {Alder, Fritz and Van Bulck, Jo and Spielman, Jesse and Oswald, David and Piessens, Frank },
    journal   = {Digital Threats: Research and Practice},
    volume    = {3},
    number    = {2},
    pages     = {1--26},
    month     = Feb,
    year      = 2022,
}
2021
Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves
Fritz Alder, Jo Van Bulck, Frank Piessens, Jan Tobias Mühlberg
28th ACM Conference on Computer and Communications Security (CCS), 2021.
@inproceedings{alder2021aion,
    title     = {Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves},
    author    = {Alder, Fritz and Van Bulck, Jo and Piessens, Frank and M\"uhlberg, Jan Tobias},
    booktitle = {28th {ACM} Conference on Computer and Communications Security {(CCS)}},
    month     = Nov,
    year      = 2021,
}
Securing Interruptible Enclaved Execution on Small Microprocessors
Matteo Busi, Job Noorman, Jo Van Bulck, Letterio Galletta, Pierpaolo Degano, Jan Tobias Mühlberg, Frank Piessens
ACM Transactions on Programming Languages and Systems (TOPLAS), 2021.
@article{busi2021securing,
    title     = {Securing Interruptible Enclaved Execution on Small Microprocessors},
    author    = {Busi, Matteo and Noorman, Job and Van Bulck, Jo and Galletta,
                 Letterio and Degano, Pierpaolo and M\"uhlberg, Jan Tobias and
                 Piessens, Frank},
    journal   = {ACM Transactions on Programming Languages and Systems (TOPLAS)},
    volume    = {43},
    number    = {3},
    pages     = {1--77},
    year      = 2021,
}
Robust Authentication for Automotive Control Networks through Covert Channels
Stien Vanderhallen, Jo Van Bulck, Frank Piessens, Jan Tobias Mühlberg
Computer Networks, 2021.
@article{vanderhalle2021robust,
    title     = {Robust Authentication for Automotive Control Networks through Covert Channels},
    author    = {Vanderhallen, Stien and Van Bulck, Jo and Piessens, Frank and M\"uhlberg, Jan Tobias},
    journal   = {Computer Networks},
    volume    = {193},
    pages     = {108079:1--15},
    year      = 2021,
}
2020
Faulty Point Unit: ABI Poisoning Attacks on Intel SGX
Fritz Alder, Jo Van Bulck, David Oswald, Frank Piessens
36th Annual Computer Security Applications Conference (ACSAC), 2020.
ACSAC 2020 distinguished paper with artifacts award CVE-2020-0561, CVE-2020-15107 Artifacts evaluated: Reusable
@inproceedings{alder2020fpu,
    title     = {Faulty Point Unit: {ABI} Poisoning Attacks on {Intel SGX}},
    author    = {Alder, Fritz and Van Bulck, Jo and Oswald, David and Piessens, Frank },
    booktitle = {36th Annual Computer Security Applications Conference {(ACSAC)}},
    pages     = {415--427},
    month     = Dec,
    year      = 2020,
}
Microarchitectural Side-Channel Attacks for Privileged Software Adversaries
Jo Van Bulck
PhD thesis KU Leuven, September 14, 2020.
ACM SIGSAC Doctoral Dissertation Award 2021, ERCIM STM PhD Award 2021, FWO/IBM Innovation Award 2021
@phdthesis{vanbulck2020phd,
  title={Microarchitectural Side-Channel Attacks for Privileged Software Adversaries},
  author={Van Bulck, Jo},
  school={KU Leuven},
  month = Sep,
  year=2020
}
CopyCat: Controlled Instruction-Level Attacks on Enclaves
Daniel Moghimi, Jo Van Bulck, Nadia Heninger, Frank Piessens, Berk Sunar
29th USENIX Security Symposium, 2020.
CVE-2019-19960, CVE-2019-19961, CVE-2019-19963, CVE-2020-7960
@inproceedings{moghimi2020copycat,
    title     = {{CopyCat}: Controlled Instruction-Level Attacks on Enclaves},
    author    = {Moghimi, Daniel and Van Bulck, Jo and Heninger, Nadia and Piessens, Frank and Sunar, Berk},
    booktitle = {29th {USENIX} Security Symposium},
    pages     = {469--486},
    month     = Aug,
    year      = 2020,
}
Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors
Matteo Busi, Job Noorman, Jo Van Bulck, Letterio Galletta, Pierpaolo Degano, Jan Tobias Mühlberg, Frank Piessens
33rd IEEE Computer Security Foundations Symposium (CSF), 2020.
@inproceedings{busi2020provably,
    title     = {Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors},
    author    = {Busi, Matteo and Noorman, Job and Van Bulck, Jo and Galletta,
                 Letterio and Degano, Pierpaolo and M\"uhlberg, Jan Tobias and
                 Piessens, Frank},
    booktitle = {33rd {IEEE} Computer Security Foundations Symposium {(CSF)}},
    pages     = {262--276},
    month     = Jun,
    year      = 2020
}
Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble
Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens
IEEE Security & Privacy Magazine Special Issue on Hardware-Assisted Security, 2020.
@article{murdock2020plundervoltmagazine,
    title     = {Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble},
    author    = {Murdock, Kit and Oswald, David and Garcia, Flavio D. and Van
                 Bulck, Jo and Gruss, Daniel and Piessens, Frank},
    journal   = {{IEEE} Security \& Privacy Magazine Special Issue on Hardware-Assisted Security},
    year      = 2020,
}
LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yuval Yarom, Berk Sunar, Daniel Gruss, Frank Piessens
41st IEEE Symposium on Security and Privacy (S&P), 2020.
