Hoppa till huvudinnehållet

Robert Lagerström

Profilbild av Robert Lagerström

UNIVERSITETSLEKTOR

Detaljer

Adress
TEKNIKRINGEN 33

Om mig

Illustration of Robert Lagerström as a kid, by Emily Ryan for the children's book "Forskardrömmar - Berättelser för nyfikna barn". Order here:
Fri Tanke, Bokus, Adlibris

Background

Robert Lagerström is Associate Professor in Software Systems Architecture and Security, Computer Science at KTH Royal Institute of Technology.

He received his Docent title in Industrial Information Systems in 2014, his PhD degree in Electrical Engineering in 2010, and his MSc degree in Computer Science in 2005. His topic of research as a PhD-student was software applications modifiability. In 2010/2011 Robert was an Industrial Post-Doc at ABB Corporate Research where he focused on improving the software system architecture and the software change and configuration management process at a business unit of ABB. During 2013 Robert worked at Harvard Business School in Boston as a research associate and in 2016 as a visiting scholar, on the project Software Systems Architecture Complexity and Security. Robert is responsible for the courses Security Analysis of Large-Scale Computer Systems and Cyber Security Analysis. As well as several PhD student courses incl. Conducting Systematic Literature Reviews in Systems Engineering and Advanced Enterprise Modeling: Holistic Systems & Software Modeling. In addition to that he supervises PhD students and bachelor/master thesis projects. Robert has written more than a hundred peer-reviewed publications in the fields of cyber security, threat modeling, software application architecture, enterprise IT architecture, modifiability, and IT management. He is also the co-founder of several open-source software incl. the Meta Attack Language (MAL) and pwnPr3d.

Robert is one of the founders and board members of the KTH spin-off company foreseeti AB, where he also works as an expert. securiCAD is the foreseeti flagship product focusing on cyber security threat modeling and proactive risk management. The tool helps companies: 1) Understand current cyber security levels across complex enterprise-wide architectures. 2) Prioritize areas to address and cyber security investments to pursue. 3) Proactively manage cyber security e.g. when building or modifying architectures.

Since 2016 is Robert a member of the Young Academy of Sweden, a transdisciplinary academy for a selection of the most prominent, younger researchers in Sweden. Its operations rest firmly on three pillars: transdisciplinarity, science policy and outreach. The Academy is an independent platform that provides younger researchers with a strong voice in the science policy debate and that promotes science and research to young adults and children. The Young Academy of Sweden was formed at the initiative of the Royal Swedish Academy of Sciences and has about 35 members.

Resume

A two page version of Robert's resume can be found here.

Ph.D. Students

Present

Viktor Engström (Supervisor)
Fredrik Heiding (Supervisor)
Wenjun Xiong (Supervisor)
Nikolaos Kakouros (Supervisor)

Graduated

Margus Välja (Supervisor)
Nicholas Honeth (Assistant Supervisor)
Liv Gingnell (Assistant Supervisor)
Hannes Holm (Assistant Supervisor)

Research Interests

Robert's main research interests are Secure Enterprise Architecture, Software Systems Complexity & Security, Threat Modeling & Attack Simulations, and Software Architecture. Robert's work is funded by (among others); H2020the Swedish Armed ForcesInnoEnergy, STandUP, Vinnova, and the Swedish Energy Agency.

Media

Our new children's book "Forskardrömmar - Berättelser för nyfikna barn" in the news:
Swedish Radio P4 Stockholm, Tidning Curie, Bärgslagsbladet, KTH News, Stockholm University News, Young Academy of Sweden, Life Science Sweden, Linköping University, Göteborg University, Uppsala Tidningen, GIH, Uppsala University, Expressen MamaSchizofreniförbundet, Nya Lidköpings-Tidningen, Skaraborgs Läns Tidning, Swedish Radio P4 Skaraborg

Dagens Industri reports on the increased cyber attack acitvity during the pandemic

Expressen reports on cyber risks in modern cars

Swedish Radio reports on the importance of cyber security and ethical hacking, Ökat behov av etisk hackning

Nu ska elbolagen hackas – KTH får 1,5 miljoner till white hats, Computer Sweden

Dagens Nyheter write about vulnerabilities in car dongles

Vulnerabilities discovered

CVE-2020-29664 - local arbitrary code execution without any hardware modifications on the DJI Mavic 2 Remote Controller and Leadcore processor on the DJI Mavic 2 Zoom drone. Student: Viktor Edström, Supervisor: Robert Lagerström, Examiner: Pawel Herman.

