Homepage of Erik Poll

I am associate professor in the Digital Security (DiS) research group in ICIS (Institute for Computing and Information Science) at the Faculty of Science of Radboud University in Nijmegen.

Address and contact information

(photo by
Sjoerd van der Hucht)


My papers, also reachable via Google scholar, and some slides of talks and pointers to media attention.

My core research interest is software security. Most cyber problems originate in software and my research aims to address some of the root causes of these problems through the use of formal methods and, more generally, rigorous and systematic approaches in software engineering, such as formal specification and verification, type systems, model-based testing and the LangSec approach to input handling.

[JML logo] Case studies in the use of formal methods for improve security include protocol analysis of EMV protocol and state machine inference for various security protocols, incl. EMV bank cards, TLS, SSH and internet banking. Earlier I worked on program specification and verification, in particular for Java and Java Card using the specification language JML. Research on Java Card in our group resulted in some smartcard software.

In more applied security research I have investigated security and privacy issues across many applications domains, such as smartcards, RFID tags, TEEs, e-passports, payment cards, internet banking, smart grids (incl. smart meters and charging of electric cars) and automotive.

Some outliers, topic-wise: with Tommy Koens I wrote a couple of papers analysing the (usually flawed) reasons for thinking that blockchain might be a sensible solution and my former PhD student Alex Serban looked at adversarial attacks.

My current PhD students are Seyed Benham Andarzian, Cristian Daniele, and Job Doesburg.


Master courses I teach are part of the Cyber Security specialisation in our Computing Science Master

Other teaching-related stuff: CTF-2023

Organisations and projects

Conferences and other events

Some older projects