CVE-2020-0551 Intel response
@inproceedings{vanbulck2020lvi,
    title     = {{LVI}: Hijacking Transient Execution through Microarchitectural Load Value Injection},
    author    = {Van Bulck, Jo and Moghimi, Daniel and Schwarz, Michael and
                 Lipp, Moritz and Minkin, Marina and Genkin, Daniel and Yuval,
                 Yarom and Sunar, Berk and Gruss, Daniel and Piessens, Frank},
    booktitle = {41st {IEEE} Symposium on Security and Privacy {(S\&P)}},
    pages     = {54--72},
    month     = May,
    year      = 2020,
}
Plundervolt: Software-Based Fault Injection Attacks Against Intel SGX
Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens
41st IEEE Symposium on Security and Privacy (S&P), 2020.
CVE-2019-11157 Intel response
@inproceedings{murdock2020plundervolt,
    title     = {Plundervolt: Software-Based Fault Injection Attacks Against {Intel SGX}},
    author    = {Murdock, Kit and Oswald, David and Garcia, Flavio D. and Van
                 Bulck, Jo and Gruss, Daniel and Piessens, Frank},
    booktitle = {41st {IEEE} Symposium on Security and Privacy {(S\&P)}},
    pages     = {1466--1482},
    month     = May,
    year      = 2020,
}
2019
A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes
Jo Van Bulck, David Oswald, Eduard Marin, Abdulla Aldoseri, Flavio D. Garcia, Frank Piessens
26th ACM Conference on Computer and Communications Security (CCS), 2019.
CVE-2018-3626, CVE-2019-14565, CVE-2019-0876, CVE-2019-1369, CVE-2019-1370 Intel response
@inproceedings{vanbulck2019tale,
    title     = {A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes},
    author    = {Van Bulck, Jo and Oswald, David and Marin, Eduard and Aldoseri, Abdulla and Garcia, Flavio D. and Piessens, Frank},
    booktitle = {26th {ACM} Conference on Computer and Communications Security {(CCS)}},
    pages     = {1741--1758},
    month     = Nov,
    year      = 2019,
}
ZombieLoad: Cross-Privilege-Boundary Data Sampling
Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, Daniel Gruss
26th ACM Conference on Computer and Communications Security (CCS), 2019.
CVE-2018-12130, CVE-2019-11135, CVE-2020-0549 Intel response
@inproceedings{schwarz2019zombieload,
    title     = {{ZombieLoad}: Cross-Privilege-Boundary Data Sampling},
    author    = {Schwarz, Michael and Lipp, Moritz and Moghimi, Daniel and Van
                 Bulck, Jo and Stecklina, Julian and Prescher, Thomas and
                 Gruss, Daniel},
    booktitle = {26th {ACM} Conference on Computer and Communications Security {(CCS)}},
    pages     = {753--768},
    month     = Nov,
    year      = 2019,
}
Fallout: Leaking Data on Meltdown-Resistant CPUs
Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, Yuval Yarom
26th ACM Conference on Computer and Communications Security (CCS), 2019.
CVE-2018-12126 Intel response
@inproceedings{canella2019fallout,
    title     = {Fallout: Leaking Data on {Meltdown}-Resistant {CPUs}},
    author    = {Canella, Claudio and Genkin, Daniel and Giner, Lukas and
                 Gruss, Daniel and Lipp, Moritz and Minkin, Marina and Moghimi,
                 Daniel and Piessens, Frank and Schwarz, Michael and Sunar,
                 Berk and Van Bulck, Jo and Yarom, Yuval},
    booktitle = {26th {ACM} Conference on Computer and Communications Security {(CCS)}},
    pages     = {769--784},
    year      = 2019,
    month     = Nov,
}
A Systematic Evaluation of Transient Execution Attacks and Defenses
Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, Daniel Gruss
28th USENIX Security Symposium, 2019.
@inproceedings{canella2019systematic,
    title     = {A Systematic Evaluation of Transient Execution Attacks and Defenses},
    author    = {Canella, Claudio and Van Bulck, Jo and Schwarz, Michael and
                 Lipp, Moritz and von Berg, Benjamin and Ortner, Philipp and
                 Piessens, Frank and Evtyushkin, Dmitry and Gruss, Daniel},
    booktitle = {28th {USENIX} Security Symposium},
    pages     = {249--266},
    month     = Aug,
    year      = 2019,
}
Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas Wenisch, Yuval Yarom, Raoul Strackx
IEEE Micro Top Picks from the 2018 Computer Architecture Conferences, 2019.
@article{vanbulck2019breaking,
    title     = {Breaking Virtual Memory Protection and the {SGX} Ecosystem with {Foreshadow}},
    author    = {Van Bulck, Jo and Minkin, Marina and Weisse, Ofir and Genkin,
                 Daniel and Kasikci, Baris and Piessens, Frank and Silberstein,
                 Mark and Wenisch, Thomas F and Yarom, Yuval and Strackx, Raoul},
    journal   = {{IEEE} {Micro} Top Picks from the 2018 Computer Architecture Conferences},
    volume    = 39,
    number    = 3,
    pages     = {66--74},
    year      = 2019,
}
2018
Tutorial: Uncovering and Mitigating Side-Channel Leakage in Intel SGX Enclaves
Jo Van Bulck, Frank Piessens
8th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE), 2018.
@inproceedings{vanbulck2018tutorial,
    title     = {Tutorial: Uncovering and Mitigating Side-Channel Leakage in {Intel SGX} Enclaves},
    author    = {Van Bulck, Jo and Piessens, Frank},
    booktitle = {8th International Conference on Security, Privacy, and Applied Cryptography Engineering {(SPACE)}},
    pages     = {20--24},
    month     = Dec,
    year      = 2018,
}
Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic
Jo Van Bulck, Frank Piessens, Raoul Strackx
25th ACM Conference on Computer and Communications Security (CCS), 2018.
