Team
Academic Staff
M. Sc. Christian Scholz
- Room:
- S-GW 306
- Phone:
- +49 201 18-37336
- Email:
- christian.scholz (at) uni-due.de
- Author Profiles:
- ORCID
Bio:
Christian Scholz is a research assistant at the chair for System Security at the University Duisburg-Essen.
Curriculum Vitae:
- since 06/2023
- Research Assistant at the chair for System Security at the University of Duisburg-Essen
- 10/2020 - 09/2021
- Student Assistant at Max Planck Institute for Security and Privacy
- 10/2019 - 10/2022
- Master's studies in IT Security/Information Engineering at the Ruhr-University Bochum (graduated with M. Sc.)
- 07/2019 - 09/2020
- Working student at emproof GmbH
- 01/2018 - 09/2018
- Student Assistant at the Sales Management Department at Ruhr-University Bochum
- 10/2015 - 09/2019
- Bachelor's studies in IT Security/Information Engineering at the Ruhr-University Bochum (graduated with B. Sc.)
Publications:
- Niesler, Christian; Scholz, Christian; Davi, Lucas: MPUsh: Applying Security Hotpatches Instead Of MPU Barriers. In: Proc. of 2nd Constructive Approaches for SeCurity Analysis and Design of Embedded systems Conference (CASCADE'26). Springer, Regensburg, Germany, 2026. Abstract Details Citation
Due to hardware limitations and stringent timing demands, runtime hotpatching of security vulnerabilities on flash-constrained, hard real-time embedded systems remains a significant challenge. We present MPUsh, a novel Memory Protection Unit (MPU)-based hotpatching approach. MPUsh leverages the MPU to render vulnerable flash regions non-executable. Fault handlers then intercept these violations and redirect execution to RAM-resident patches. Our proof-of-concept prototype, implemented on an ARM Cortex-M4 (NUCLEO-F446RE) processor, activates patches in 15 cycles and redirects execution in 46 cycles. MPUsh outperforms interpreter-based alternatives while supporting arbitrary patch locations without pre-inserted hooks. Furthermore, MPUsh provides more patch slots than approaches that use hardware breakpoints. When evaluated on a safety-critical syringe pump, MPUsh successfully demonstrated real-time capability.
- Niesler, Christian; Scholz, Christian; Hannappel, Nils; Davi, Lucas: Co-Guard: Guarding Safety-Critical Embedded Devices in Emergencies. In: Proc. of 2nd Constructive Approaches for SeCurity Analysis and Design of Embedded systems Conference (CASCADE'26). Springer, Regensburg, Germany, 2026. Details Citation
- Giesen, Jens-Rene; Scholz, Christian; Davi, Lucas: Poster: Code HarvETHter: Corpus-Driven Decompilation of Ethereum Smart Contracts. In: Proc. of 32th Association for Computing and Machinery SIGSAC Conference on Computer & Communications Security (CCS). Association for Computing Machinery (ACM), Taipeh, Taiwan, 2025. doi:10.1145/3719027.3760714Abstract Details Citation
This poster introduces HarvETHter, a smart contract decompiler for EVM-based platforms such as Ethereum, Binance, and Polygon. We present the corpus completeness hypothesis, which we investigate through HarvETHter. Relying on our hypothesis, HarvETHter sources knowledge of the Ethereum blockchain and leverages it to decompile smart contracts to Solidity source code.