CVE-2020-13119  - ismartgate PRO 1.5.9 is vulnerable to clickjacking. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12843  - ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12842  - ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12841  - ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12840  - ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12839  - ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12838  - ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12837  - ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12282  - iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.) Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12281 - iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12280  - iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2019-12941 - AutoPi Wi-Fi/NB and 4G/LTE devices allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. Students: Aldin Burdzovic and Jonathan Matsson, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2019-12944 - Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable. Student: Arvid Viderberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2019-12943 - Insecure permission, password reset function, in TTLock Open Platform. Student: Arvid Viderberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2019-12942 - Insecure permission, account revocation mechanism, in TTLock Open Platform. Student: Arvid Viderberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2019-12821 - Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. Students: Theodor Olsson and Albin Larsson Forsberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2019-12820 - Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, possible MiTM attack on http. Students: Theodor Olsson and Albin Larsson Forsberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

CVE-2019-12797 - Vulnerability in a clone version of an ELM327 OBD2 Bluetooth device, hardcoded PIN leading to arbitrary commands to an OBD-II bus of a vehicle. Students: Ludvig Christensen and Daniel Dannberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.

Some recent publications

S Hacks, S Katsikeas, E Ling, R Lagerström, M Ekstedt, "powerLang: a probabilistic attack simulation language for the power domain," in Energy Informatics 3 (1), 1-17, 2020. 

Margus Välja, Fredrik Heiding, Ulrik Franke & Robert Lagerström, "Automating threat modeling using an ontology framework: Validated with data from critical infrastructures," in Cybersecurity, vol. 3, no. 19, 2020. 

Robert Lagerström, Alan MacCormack, David Dreyfus, and Carliss Baldwin, “A Methodology for Operationalizing Enterprise IT Architecture and Evaluating its Modifiability,” in the International Journal of Complex Systems Informatics and Modeling Quarterly (CSIMQ), no. 19, June/July, pp. 75-98, 2019.

Wenjun Xiong and Robert Lagerström, “Threat Modeling: A Systematic Literature Review,” in Computers & Security, vol. 84, July 2019, pp. 53-69.

Pontus Johnson, Robert Lagerström, Mathias Ekstedt, and Ulrik Franke, ”Can the Common Vulnerability Scoring System be Trusted? A Bayesian Analysis,” in Transactions on Dependable and Secure Computing, vol. 15, no. 6, pp. 1002-1015, 2018.

#cybersecurity #ITsecurity #informationsecurity #systemsecurity #enterprisearchitecture #threatmodeling #attacksimulations #penetrationtesting #ethicalhacking #softwarearchitecture #systemarchitecture #softwaremodeling #systemmodeling #attackgraph #attacktree #bayesiannetworks #riskanalysis 

News

Our paper entitled "Integrating Security Behavior into Attack Simulations" has been accepted for publication in EPESec 2021 workshop, which will take place in conjunction with ARES 2021. 2021-06-09.

Lecture about #290cybersecurity and Forskardrömmar for four classes during the Järva-week, 2021-06-02.

Our paper "Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix" was accepted for publication in the Journal of Software and Systems Modeling (SoSyM), 2021-05-25.

Popular science presentation for kids and youth at Vetenskapenshus on "cyber security, ethical hacking and simulations", 2021-04-28.

Opponent in the doctoral thesis defense of Thanh Bui's work "Security Failures in Modern Software" at Aalto University, 2021-04-27.

Blog post about phishing in the Infosecurity Magazine, "The Five Strategies Users Use to Determine Phishing: Which Work and Which Don’t?" 2021-04-26.

World book day, video for teachers and kids. with me talking about cyber security and Forskardrömmar, 2021-04-23.

Our paper "A Method for Assigning Probability Distributions in Attack Simulation Languages" was accepted for publication in Complex systems Informatics and Modeling Quarterly (CSIMQ), 2021-04-19.

Science discussion at Vetenskapsfestivalen (science festival) with kids (ages 10-12 years), seven classes from different Swedish cities participated, 2021-04-16. 