@inproceedings{vanbulck2018nemesis,
    title     = {Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary {CPU} Interrupt Logic},
    author    = {Van Bulck, Jo and Piessens, Frank and Strackx, Raoul},
    booktitle = {25th {ACM} Conference on Computer and Communications Security {(CCS)}},
    pages     = {178--195},
    month     = Oct,
    year      = 2018,
}
Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution
Ofir Weisse, Jo Van Bulck, Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas Wenisch, Yuval Yarom
Technical report, 2018.
CVE-2018-3620, CVE-2018-3646 Intel response
@article{weisse2018foreshadowNG,
    title     = {{Foreshadow-NG}: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution},
    author    = {Weisse, Ofir and Van Bulck, Jo and Minkin, Marina and  Genkin,
                 Daniel and Kasikci, Baris and Piessens, Frank and Silberstein,
                 Mark and Strackx, Raoul and Wenisch, Thomas F. and Yarom,
                 Yuval},
    journal   = {Technical report},
    month     = Aug,
    year      = 2018,
}
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas Wenisch, Yuval Yarom, Raoul Strackx
27th USENIX Security Symposium, 2018.
CVE-2018-3615 Intel response
@inproceedings{vanbulck2018foreshadow,
    title     = {Foreshadow: Extracting the Keys to the {Intel SGX} Kingdom
                 with Transient Out-of-Order Execution},
    author    = {Van Bulck, Jo and Minkin, Marina and Weisse, Ofir and Genkin,
                 Daniel and Kasikci, Baris and Piessens, Frank and Silberstein,
                 Mark and Wenisch, Thomas F. and Yarom, Yuval and Strackx, Raoul},
    booktitle = {27th {USENIX} Security Symposium},
    pages     = {991--1008},
    month     = Aug,
    year      = 2018,
}
Tutorial: Building Distributed Enclave Applications with Sancus and SGX
Jan Tobias Mühlberg, Jo Van Bulck
48th International Conference on Dependable Systems and Networks (DSN), 2018.
@inproceedings{muehlber2018tutorial,
    title     = "Tutorial: Building Distributed Enclave Applications with {Sancus} and {SGX}",
    author    = {M{\"u}hlberg, Jan Tobias and Van Bulck, Jo},
    booktitle = {48th International Conference on Dependable Systems and Networks {(DSN)}},
    month     = Jun,
    year      = 2018,
}
Reflections on Post-Meltdown Trusted Computing: A Case for Open Security Processors
Jan Tobias Mühlberg, Jo Van Bulck
;login: the USENIX magazine vol.43 no.3, 2018.
@article{muelberg2018reflections,
    title     = {Reflections on Post-{Meltdown} Trusted Computing: A Case for Open Security Processors},
    author    = {M{\"u}hlberg, Jan Tobias and Van Bulck, Jo},
    journal   = {{;login: the {USENIX} magazine}},
    volume    = 43,
    number    = 3,
    pages     = {6--9},
    year      = 2018,
}
Off-Limits: Abusing Legacy x86 Memory Segmentation to Spy on Enclaved Execution
Jago Gyselinck, Jo Van Bulck, Frank Piessens, Raoul Strackx
International Symposium on Engineering Secure Software and Systems (ESSoS), 2018.
Artifacts evaluated
@inproceedings{gyselinck2018off,
    title     = {Off-limits: Abusing Legacy x86 Memory Segmentation to Spy on Enclaved Execution},
    author    = {Gyselinck, Jago and Van Bulck, Jo and Piessens, Frank and Strackx, Raoul},
    booktitle = {International Symposium on Engineering Secure Software and Systems {(ESSoS)}},
    pages     = {44--60},
    month     = Jun,
    year      = 2018,
}
2017
VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks
Jo Van Bulck, Jan Tobias Mühlberg, Frank Piessens
33th Annual Computer Security Applications Conference (ACSAC), 2017.
Nominated for ACSAC 2017 distinguished paper award Artifacts evaluated
@inproceedings{vanbulck2017vulcan,
    title     = {{VulCAN}: Efficient Component Authentication and Software Isolation for Automotive Control Networks},
    author    = {Van Bulck, Jo and M{\"u}hlberg, Jan Tobias and Piessens, Frank },
    booktitle = {33rd Annual Computer Security Applications Conference {(ACSAC)}},
    pages     = {225--237},
    month     = Dec,
    year      = 2017,
}
SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control
Jo Van Bulck, Frank Piessens, Raoul Strackx
2nd Workshop on System Software for Trusted Execution (SysTEX), 2017.
SysTEX 2017 best paper award, ACSAC 2023 Cybersecurity Artifacts Competition and Impact Award
@inproceedings{vanbulck2017sgxstep,
    title     = {{SGX-Step}: A Practical Attack Framework for Precise Enclave Execution Control},
    author    = {Van Bulck, Jo and Piessens, Frank and Strackx, Raoul},
    booktitle = {2nd Workshop on System Software for Trusted Execution {(SysTEX)}},
    pages     = {4:1--4:6},
    month     = Oct,
    year      = 2017,
}
Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution
Jo Van Bulck, Nico Weichbrodt, Rüdiger Kapitza, Frank Piessens, Raoul Strackx
26th USENIX Security Symposium, 2017.
CVE-2017-9526 (Patched in Libgcrypt v1.7.7)
@inproceedings{vanbulck2017telling,
    title     = {Telling your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution},
    author    = {Van Bulck, Jo and Weichbrodt, Nico and Kapitza, R\"udiger and Piessens, Frank and Strackx, Raoul},
    booktitle = {26th {USENIX} Security Symposium},
    pages     = {1041--1056},
    month     = Aug,
    year      = 2017,
}
Sancus 2.0: A Low-Cost Security Architecture for IoT Devices
Job Noorman, Jo Van Bulck, Jan Tobias Mühlberg, Frank Piessens, Pieter Maene, Bart Preneel, Ingrid Verbauwhede, Johannes Götzfried, Tilo Müller, Felix Freiling
ACM Transactions on Privacy and Security (TOPS), 2017.
