SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT



Johanna Ullrich at DBT#1 “IT-Security”

Johanna Ullrich joined DBT´s first event of the year dealing with IT-Security.

Source: APA Fotoservice

In conversation with other experts she made interconnection of physical and automation systems as well possible consequences a subject of discussion.

Read full article here

Future of Online Anonymity: FWF Project accepted

Wilfried Mayer and Edgar Weippl will work on our newly accepted FWF project “FuOnA: Future of Online Anonymity”

This project aims to (i) understand the foundations of online anonymity, (ii) study the proposed technical mechanisms in detail, and (iii) further extend the schemes which are able to work at scale and protect the online personae of its users.

WeAreDevelopers World Congress 2018

We are happy to announce that SBA Research is hosting the security track „Private and Secure Development“ of WeAreDevelopers World Congress 2018, the biggest development conference in Europe (Twitter).

We are supporting WeAreDevelopers with our information security and secure development experience.

Get your tickets here

Details und Anmeldung

ARES & CD-MAKE 2018, organized by SBA Research

The 13th International Conference on Availability, Reliability and Security (ARES 2018) will be held in Hamburg, Germany at the University of Hamburg, on August 27 – August 30, 2018. The 2nd International IFIP Cross Domain (CD) Conference for Machine Learning & Knowledge Extraction (MAKE)
CD-MAKE 2018 as well as several workshops and the ARES EU Projects Symposium will be held in conjunction with the conference.

ARES will highlight the various aspects of security –  with special  focus on the crucial linkage between availability, reliability and security.

ARES  aims at a full and detailed discussion of the research issues of security as an  integrative concept that covers amongst others availability, safety, confidentiality, integrity, maintainability and security in the different fields of applications.

ARES will emphasize the interplay between foundations and practical issues of security in emerging areas such as e-government, m-government, location-based applications, ubiquitous computing, autonomous computing, chances of grid computing etc. ARES is devoted to the critical examination and research challenges of the various aspects of Secure and Dependable Computing and the definition of a future road map.

The ARES Conference is organized by SBA Research in cooperation with the University of Hamburg.

Paper submission due: March 16, 2018 (23:59 UTC-11)


General Chairs
Mathias Fischer, University of Hamburg, Germany
Dominik Herrmann, University of Hamburg, Germany

Program Chairs
Christian Delft, TU Delft, Netherlands
Sebastian Schrittwieser, FH St. Pölten, Austria

Call for Papers

Details und Anmeldung

DBT#1 “IT-Sicherheit” mit Johanna Ullrich

Am Donnerstag, den 18. Jänner, findet die erste DBT-Veranstaltung im neuen Jahr 2018 statt: Ab 19:30 Uhr dreht sich im Foyer des Haus der Musik alles um das Thema „IT-Sicherheit: Vom Stiefkind zur globalen Herausforderung“.


Im Anschluss an die Keynote von Alexander Janda (KSÖ – Kuratorium Sicheres Österreich) diskutieren u.a. Verena Becker (Wirtschaftskammer Österreich), Alexander Mense (FH Technikum Wien), Markus Schreiber (A1 Telekom Austria) und  Johanna Ullrich (SBA Kompetenzzentrum der TU Wien).

Details und Anmeldung

SBA at USENIX Security & Usenix Magazine

‘Securing the Internet, One HTTP 200 OK at a Time’ (Login, Usenix Magazine Winter 2017, Vol. 42, No. 4) is a summary of our recent Usenix Security paper ‘“I Have No Idea What I’m Doing” – On the Usability of Deploying HTTPS‘, and you’ll be soon able to watch the recording here due to the USENIX open access policy.

News coverage: Bulletproof TLS Newsletter, USENIX ;login:

Heise’s C’t also just covered our research in a long article.

“On Security Research towards Future Mobile Network Generations” accepted in IEEE Communications Surveys and Tutorials

David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, and Christina P ̈opper. On security research towards future mobile network generations. IEEE Communications Surveys and Tutorials, 2018.

