SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT

SBA Research is moving!

Our new address: Floragasse 7, 1040 Vienna, Austria Effective on: June 25, 2019 More at: www.sba-research.org/relocation

News

SBA Research @ Security Forum 2019

Alexandra Mai, Stephanie Jakoubi and Nicolas Petri had a good time at the Security Forum 2019, representing SBA Research. The Security Forum took place from April 11-12, 2019 at the Fachhochschule Oberösterreich, Campus Hagenberg.

 

Combinatorial security testing tutorial @ DATAWorks 2019, Springfield, VA, USA

Dimitris Simos (SBA Research, MaTRIS research group) and Rick Kuhn (NIST, Computer Security Division) were invited to jointly present a tutorial on combinatorial security testing at the Defense and Aerospace Test and Analysis workshop (DataWorks 2019) on April 11th, 2019.

The event takes place at Springfield, VA, USA and is organized by NASA, Institute for Defense Analyses (IDA) and the Office of the Secretary of Defense.

Tutorial: Combinatorial Methods for Testing and Analysis of Critical Software and Security Systems

Abstract: Combinatorial methods have attracted attention as a means of providing strong assurance at reduced cost, but when are these methods practical and cost-effective? This tutorial includes two sections on the basis and application of combinatorial test methods: The first section explains the background, process, and tools available for combinatorial testing, with illustrations from industry experience with the method. The focus is on practical applications, including an industrial example of testing to meet FAA-required standards for life-critical software for commercial aviation. Other example applications include modeling and simulation, mobile devices, network configuration, and testing for a NASA spacecraft. The discussion will also include examples of measured resource and cost reduction in case studies from a variety of application domains.

The second part explains combinatorial testing-based techniques for effective security testing of software components and large-scale software systems. It will develop quality assurance and effective re-verification for security testing of web applications and testing of operating systems. It will further address how combinatorial testing can be applied to ensure proper error-handling of network security protocols and provide the theoretical guarantees for detecting Trojans injected in cryptographic hardware. Procedures and techniques, as well as workarounds will be presented and captured as guidelines for a broader audience.

The tutorial can be download from here.

PDF Embedder requires a url attribute

Adrian Dabrowski presents “Hollywood Hacking” at IT Businesstalk in Salzburg

Adrian Dabrowski holds a “myth busters session” on hacking, tracking of IP addresses, secure data transfer and numerous other hot topics at the 10th IT Businesstalk in Salzburg on April 11, 2019.

More information

WU data-science project provides an analysis on how shootings and terror attacks affect social media communication behavior

A new study conducted by WU researchers that has been published in March 2019 provides novel insights how shootings and terror attacks affect the emotions and the corresponding communication behavior of social media users. For the study, five shootings and terror events have been analyzed that happened in three different countries (France, Germany, USA).

APA
https://science.apa.at/site/kultur_und_gesellschaft/detail.html?key=SCI_20190404_SCI39351351647795568

WU Research News
https://nm.wu.ac.at/nm/news-april-2019-emotion-exchange-motifs-en/

Johanna Ullrich in ORF interview on smart meter security and privacy

Senior researcher Johanna Ullrich has been interviewed by Austrian Broadcasting (ORF). In the TV show Eco, she explained potential security and privacy pitfalls of smart meters that are mandated by EU legislation. The show can be watched in ORF’s TVthek within the next 7 days.

Link: https://tvthek.orf.at/profile/Eco/11523082/Eco/14009521

Bernhard Garn and Dimitris Simos @ NIST

Bernhard Garn and Dimitris Simos visit the National Institute of Standards and Technology (NIST) [NIST] during April 4-8, 2019.  The purpose of the visit is to jointly host with NIST researchers (Raghu Kacker, Rick Kuhn) the 3rd SBA/NIST workshop on combinatorial security testing [CST], and to discuss recent research activities of the MaTRIS group of SBA Research [MaTRIS] and the ACTS project team of NIST [ACTS].

[NIST] https://www.nist.gov/

[CST] https://matris.sba-research.org/research/cst/

[MaTRIS] https://matris.sba-research.org/ [ACTS] https://csrc.nist.gov/projects/automated-combinatorial-testing-for-software

The workshop also includes the annual progress meeting of the NIST funded SENTINEL [SENTINEL] project co-led by the MaTRIS group (Dimitris Simos) and University of Texas at Arlington (Jeff Lei), where there is a strong focus on combinatorial methods for testing of IoT systems.

[SENTINEL] https://matris.sba-research.org/projects/#current

The visit has further as it purpose to facilitate research actions between the MaTRIS group and different divisions at NIST on emerging topics of cryptographic combinatorial testing and artificial intelligence testing. The research efforts of SBA and NIST researchers are expected to further strengthen the pivotal role of combinatorial methods in the field of security testing.

Johanna Ullrich in interview on diversity in IT

Johanna Ullrich has been interviewed by demographieberatung.at on diversity in the field of information technology.

The interview is part of the current newsletter, and can also be found here:

Link:
https://www.demografieberatung.at/uncategorized/das-alter-entscheidet-nicht-darueber-ob-jemand-gut-in-informatik-ist/

Participate in our Hardware Device Study

Do you have a Yubikey or a cryptocurrency hardware wallet and want to play an active part in a research project from SBA Research to improve current methods for authenticity checks?

Then please fill out our online survey (https://de.surveymonkey.com/r/YPH2FSX) and take part in a raffle for 3 x Amazon vouchers 50€ each and 10 x 3 packages of Zotter chocolate.

The survey should only take 15-20 minutes, and your responses are completely anonymous.

If you have any questions regarding the study, please feel free to contact us at hardwareDeviceStudy@sba-research.org.

Thank you for your help!

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close