@article{noorman2017sancus,
    title     = {Sancus 2.0: A Low-Cost Security Architecture for {IoT} Devices},
    author    = {Noorman, J. and Van Bulck, J. and M{\"u}hlberg, J. Tobias and
                 Piessens, F. and Maene, P. and Preneel, B. and Verbauwhede, I.
                 and G{\"o}tzfried, J. and M{\"u}ller, T. and Freiling, F.},
    journal   = {{ACM} Transactions on Privacy and Security {(TOPS)}},
    pages     = {1--33},
    volume    = 20,
    number    = 3,
    year      = 2017
}
2016
Implementation of a High Assurance Smart Meter using Protected Module Architectures
Jan Tobias Mühlberg, Sara Cleemput, Mustafa A. Mustafa, Jo Van Bulck, Bart Preneel, Frank Piessens
10th WISTP International Conference on Information Security Theory and Practice (WISTP), 2016.
@inproceedings{muehlber2016implementation,
    title     = {Implementation of a High Assurance Smart Meter using Protected Module Architectures},
    author    = {M{\"u}hlberg, Jan Tobias and Cleemput, Sara and Mustafa, A.
                 Mustafa and Van Bulck, Jo and Preneel, Bart and Piessens,
                 Frank},
    booktitle = {10th {WISTP} International Conference on Information Security Theory and Practice {(WISTP)}},
    pages     = {53--69},
    month     = Aug,
    year      = 2016,
}
Towards Availability and Real-Time Guarantees for Protected Module Architectures
Jo Van Bulck, Job Noorman, Jan Tobias Mühlberg, Frank Piessens
Workshop on Modularity Across the System Stack (MASS), 2016.
@inproceedings{vanbulck2016towards,
    title     = {Towards Availability and Real-Time Guarantees for Protected Module Architectures},
    author    = {Van Bulck, Jo and Noorman, Job and M{\"u}hlberg, Jan Tobias and Piessens, Frank},
    booktitle = {Companion Proceedings of the 15th International Conference on Modularity {(MASS)}},
    pages     = {146--151},
    month     = Mar,
    year      = 2016,
}
2015
Secure Resource Sharing for Embedded Protected Module Architectures
Jo Van Bulck, Job Noorman, Jan Tobias Mühlberg, Frank Piessens
9th WISTP International Conference on Information Security Theory and Practice (WISTP), 2015.
@inproceedings{vanbulck2015secure,
    title     = {Secure Resource Sharing for Embedded Protected Module Architectures},
    author    = {Van Bulck, Jo and Noorman, Job and M{\"u}hlberg, Jan Tobias and Piessens, Frank},
    booktitle = {9th {WISTP} International Conference on Information Security Theory and Practice {(WISTP)}},
    pages     = {71--87},
    month     = Aug,
    year      = 2015,
}
Secure Resource Sharing for Embedded Protected Module Architectures
Jo Van Bulck
Master thesis KU Leuven, 2015.
VASCO thesis award 2015, BELCLIV thesis award 2016
@mastersthesis{vanbulck2015thesis,
    title     = {Secure Resource Sharing for Embedded Protected Module Architectures},
    author    = {Van Bulck, Jo},
    school    = {KU Leuven},
    year      = 2015
}

Talks

2025 Principled Symbolic Validation of Enclaves on Low-End Microcontrollers
Jo Van Bulck
Paper presentation @ 8th Workshop on System Software for Trusted Execution (SysTEX), Venice, Italy, July 4, 2025.
Secure Trusted Software and Hacking
Jo Van Bulck
Guest lecture @ Master Industrial Engineering, Ghent, Belgium, May 21, 2025.
Automatic Discovery of Artifacts in Cybersecurity Literature
Marton Bognar, Arthur Bols, Jo Van Bulck
Poster presentation @ KU Leuven Open Science Day, Leuven, Belgium, May 6, 2025.
Dealing with Reviewer Feedback and Rebuttals?
Jo Van Bulck
Panel discussion @ DRADS DistriNet Workshop, Oostduinkerke, Belgium, March 11, 2025.
Fortress or Facade: Strengthening the Future of Confidential Computing
Jo Van Bulck
Keynote @ DRADS DistriNet Workshop, Oostduinkerke, Belgium, March 10, 2025.
TLBlur: The Art of Obscuring SGX Page Accesses Across Space and Time
Daan Vanoverloop, Jo Van Bulck
Invited Talk @ Intel Tech Talk, Online, March 3, 2025.
Breaking and Securing Memory Isolation in Texas Instruments Microcontrollers
Marton Bognar, Jo Van Bulck
Talk @ RuhrSec IT Security Conference, Bochum, Germany, February 21, 2025.
Trust for Our Time: Confidential Computing in Untrusted Environments
Jo Van Bulck
Inaugural lecture @ KU Leuven, Dept. of Computer Science, Leuven, Belgium, February 14, 2025.
BadRAM: Breaching Processor Security via Rogue Memory Modules
Jo Van Bulck
Invited talk @ Kata containers confidential computing use case meeting, online, January 16, 2025.
2024 Attacks and Defenses for Trusted Execution Environments
Jo Van Bulck
Guest lecture @ KU Leuven Seminar in Cybersecurity, Leuven, Belgium, November 15, 2024.
Attacks and Defenses for Trusted Execution Environments
Jo Van Bulck
Guest lecture @ CMU Advanced Topics in Hardware Security, online, November 14, 2024.
Impact through Beautiful Ideas in Excellent Communication: An interview with Jo Van Bulck
Daniel Shea, Jo Van Bulck
Podcast @ Scholarly Communication, Online, September 25, 2024.
