ASSET Research Group: Home

The ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design does focused research to enhance the safety, security and efficiency of Hardware/Software Systems.

We are always looking for researchers at all levels (Bachelor, Masters, PhD) to enrich the scientific activities in the group. For Post-doc positions, take a look at the individual research projects for opening. If you wish to join our group, contact Sudipta Chattopadhyay email: sudipta_chattopadhyay@sutd.edu.sg directly with your CV.

News

September 03, 2019

NEW: Detailed descriptions of the CVEs discovered through our work on over-the-air fuzzing released now. Please check them out here (News coverage): CVE-2019-12586, CVE-2019-12587 and CVE-2019-12588. Follow the discussions at Hacker News or HackaDay and use the proof-of-concept code from here to have fun.
Quoting a user from Hacker News: "It [ESP8266] is a Wi-Fi enabled microcontroller locally designed and produced in china with a "100 million units sold" target. It is widely used by the makers community and by many new "smart" products. I would say that this has a really large scale impact and a lot of people will need to update the firmware".

Get back to us if you have further queries.
August 09, 2019

NEW: Several post-doctoral positions open in all software security projects. Background in any of the following areas are welcome to apply: Software Security, Software Verification and Testing, Embedded Systems, Machine Learning, Formal Methods, Wireless Network. Take a look at our projects and publications for details and contact me directly with your CV if interested.
NEW: One research assistant position (Bachelor or Masters degree holder) is open for the IoT Wireless Security project. Candidates with interest in any of the areas are welcome to apply: Networking, Systems Security and Software Engineering. Strong programming skills are expected. Contact me directly with your CV.
NEW: We are looking for two PhD students to work on Safety and Security for Artificial Intelligence and Machine Learning. The student must hold a Singapore Citizenship or Permanent Residency. The position offers attractive scholarship and a collaboration with Industry Partner OneConnect Financial.
For details about the scholarship and the offer, interested candidates can email Sudipta Chattopadhyay with your résumé with the subject "PhD AI/ML Security position".

We look forward to your applications!!
July 30, 2019

Our work on over-the-air fuzzing is tested today on a real car: Toyota Altis 2016 version and automatically discovered KRACK together with other anomalous behaviour in the Wi-Fi implementation. If you are using the same car, then you MUST update the firmware (if you haven't done so already).

Great work Matheus!!
July 27, 2019

Yee Ching is awarded a bug bounty of 200USD by Crypto.com for finding vulnerabilities in Crypto.com’s payments and cryptocurrency platform (undisclosed for confidentiality).

Congratulations Yee Ching!!
June 03, 2019

Three CVEs assigned for finding critical security vulnerabilities in popular wireless devices (currently undisclosed for confidentiality) through our work on over-the-air fuzzing. CVE-2019-12586, CVE-2019-12587 and CVE-2019-12588 . We also win a bug bounty (USD 2200) for discovering the security vulnerabilities.

Congratulations Matheus!!