About
I am a Ph.D. candidate at TU Berlin, Security in Telecommunications (SecT) with Prof. Jean-Pierre Seifert. My research interests mainly lie in Platform Security and Confidential Computing.
In the past, I published research about AMD's Secure Encrypted Virtualization (SEV) at the ACM CCS and presented a jailbreak of Tesla's infotainment system at BlackHat. I am also the maintainer of PSPTool.
Before returning to campus to pursue my Ph.D., I worked for two years as a security consultant at Security Research Labs.
I hold a Master of Science in "IT Systems Engineering" from Hasso Plattner Institute, Potsdam. During my studies, I gained experience as an Embedded Systems Developer and Security Engineer in two IoT startups.
Publications
| 2023 | faulTPM - Exposing AMD fTPM's Deepest Secrets Hans Niklas Jacob, Christian Werling, Robert Buhren, Jean-Pierre Seifert 8th IEEE European Symposium on Security and Privacy (EuroS&P), 2023. |
| 2022 | EM-Fault It Yourself: Building a Replicable EMFI Setup for Desktop and Server Hardware Niclas Kühnapfel, Robert Buhren, Hans Niklas Jacob, Thilo Krachenfels, Christian Werling, Jean-Pierre Seifert IEEE Physical Assurance and Inspection of Electronics (PAINE), 2022. |
| 2019 | Insecure Until Proven Updated: Analyzing AMD SEV's Remote Attestation Robert Buhren, Christian Werling, Jean-Pierre Seifert ACM SIGSAC Conference on Computer and Communications Security (CCS), 2023. |
Talks
| 2023 | Back in the Driver's Seat: Recovering Critical Data from Tesla Autopilot Using Voltage Glitching Christian Werling, Niclas Kühnapfel, Hans Niklas Jacob, and Oleg Drokin 37th Chaos Communication Congress, Hamburg (37C3) |
|
Jailbreaking an Electric Vehicle in 2023 or What It Means to Hotwire Tesla's x86-Based Seat Heater Christian Werling, Niclas Kühnapfel, Hans Niklas Jacob, and Oleg Drokin BlackHat USA 2023, Las Vegas | |
| 2019 |
Uncover, Understand, Own - Regaining Control Over Your AMD CPU Robert Buhren, Alexander Eichner and Christian Werling 36th Chaos Communication Congress, Leipzig (36C3) |
|
Dissecting the AMD Platform Security Processor Christian Werling and Robert Buhren Chaos Communication Camp 2019 |
Theses
If you are eager to write your Bachelor's or Master's thesis in Embedded Systems Security, Platform Security, or Confidential Computing, don't hesitate to contact me. Down below, you can find previous theses that I supervised.
| 2024 | Konzeption und Umsetzung einer API zur Gewährleistung der Sicherheit bei der Speicherung sensibler Daten mittels LUKS-Containern |
| AMD Root of Trust Management: Reverse-Engineering Tesla's PSP Client | |
| 2023 | Emulation-Based Fuzzing of UEFI Firmware: Exploring the Attack Vector of Removable Media to Compromise Boot Integrity |
| Investigating the Effectiveness of Sandboxing as a Technique for Securing Video Game Console Emulators | |
| Subverting Measured Boot by Compromising Static Root of Trust Measurements on x86 Firmware | |
| QEMU-PSP: Generalizing a Unicorn-based emulator for the AMD Secure Processor by porting it to QEMU | |
| Fuzzing the AMD SP's ROM bootloader with LibAFL using QEMU full-system emulation | |
| 2022 | A Practical Analysis of UEFI Threats Against Windows 11 |
| FCAT: Design and Implementation of a Firmware Collection and Analysis Tool |