Beyond the Surface: Validation Challenges and Opportunities for Confidential Computing
Jo Van Bulck
Keynote @ 4th Program Analysis and Verification on Trusted Platforms (PAVeTrust) Workshop, Milano, Italy, September, 9, 2024.
Certified Confidential Computing: Principled Symbolic Validation for Enclave Shielding Runtimes
Jo Van Bulck
Invited talk @ Confidential Computing Consortium Technical Advisory Council, Online, August 22, 2024.
Opening and Welcome
Jo Van Bulck, Nuno Santos
Talk @ 7th Workshop on System Software for Trusted Execution (SysTEX 2024), Vienna, Austria, July 8, 2024.
Reflections on Trusting Trusted Execution: The Story of Microarchitectural Attacks and Defenses
Jo Van Bulck
Invited lecture @ COSIC Course on Cryptography and Cyber Security, Leuven, Belgium, July 4, 2024.
Opening Pandora's Box: Uncovering Pervasive Bugs in Intel SGX Runtimes with Truthful Symbolic Execution
Jo Van Bulck
Invited talk @ Intel IPAS Tech Sharing, Online, June 25, 2024.
Pandora: Principled Symbolic Validation of Intel SGX Enclave Runtimes
Jo Van Bulck
Paper presentation @ 45th IEEE Symposium on Security and Privacy (S&P), San Francisco, USA, May 22, 2024.
Open-Source Prototyping for Systems Security Research
Jo Van Bulck, Hans Winderix, Marton Bognar, Lesly-Ann Daniel, Daan Vanoverloop
Poster presentation @ KU Leuven Open Science Day, Leuven, Belgium, May 6, 2024.
On the Interplay between Attacks and New Defenses: The Story of SGX-Step and Transferable Insights for Other Architectures
Jo Van Bulck
Talk @ Huawei - KU Leuven research collaboration workshop, Leuven, Belgium, March 6, 2024.
2023 SGX-Step: An Open-Source Framework for Precise Dissection and Practical Exploitation of Intel SGX Enclaves
Jo Van Bulck
Artifact competition talk @ 40th Annual Computer Security Applications Conference (ACSAC), Austin, USA, December 7, 2023.
Interrupt-Driven Attacks and Defenses for Microarchitectural Security
Jo Van Bulck
Talk @ Dagstuhl Seminar on Microarchitectural Attacks and Defenses (MAD), Schloss Dagstuhl, Leibniz-Zentrum für Informatik, Germany, November 29, 2023.
Chips & Salsa Episode 58: AEX-Notify
Jerry Bryant, Christopher Robinson, Scott Constable, Jo Van Bulck, Xiang Cheng
Podcast @ Intel Technology, Online, September 5, 2023.
AEX-Notify: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for Intel SGX Enclaves
Jo Van Bulck
Paper presentation @ 32nd USENIX Security Symposium, Anaheim, USA, August 10, 2023.
Side-Channel Attacks and Defenses for Trusted Execution Environments
Jo Van Bulck
Invited Talk @ EPFL, Lausanne, Switzerland, May 2, 2023.
Happy Birthday Sancus! – Lessons from 10 Years of Maintaining a Trusted Computing Research Prototype
Jo Van Bulck, Frank Piessens
Keynote @ DRADS DistriNet Workshop, Rendeux, Belgium, March 24, 2023.
Panel Discussion: Hardware Hacking
Lennert Wouters, Jo Van Bulck, Jeroen Baert
Invited panelist @ VTK alumni event, Leuven, Belgium, February 18, 2023.
Devroom Closing and Goodbye
Fritz Alder, Jo Van Bulck, Fabiano Fidencio
Talk @ 4th Confidential Computing Devroom, FOSDEM, Brussels, Belgium, February 5, 2023.
2022 Towards Principled Symbolic Validation for Intel SGX Binaries
Jo Van Bulck
Invited talk @ MSR Confidential Computing seminar, Online, October 5, 2022.
Privileged Side-Channel Attacks on Trusted Execution Environments
Jo Van Bulck
Invited lecture @ 4th Summer School on Security & Correctness, Graz, Austria, September 30, 2022.
Towards ABI Unification for Intel SGX Enclave Shielding Runtimes
Jo Van Bulck
Lightning talk @ SILM'22 Workshop, Genoa, Italy, June 6, 2022.
LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
Jo Van Bulck
Poster presentation @ 43rd IEEE Symposium on Security and Privacy (S&P), San Francisco, USA, May 23, 2022.
Deepen the Defenses: A Case for Microarchitectural Isolation
Jo Van Bulck
Invited talk @ Cybersec Europe, FutureLab Stage, Brussels, Belgium, May 11, 2022.
The Hitchhiker's Guide to Subverting Intel SGX Enclaves
Jo Van Bulck
Invited Talk @ Intel Project Circuit Breaker SGX Bootcamp, Online, March 27, 2022.
A Case for Unified ABI Shielding in Intel SGX Runtimes
Jo Van Bulck
Paper presentation @ 5th Workshop on System Software for Trusted Execution (SysTEX), Lausanne, Switzerland, March 1, 2022.
You're Gonna Need A Bigger Boat: Lessons from Capsizing SGX Enclave Programs
Jo Van Bulck
Invited Talk @ BINSEC seminar, Université Paris-Saclay, Online, February 10, 2022.
Process-Based Abstractions for VM-Based Environments
Vasily Sartakov, Jo Van Bulck, Mike Bursell, Jethro G. Beekman, Hugo Lefeuvre, Marta Rybczynska
Panel discussion @ FOSDEM, Online, February 5, 2022.
Opening 3th Hardware-Aided Trusted Computing Devroom: Welcome, Overview, Lineup
Jo Van Bulck, Fritz Alder, Vasily Sartakov
Talk @ FOSDEM, Online, February 5, 2022.