Hosting and moderating "A better tomorrow", a scientist conversation at the movie festival BUFF, 2021-03-18.

A new vulnerability has been published - CVE-2020-29664 - local arbitrary code execution without any hardware modifications on the DJI Mavic 2 Remote Controller and Leadcore processor on the DJI Mavic 2 Zoom drone. Student: Viktor Edström, Supervisor: Robert Lagerström, Examiner: Pawel Herman.

Our new children's book "Forskardrömmar - Berättelser för nyfikna barn" is now available, 2021-02-08.
Order here:
Fri Tanke, Bokus, Adlibris
News about the book here:
Swedish Radio P4 Stockholm, Tidning Curie, Bärgslagsbladet, KTH News, Stockholm University News, Young Academy of Sweden, Life Science Sweden, Linköping University, Göteborg University, Uppsala Tidningen, GIH, Uppsala University, Expressen MamaSchizofreniförbundet, Nya Lidköpings-Tidningen, Skaraborgs Läns Tidning, Swedish Radio P4 Skaraborg

Interview with our student about studying at KTH and working as an engineer, 2021-01-20.

Our new children's book "Forskardrömmar - Berättelser för nyfikna barn" is now available as pre-order from Bokus, 2021-01-19.

Swedish news media Dagens Industri reports on the success of foreseeti and securiCAD, with comments from Robert, 2020-12-15.

Swedish news media Dagens Industri reports on the increased cyber attack acitvity during the pandemic, with comments from Robert, 2020-12-15.

Co-arranged the "Solving the reproducibility crisis in the digital era," A Panel Debate on Science with Hanne Kjöller, Lorena Barba and Members of Swedish Parliament, 2020-12-14.

Press release from Swedish Research Council, expert group on research communication education, 2020-12-02.

Participating in (and winning) the Research Grand Prix pitch contest (semi finals), 2020-11-27.

Moderated the annual Nordic SCADA security conference, Nov. 16-17 2020.

Presented our work on threat modeling and attack simulations in the Digital Futures Dive Deep Lunch Seminar series, 2020-11-12. 

Our paper "Detecting plagiarism in penetration testing education" was accepted as a poster presentation at the 25th Nordic Conference on Secure IT Systems (Nordsec), 2020-11-11.

Participated in a dialog about academic merits for industry collaboration, 2020-11-09.

Our paper "Assessing Alignment Between Business and IT Strategy: A Case Study" was accepted for presentation and publication in the 13th IFIP WG 8.1 working conference on the Practice of Enterprise Modelling (PoEM) Forum 2020.

Eleven new vulnerabilities related to the ismartgate PRO 1.5.9 was discovered and reported, 2020-09-25. 

Our paper entitled "powerLang: A Probabilistic Attack Simulation Language for the Power Domain" as been conditionally accepted for publication in Energy Informatics, 2020-09-21.

Our paper entitled "Why Phishing Works on Smartphones: A Preliminary Study" has been conditionally accepted for presentation and publication at the IEEE Hawaii International Conference on System Sciences (HICSS-54), 2020-09-18.

KTH reports on our first lectures in the #290cybersecurity project educating young kids in security, 2020-09-16.

Our paper entitled "Ethical Principles for conducting responsible offensive security training" has been accepted for presentation at the IFIP Summer School on Privacy and Identity Management, 2020-09-12.

Presented Cyber security of smart electronics at the Stora Elektronikdagen med SUMMIT, 2020-09-10.

Our paper "Automating threat modeling using an ontology framework" has been accepted for publication in Cybersecurity, Springer Open, journal, 2020-09-02.

Our paper "A Systematic Literature Review of Information Sources for Threat Modeling in the Power Systems Domain" has been accepted for presentation and publication at the 15th International Conference on Critical Information Infrastructures Security (CRITIS 2020), 2020-06-26.

KTH reports on the Energy transformation webinar, 2020-06-26.

Webinar: Energy transformation and the way there including a discussion on "Is cyber security a threat to sustainable innovation?", 2020-06-16.

KTH spin-off Foreseeti AB secures scale-up funding of 3 MUSD to accelerate growth, 2020-06-09.

Our new EnergyShield video is up on YouTube, 2020-06-11.

KTH has joined the #290cybersecurity project to help Swedish youth become better at cyber security, 2020-06-05.

