Conference and Journal Publications

• Survivable Key Compromise in Software Update Systems: Presented at the 17th ACM Conference on Computer and Communications Security (CCS’10) in Chicago, Illinois, in 2010. This paper introduced the TUF design concept on which Uptane is based.

• Mercury: Bandwidth-Effective Prevention of Rollback Attacks Against Community Repositories Presented at the 2017 USENIX Annual Technical Conference (USENIX 2017) in Santa Clara, CA 2017. This paper describes enhancements to TUF that reduce bandwidth used.

• Diplomat: Using Delegations to Protect Community Repositories Presented at the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI ‘16) in Santa Clara, CA 2016. This paper describes security enhancements to TUF that enable it to work with community repositories like PyPI or RebyGEMS.

• Uptane: Securing Software Updates for Automobiles: Presented at the 14th Embedded Security in Cars conference in Munich, Germany, in 2016. The escar presentation was the first public acknowledgement of the Uptane framework.

• Securing Software Updates for Automotives Using Uptane: Article that appeared in the Summer 2017 issue of ;login magazine, a USENIX publication.

• Uptane: Security and Customizability of Software Updates for Vehicles: Article that appeared in the March 2018 issue of IEEE Vehicular Technology Magazine.