2021 Review & Perspective: Microarchitectural Side-Channel Attacks for Privileged Software Adversaries
Jo Van Bulck
Talk @ Cybersecurity Initiative Flanders (CIF) Review, Leuven, October 28, 2021.
Microarchitectural Side-Channel Attacks for Privileged Software Adversaries
Jo Van Bulck
FWO/IBM Innovation Award Talk @ IBM Belgium, Brussels, October 14, 2021.
Microarchitectural Side-Channel Attacks for Privileged Software Adversaries
Jo Van Bulck
STM PhD Award Talk @ 17th International Workshop on Security and Trust Management (STM), Online, October 8, 2021.
Opening 2nd Hardware-Aided Trusted Computing Devroom: Welcome, Overview, Lineup
Jo Van Bulck
Talk @ FOSDEM, Online, February 6, 2021.
2020 Ramming Enclave Gates: A Systematic Vulnerability Assessment of TEE Shielding Runtimes
Jo Van Bulck, Fritz Alder, David Oswald
Talk @ Remote Chaos Experience (RC3), Online, December 31, 2020.
Microarchitectural Inception
Jo Van Bulck, Michael Schwarz, Daniel Gruss, Moritz Lipp
Talk @ Remote Chaos Experience (RC3), Online, December 27, 2020.
LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
Jo Van Bulck
Finalist @ CSAW'20 Applied Research Competition, Online, November 6, 2020.
Microarchitectural Side-Channel Attacks for Untrusted Operating Systems
Jo Van Bulck
Invited Talk @ LSDS seminar, Imperial College London, Online, October 29, 2020.
Microarchitectural Side-Channel Attacks for Privileged Software Adversaries
Jo Van Bulck
PhD defense @ KU Leuven, Leuven, Belgium, September 14, 2020.
The Tale Continues: Pitfalls and Best Practices for SGX Shielding Runtimes
Jo Van Bulck, Fritz Alder
Talk @ 2nd Intel SGX Community Workshop, Online, July 14, 2020.
Podcast: Intel SGX
Julian Stecklina, Florian Pester, Jo Van Bulck
Podcast @ Syslog.show, Online, June 23, 2020.
LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection
Jo Van Bulck
Paper presentation @ 41st IEEE Symposium on Security and Privacy (S&P), Online, May 18, 2020.
LVI: Hijacking Transient Execution with Load Value Injection
Daniel Gruss, Daniel Moghimi, Jo Van Bulck
Talk @ Hardwear.io Virtual Con, Online, April 30, 2020.
Podcast: Load Value Injection
Dennis Fisher, Jo Van Bulck
Podcast @ Decipher Security, Online, March 17, 2020.
Privileged Side-Channel Attacks for Enclave Software Adversaries
Jo Van Bulck
Invited Talk @ University of Birmingham Seminar, Birmingham, UK, February 20, 2020.
Microarchitectural Side-Channel Attacks for Privileged Software Adversaries
Jo Van Bulck
Talk @ DistriNet Reunion, Leuven, Belgium, February 5, 2020.
A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes
Jo Van Bulck
Talk @ FOSDEM, Brussels, Belgium, February 1, 2020.
Leaky Processors: Lessons from Spectre, Meltdown, and Foreshadow
Jo Van Bulck, Daniel Gruss
Talk @ Red Hat Research Day, Brno, Czech Republic, January 23, 2020.
2019 A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes
Jo Van Bulck, David Oswald
Paper presentation @ 26th ACM Conference on Computer and Communications Security (CCS), London, UK, November 14, 2019.
Microarchitectural Side-Channel Attacks for Privileged Adversaries
Jo Van Bulck
Invited lecture @ COSIC Hardware Security Course, Leuven, Belgium, October 21, 2019.
Leaky Processors: Lessons from Spectre, Meltdown, and Foreshadow
Jo Van Bulck
Invited Talk @ KU Leuven Alumni Forum, Leuven, Belgium, October 15, 2019.
Cards Against Confusion
Claudio Canella, Jo Van Bulck, Daniel Gruss
Talk @ SHARD Workshop, Leiden, Netherlands, September 23, 2019.
Podcast: ZombieLoad
Maarten Hendrikx, Toon van de Putte, Steven Op de beeck, Ruurd Sanders, Jo Van Bulck
Podcast @ Tech45, Online, June 22, 2019.
A Christmas Carol: The Spectres of the Past, Present, and Future
Daniel Gruss, Moritz Lipp, Michael Schwarz, Claudio Canella, Jo Van Bulck
Talk @ Grazer Linuxtage, Graz, Austria, April 26, 2019.
2018 Tutorial: Uncovering and Mitigating Side-Channel Leakage in Intel SGX Enclaves
Jo Van Bulck
Invited Tutorial @ 8th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE), Kanpur, India, December 15, 2018.
Leaky Processors: Stealing Your Secrets With Foreshadow
Jo Van Bulck
Invited Talk @ OWASP BeNeLux-Days, Mechelen, Belgium, November 30, 2018.
Leaky Processors and the RISE of Hardware-Based Trusted Computing
Jo Van Bulck
Keynote @ RISE Annual Conference, London, UK, November 14, 2018.
Transient Execution Attacks: Lessons from Spectre, Meltdown, and Foreshadow
Jo Van Bulck
Invited Talk @ 20st ISSE Conference, Brussels, Belgium, November 6, 2018.
Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic
Jo Van Bulck
Paper presentation @ 25th ACM Conference on Computer and Communications Security (CCS), Toronto, Canada, October 16, 2018.
Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution
Jo Van Bulck, Ofir Weisse
Paper presentation @ 27th USENIX Security Symposium, Baltimore, USA, August 16, 2018, 2018.