The paper "A probabilistic attack simulation language for the IT domain" has been conditionally accepted for GraMSec'20, 2020-06-01.

The paper "Business Process Management in Theory and Practice: A Comparative Study" has been accepted for VEnMo 2020, 2020-05-09.

Article in Förvaltarforum about "Ny modell för säkrare digitalisering", 2020-03-31

Presenting cyber security challenges for Swedish real estate businesses at the HBV "Hållbara dagar" conference, 2020-03-09. 

Presenting cyber security challenges for CIOs in the buildings and property managements sector, 2020-02-11.


Kurser

Cybersäkerhetsanalys (EP279U), examinator, kursansvarig, lärare | Kurswebb

Examensarbete i datalogi och datateknik med inriktning mot industriell ekonomi, avancerad nivå (DA235X), examinator | Kurswebb

Examensarbete i datalogi och datateknik med inriktning mot maskininlärning, avancerad nivå (DA233X), examinator | Kurswebb

Examensarbete i datalogi och datateknik med inriktning mot systemteknik och robotik, avancerad nivå (DA236X), examinator | Kurswebb

Examensarbete i datalogi och datateknik, avancerad nivå (DA239X), examinator | Kurswebb

Examensarbete i datalogi och datateknik, avancerad nivå (DA231X), examinator | Kurswebb

Examensarbete inom datalogi och datateknik med inriktning mot ICT innovation, avancerad nivå (DA256X), examinator | Kurswebb

Examensarbete inom datalogi och datateknik med inriktning mot ICT innovation, avancerad nivå (DA258X), examinator | Kurswebb

Examensarbete inom datalogi och datateknik med inriktning mot kommunikationssystem, avancerad nivå (DA246X), examinator | Kurswebb

Examensarbete inom datateknik, avancerad nivå (DA250X), examinator | Kurswebb

Examensarbete inom datateknik, grundnivå (DA150X), assistent | Kurswebb

Examensarbete inom datateknik, grundnivå (II142X), examinator | Kurswebb

Examensarbete inom datavetenskap och kommunikation, avancerad nivå (DA225X), examinator | Kurswebb

Examensarbete inom elektronik och datorteknik, grundnivå (IL142X), examinator | Kurswebb

Examensarbete inom elektroteknik med inriktning mot ICT innovation, avancerad nivå (EA258X), examinator | Kurswebb

Examensarbete inom elektroteknik med inriktning mot ICT innovation, avancerad nivå (EA256X), examinator | Kurswebb

Examensarbete inom elektroteknik med inriktning mot inbyggda system, avancerad nivå (EA248X), examinator | Kurswebb

Examensarbete inom elektroteknik med inriktning mot information och nätverksteknologi, avancerad nivå (EA260X), examinator | Kurswebb

Examensarbete inom elektroteknik med inriktning mot kommunikationssystem, avancerad nivå (EA246X), examinator | Kurswebb

Examensarbete inom elektroteknik, avancerad nivå (EA238X), examinator | Kurswebb

Examensarbete inom elektroteknik, avancerad nivå (EA250X), examinator | Kurswebb

Examensarbete inom informations- och kommunikationsteknik, grundnivå (II143X), examinator | Kurswebb

Examensarbete inom informationsteknik, avancerad niva (IA250X), examinator | Kurswebb

Examensarbete inom informationsteknik, grundnivå (IA150X), examinator | Kurswebb

IT-Management med Enterprise Architecture I (EH2770), examinator, lärare | Kurswebb

Individuellt projekt i nätverkssystem (EP2800), examinator | Kurswebb

Seminariekurs i avancerade ämnen inom kommunikationsnät 1 (FEP3316), examinator | Kurswebb

Seminariekurs i avancerade ämnen inom kommunikationsnät 2 (FEP3317), examinator | Kurswebb

Säkerhetsanalys av storskaliga datorsystem (EP2790), examinator, kursansvarig, lärare | Kurswebb

Utmaningar för den växande staden, tvärdiciplinär projektkurs A:1 (OpenLab projektkurs) (MF2080), examinator | Kurswebb

Utmaningar för den växande staden, tvärdisciplinär projektkurs A:2 (OpenLab projektkurs) (MF2081), examinator | Kurswebb