Cybercrime Busters: About CERTs and the cybercriminals of Vienna

At this event, organized by the OCG Forum Privacy and the OCG-working group IT-security, the project consortium presents three significant results of the KIRAS project CERT-Komm II. This project, for the federal chancellery of Austria, consists of SBA Research as the consortium leader and the following project partners:

  • University of Vienna, Faculty of Informatics, Multimedia Information Systems Research Group
  • Danube University Krems, department for infrastructural security
  • Research Institute AG & Co KG
  • IKARUS Security Software GmbH

More information can be found here. (in german)

Invited Talk on Security in Production Systems Engineering

At the Software Quality Days 2018, Edgar Weippl gives a talk on Security Challenges in Cyber-Physical Production Systems with a focus on securing the lifecycle of production systems engineering.

published by Springer.

SBA Research among partners of Austrian lead project IoT4CPS

IoT4CPS will develop guidelines, methods and tools to enable safe and secure IoT-based applications for automated driving and for smart production. The project will address safety and security aspects in a holistic approach both along the specific value chains and the product life cycles.


Click here for full article.

Botnets and Electrical Grids

Heise picked up on our recent ACSAC Paper. also reads Heise. and also published articles. Summary on

The paper “Grid Shock: Coordinated Load-Change Attacks on Power Grids” by Adrian Dabrowski, Johanna Ullrich, and Edgar Weippl was recently presented at the 2017 Annual Computer Security Applications Conference (ACSAC 33).

Our work analyzes whether large-scale botnets are able to modulate electric power consumption in a coordinate way to bring down the power grid. ACSAC is a leading conference in applied computer security. In total, 48 out of 244 submissions were accepted, resulting in an acceptance rate of 19.7%. ACSAC 33 will be held in San Juan, Puerto Rico in December 2017.

Empirical Research for Software Security

Our new book on empirical research for software security is available.
empirical research for software security
Empirical Research for Software Security: Foundations and Experience,
Lotfi ben Othmane, Martin Gilje Jaatun, Edgar Weippl (eds), CRC Press, ISBN 9781498776417.

SBA Research @ WeAreDevelopers World Congress 2018!

We are happy to announce that SBA Research is hosting the security track „Private and Secure Development“ of WeAreDevelopers World Congress 2018, the biggest development conference in Europe (Twitter).

We are supporting WeAreDevelopers with our information security and secure development experience.

Securing the Internet, One HTTP 200 OK at a Time

HTTPS is the most commonly used cryptographic protocol on the Internet. It protects communication content and provides endpoint authenticity at scale. However, deploying HTTPS in a truly secure fashion can be a challenging task even for experienced admins. To explore why this is the case and how these challenges can be fixed in order to support an even wider adoption, we conducted a user study, which was presented at USENIX Security 2017.

(Securing the Internet, One HTTP 200 OK at a Time, Wilfried Mayer, Katharina Krombholz, Martin Schmiedecker,and Edgar Weippl, Login, Usenix 2017, Vol 42, No 4)

Nicholas Stifter and Aljosha Judmayer give an interview on blockchain – Profil

Nicholas Stifter and Aljosha Judmayer, two of our four researchers focusing full time on blockchain technology gave an interview for Profil.

RIPE article on IPv6 addressing

Johanna Ullrich has contributed a post on IPv6 Address Security and Privacy to RIPE Labs.

For the full article please see here.

Unique Fingerprint for each Computer

Sebastian Schrittwieser (SBA Research) works on faster identification of cyber attacks by making the hacking process more obvious. Schrittwieser and his team are designing highly complex program codes in order to prevent damage.

Full article

Promotio sub auspiciis Praesidentis for Dr. Johanna Ullrich

Johanna Ullrich finally got her PhD officially awarded sub auspiciis Praesidentis in presence of the Austrian president Dr. Alexander Van der Bellen. This type of promotion is the highest honor for achievement, and the laureates receive a gold ring from the president. The tradition dates back to the 17th century.

Please also see the announcement of TU Wien

500 attendees joined Blockchain Summit at WU

500 participants discussed and prepared pilot projects at several workshops on Tuesday, December 5.

SBA Research is among the cooperation partners of WU´s newly founded Research Department of Crypto Economy that is in charge of accompanying the pilot projects.

©Blockchain Austria

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.