Tutorial: Building Distributed Enclave Applications with Sancus and SGX
Jan Tobias Mühlberg, Jo Van Bulck
Tutorial @ 48th International Conference on Dependable Systems and Networks (DSN), Luxembourg City, Luxembourg, June 25, 2018.
Secure Automotive Computing with Sancus
Jan Tobias Mühlberg, Jo Van Bulck
Demo booth @ Imec Technology Forum 2018, Antwerp, Belgium, May 23-24, 2018.
Hardware-Based Trusted Computing Architectures From an Attack and Defense Perspective
Jo Van Bulck
Talk @ Newline 0x08, Ghent, Belgium, April 14, 2018.
2017 SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control
Jo Van Bulck
Paper presentation @ 2nd Workshop on System Software for Trusted Execution (SysTEX), Shanghai, China, October 28, 2017.
Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution
Jo Van Bulck
Invited Talk @ Intel Tech Talk, Online, September 28, 2017.
Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution
Jo Van Bulck
Paper presentation @ 26th USENIX Security Symposium, Vancouver, Canada, August 18, 2017.
Beyond Controlled-Channel Attacks: Information Leakage from Elementary CPU Behavior
Jo Van Bulck
Invited Talk @ Distributed Trust Workshop on Data Protection and Privacy, Leuven, Belgium, June 20, 2017.
Secure Automotive Computing with Sancus
Jan Tobias Mühlberg, Jo Van Bulck
Demo booth @ Imec Technology Forum 2017, Antwerp, Belgium, May 16-17, 2017.
Interrupt Latency Timing Attacks Against Enclave Programs
Jo Van Bulck
Talk @ DRADS DistriNet Workshop, Leuven, Belgium, April 28, 2017.
Secure Resource Sharing for Embedded Protected Module Architectures
Jo Van Bulck
BELCLIV Award Lecture, Brussels, Belgium, April 21, 2017.
2016 Towards Availability and Real-Time Guarantees for Protected Module Architectures
Jo Van Bulck
Paper presentation @ Workshop on Modularity Across the System Stack (MASS), Malaga, Spain, March 14, 2016.
2015 Secure Resource Sharing for Embedded Protected Module Architectures
Jo Van Bulck
Paper presentation @ 9th WISTP International Conference on Information Security Theory and Practice (WISTP), Heraklion, Crete, Greece, August 24, 2015.

Awards and Recognitions

2025 Distinguished Paper Award
USENIX Security 2025, August 13, 2025.
Distinguished Reviewer Award
USENIX Security 2025, August 13, 2025.
Best Paper with Artifacts Award
SysTEX 2025, July 4, 2025.
Distinguished Paper Award
EuroS&P 2025, July 1, 2025.
2023 Cybersecurity Artifacts Competition and Impact Award
ACSAC 2023, December 7, 2023.
Top Reviewer Award
ACM CCS 2023, November 26, 2023.
2022 Best Reviewer Award
ACM CCS 2022, November 7, 2022.
2021 ACM SIGSAC Doctoral Dissertation Award
for "Outstanding PhD Thesis in Computer and Information Security",
November 18, 2021.
"The committee was unanimous in recognizing the outstanding contributions made by Jo Van Bulck's dissertation in understanding the limitations in the security guarantees provided by current hardware-assisted isolated execution environments. The work described in the dissertation showed a wide variety of attacks against processor architectures ranging from low-end microprocessors with enclave support to widely deployed processor extensions like Intel SGX. The work has already had a significant impact both in academia as well as in industry, and has been widely recognized. It is no exaggeration to say that Dr. Van Bulck has contributed to launching a new research subfield in systems security."
FWO/IBM Innovation Award 2021
for "an outstanding PhD thesis that presents an original contribution to informatics or its applications",
November 16, 2021.
ERCIM WG STM Best Ph.D. Thesis Award
for "Best Ph.D. Thesis on Security and Trust Management",
October 8, 2021.
Postdoctoral Fellowship Junior
Research Foundation - Flanders (FWO), October 1, 2021.
2020 Distinguished Paper with Artifacts Award
ACSAC 2020, December 9, 2020.
Applied Research Competition Finalist
CSAW Europe, November 6, 2020.
Summa cum laude with the congratulations of the Examination Board
for PhD thesis "of the highest international scientific level" (at most 5% of doctorates),
September 14, 2020.
2019 Top Picks from the 2018 Computer Architecture Conferences
IEEE Micro, April 5, 2019.
2018 Applied Research Competition First Place
CSAW, November 11, 2018.
2017 Nominated for Distinguished Paper Award
ACSAC 2017, December 6, 2017.
Best Paper Award
SysTEX 2017, October 28, 2017.
BELCLIV 2016 Master Thesis Award
for "de beste masterthesis die een originele bijdrage levert tot de beveiliging van informatiesystemen",
April 21, 2017.
2016 PhD Fellowship Fundamental Research
Research Foundation - Flanders (FWO), October 1, 2016.
2015 Vasco Data Security 2014-2015 Master Thesis Award
for "een uitmuntende bijdrage aan de technologie voor authentisering van gebruikers of technologie voor informatiebeveiliging in het algemeen",
July 3, 2015.

Academic Service

  • Program Co-Chair: SysTEX (2024), FOSDEM Open-Source Confidential Computing Devroom (2025, 2024, 2023, 2022, 2021, 2020).
  • Technical Program Committee: USENIX Security (2026, 2025, 2024), ACM CCS (2023, 2022), DIMVA (2023, 2022), IEEE SEED (2024), SysTEX (2025, 2023, 2022), uASC (2025), PAVeTrust (2024, 2023, 2022, 2021).
  • Journal Reviewer: Computers & Security (2022, 2021), ACM Computing Surveys (2020), IEEE Transactions on Dependable and Secure Computing (2020), IEEE Access (2019).
