Security Lab (SEC)

Convenience, cost reductions, and ubiquitous connectivity provided by new networks and services come with new problems. Reliable information and communication services require reliable software and hardware. At the same time, new methods for infecting systems with various types of malware are growing in sophistication and require minimal barriers to entry for attackers. We can say that we pay a price for technological innovation by creating new security concerns as new attacks surfaces are introduced. The threats increase as the systems become more distributed and as devices and networks with varying levels of security protections frequently participate in the same processes. Widespread usage of common software and hardware platforms considerably simplifies the spread of malware. Frequent updates and change of software and system states can also be exploited. Hence, there is an urgent need to address these security concerns and we see increased global secure computing research efforts.

RISE SICS addresses many of these security issues at the Security Lab. 

The Security Lab within RISE SICS is the largest research group in Sweden for Cybersecurity and consist of 13 dedicated members. Our core areas of expertise are:

IoT Security, Cloud Security, Software Security, Cryptography, Standardization, Privacy (technical and social aspects), and Secure virtualization and isolation technologies.

The Security Lab is the European leader in especially IoT security and has a portfolio of 15 ongoing security research projects, funded by the European Union Frame Programs; Sweden's innovation agency (VINNOVA); EU ARTEMIS, Eurostars, Celtic-Plus, ECSEL; EIT Digital; Swedish Foundation for Strategic Research (SSF); Swedish Research Council (Vetenskaps Rådet); and Swedish industry.


IoT security

RISE SICS is at the forefront of IoT security in Europe. We work primarily on resource-constrained IoT, looking into aspects such as access control, lightweight security protocols, intrusion detection, management and distribution of cryptographic keys, Denial of Service attacks, and interconnection of IoT and cloud infrastructures. Together with Ericsson, RISE SICS is leading the IoT security standardization work at the IETF. Our research on IoT security is funded by Ericsson and by the following ongoing Swedish and EU projects.

Projects: Eurostars SecureIoT; EIT-Digital HII ACTIVE; Celtic-Plus CyberWI; VINNOVA SIP-IoT CEBOT; H2020 NobelGrid; FP7 SEGRID, and ECSEL SECREDAS

5G security

SICS is active in shaping the security of the next generation of mobile telecommunication. Besides contributing to definition of security use cases and security architecture for 5G networks, SICS conducts research on platform security and trust establishment for Software Defined Network infrastructure, as well as on novel authentication, authorization, and accounting protocols.
Projects: H2020 5G-ENSURE

 Cloud security

SICS has several years of experience in various aspects of cloud security -  based both on its experience in separation, isolation and trust on computation platforms, as well as on its growing expertise in data protection and secure storage. Earlier researcher conducted by SICS in this area in collaboration with Ericsson Research has produced several patented technologies. Currently, SICS’ research focus within cloud security focuses on searchable encryption (PaaSWord) and resource brokerage in federated cloud deployments (COLA).
Projects:  H2020 PaaSword, H2020 COLA

 Software security / virtualization

RISE SICS has several years of experience with high assurance separation/isolation and trust on computation platforms, especially through virtualization, trusted computing, and SGX. Besides our related efforts already described for the cloud area, we have a strong background in secure virtualization on embedded systems. In particular, RISE SICS developed its own open-source hypervisor for ARM. We also are involved in the formal verification of that hypervisor and supported the preparation for a potential Common Criteria certification of related products. RISE SICS also holds a patent on a System-on-Chip extension for secure on-demand virtualization.


Blockchain is one of the priority topics for us. We have a couple of submitted proposals around different aspects of Blockchain. We are mostly interested in permissioned Blockchain. We are interested in the Blockchain and IoT, lightweight crypto, open source lightweight APIs for Blockchain, and novel applications of the blockchain technology. Currently, the Blockchain research is funded by a RISE SICS internal project.
Projects: VR/KTH ICT TNG, RISE Cybersecurity KP 


Privacy is increasingly important in a data driven society. Protecting privacy is not about the absence of surveillance, but rather an understanding of the context in which information is shared and used. RISE SICS works with identifying mechanisms for increasing trust for processing of personal data, mechanisms for creating internal awareness for how data is used, and getting companies to play a more proactive role in taking a responsibility for data collection.
Projects: Engaging Privacy w. Microsoft, Telia, IIS and Samsung.


The Security Lab is distributed between two locations: one part of the group sits in the main office in Kista, while the other part are pioneers in our relatively new SICS offices in Lund. New Director of the Security Lab is Shahid Raza.


Tobias Andersson
Researcher/SW developer at Security Labs
+46 72 728 26 27
tobias.andersson [at]

Rolf Blom
PhD, Senior Researcher
+46 70 325 19 06
rolf.blom [at]

Thomas Carnehult
Deputy Lab Manager
thomas.carnehult [at]

Jacob Dexe
+46 70 783 23 20
jacob.dexe [at]

Martin Gunnarsson
Research Engineer
+46 768 110 01
martin.gunnarsson [at]

Rikard Höglund
+46 70 286 42 86
rikard.hoglund [at]

Nicolae Paladi
Senior Researcher, PhD
+46 72 528 44 41
nicolae.paladi [at]

Shahid Raza
PhD, Director Security Lab, Expert Researcher
+46 76 883 17 97
shahid.raza [at]

Kiki Rizki
+46 72 947 93 31
kiki.rizki [at]

Ludwig Seitz
PhD, Senior Researcher
+46 70 349 92 51
ludwig.seitz [at]

Marco Tiloca
Ph.D., Senior Researcher
+46 70 604 65 01
marco.tiloca [at]

Arash Vahidi
PhD, Senior Researcher
+46 70 773 15 45
arash.vahidi [at]


Completed projects



In media

The Security Lab at SICS aims at publishing a growing share of our assets as open source. Here you find a list of available software produced in our lab:

  • AssertionServer: The AssertionServer is an open source library providing lightweight identity management functions based on the SAML standard.
  • SICS Thin Hypervisor: The SICS thin hypervisor (STH) is a small hypervisor for embedded systems running on ARMv7. The open source version of the STH is capable of executing Linux on a number of popular development platforms.
  • ARMv7 security proofs in HOL4: As part of the PROSPER project, we have formally verified the security of the ARMv7 instruction set architecture during user mode execution. This work builds upon the Cambridge HOL4 model of ARM. By now, our proofs have become part of the current official HOL4 release. The link points to the corresponding GIT repository.
Security in the Internet of Things

Security in the Internet of Things

The SEC lab works with security in the Internet of Things (IoT) with the goal of providing security services as enablers for other applications for IoT. This work is conducted in close cooperation with Ericsson Security Research.

We are contributing to ongoing standardization efforts at the Internet Engineering Task force (IETF), specifically in the working groups ACE, COSE and CoRE.

In ACE we are editors of  RFC 7744 that describes uses cases for authentication and authorization for constrained environments. Furthermore we have submitted drafts on access control and on object security.

This research area includes the following projects:

Master's Thesis Projects

Please find our Master's Thesis offers on the main page of SICS.