  • Subreviewer: IEEE S&P (2023, 2021, 2020, 2019, 2017), ACM CCS (2019, 2018), USENIX Security (2017), ESORICS (2017), POST (2017), SysTEX (2017).
  • Artifact Evaluation: SysTEX 2025 (Artifact Evaluation Chair).

Teaching

  • Lecturer: Operating Systems 2025-2024-2023 (co-taught with Frank Piessens).
  • Guest Lectures: KUL Ghent Course on Secure Software and Hacking (2025), Carnegie Mellon University Advanced Topics in Hardware Security (2024), KUL Seminar in Cybersecurity (2024), COSIC Course on Cryptography and Cyber Security (2024), Graz Summer School (2022), KUL Operating Systems (2022, 2021), COSIC Hardware Security Course (2019), KUL Computer Architecture and System Software (2018).
  • Tutorials: SPACE 2018, DSN 2018.
  • Teaching Assistant: Operating Systems (2023-2021), Computer Architecture and System Software (2020-2018), Structuur en Organisatie van Systeemsoftware (2017-2015), Informatica Werktuigen (2018-2015), Data Structures and Algorithms (2018-2016).
  • PhD Students:
    • 2025 - current: Antonis Louka.
    • 2020 - 2025: Márton BognárSecurity Arms Race at the Hardware-Software Boundary, KU Leuven.
    • 2019 - 2023: Fritz AlderInterface Sanitization and Real-Time Scheduling for Enclaved Execution, KU Leuven.
  • Master Thesis Supervision:
    • 2025: Dries Vanspauwen, Pieter-Jan Sterkens, Jan Brosens, Arne Putzeys, Ruben Van Dijck, Kobe Sauwen.
    • 2024: Gert-Jan Goossens, Zidan Bortels.
    • 2023: Cas Magnus, Wim Decelle, Martijn Dendooven.
    • 2022: Jolan Hofmans, Wouter Jochems.
    • 2021: Florent Nander Meijer, Jonas De Roover, Benjamin De Roeck.
    • 2020: Márton Bognár, Stien Vanderhallen.
    • 2019: Thomas De Backer, Sven Cuyt, Sergio Seminara.
    • 2018: Sten Verbois, Jago Gyselinck.
    • 2017: Alexandru Madalin Ghenea.
  • Bachelor Honours Students:
    • 2025: Victor Bullynck.
    • 2024: Jip Helsen.
    • 2017: Michiel Van Beirendonck.

Selected Open-Source Contributions

Maintainer SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control
Founder, maintainer, and core developer.
Bare-SGX: Minimal SGX Enclave Development on Bare-Metal Linux Platforms
Founder, maintainer, and core developer.
Pandora: Principled Symbolic Validation of Intel SGX Enclave Runtimes
Founder, maintainer, and co-developer.
Sancus: A Lightweight Trusted Execution Environment for Secure IoT Devices
Maintainer and co-developer.
Contributor Intel SGX SDK
Contributed to AEX-Notify runtime; various low-level security fixes.
Microsoft Open Enclave
Contributed various low-level security fixes.
Linux kernel
Contributed various security and reliability fixes in the SGX selftest framework.

Vulnerability Disclosures

CPU μ-arch CVE-2024-21944 – Undermining Integrity Features of AMD SEV-SNP with Memory Aliasing.
TI-PSIRT-2023-040180 – MSP430 IP Encapsulation Write Vulnerability.
CVE-2020-0551 – Load Value Injection (LVI).
CVE-2019-11157 – Sofware-based voltage fault injection.
CVE-2020-0549 – L1D Eviction Sampling.
CVE-2019-11135 – TSX Asynchronous Abort (TAA).
CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling (MFBDS).
CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling (MSBDS).
CVE-2018-3615 – L1 Terminal Fault (L1TF).
Intel SGX runtimes CVE-2024-34776 – Memory-safety vulnerabilities in AEX-Notify runtime.
CVE-2023-42776 – Interface sanitization vulnerabilities in Intel SGX DCAP Platform Launch Enclave for Windows.
CVE-2023-37479 – Side-channel leakage via ABI poisoning in Microsoft Open Enclave SDK.
CVE-2023-38022 – Side-channel leakage via insufficient pointer validation in Fortanix EnclaveOS trusted runtime.
CVE-2023-38021 – AEPIC leak via unaligned pointer accesses in Fortanix EnclaveOS trusted runtime.
CVE-2023-38023 – AEPIC leak via unaligned pointer accesses in SCONE trusted runtime.
CVE-2022-46487 – Floating-point corruption via ABI poisoning in SCONE trusted runtime.
CVE-2022-46486 – Memory corruption via pointer poisoning in SCONE trusted runtime.
CVE-2022-26509 – Insufficient pointer validation in Protected Code Loader (PCL) in Intel SGX SDK.
CVE-2021-44421 – Side-channel leakage via insufficient pointer validation in Occlum trusted runtime.
CVE-2020-0561 – Floating-point corruption via ABI poisoning in Intel SGX SDK.
CVE-2020-15107 – Floating-point corruption via ABI poisoning in Microsoft Open Enclave SDK.
CVE-2019-14565 – Memory corruption via ABI poisoning in Intel SGX SDK.
CVE-2019-0876 – Memory corruption in Microsoft Open Enclave SDK.
CVE-2019-1369 – Heap memory disclosure in Microsoft Open Enclave SDK.
CVE-2019-1370 – Memory corruption via ABI poisoning in Microsoft Open Enclave SDK.
CVE-2018-3626 – Side-channel leakage via insufficient pointer validation in Intel SGX SDK edger8r tool.
Cryptographic side channels CVE-2017-9526 – Secret-dependent control flow in Libgcrypt EdDSA signing.