Smart & Secure

“How does the internet work, which potential risks am I facing and how can I avert threats?”
SBA was invited to point out the most common security issues in the course of the security awareness initiative at TGM. The permanent accessibility of internet via smartphones comes with a number of potential hazards. Students established a baseline understanding about security and privacy through interactive workshops with Stephanie Jakoubi, Philipp Reisinger, Markus Hittmeir, Matthias Eckhart and Christian Kudera.

Five key take-aways were defined:

Rethink what you share -> once online, forever online

Rethink which pages you surf -> browser privacy mode does not protect you from malware and cyber attacks

Stay updated -> software updates help strengthen your security

Make sure to use encrypted connections -> this is the only way to enhance privacy , e.g. via https

Give attackers and criminals a hard time -> use long and complex passwords

The Austrian Cyber Security chapter and the Counter Intelligence Office are inviting young IT talents to apply for this year´s challenge. The competition strives to spot talents at an early stage, to point out perspectives and support careers in the field of IT security. Last year over 600 participants showed off their talent in the areas of web, crypto, reverse engineering, exploitation and forensic.

Website
Press release

Corinna’s research interests focus on topics in the area of Internet of Things (IoT) including issues such as constrained networks, security and privacy issues, as well as mobile communication (e.g., IEEE 802.15.4, LoRaWAN) and network management. The investigated application area ranges from smart environments over critical infrastructures to military environments. For a small insight-glimpse see SecureWSN.

Read more

Philipp Reisinger gives a talk “Don´t reinvent the wheel for OT-Security” at the Digital Safety + Cyber Security Conference at Novomatic Forum on May 8, 2019.

More information

Stefan Jakoubi & Günther Roat are leading a deep dive session on digitalisation and information security on the CIO Inside Summit, taking place from May 5-7, 2019 in Spielberg, Styria.

All sec4dev 2019 videos and slides are now online! You can find them here: https://sec4dev.io/2019

Conference & Bootcamp | Save the date: 24–27 Feb 2020, Vienna

SBA is partner of the Kaspersky Cyber Day on May 28, 2019 at TU Wien.

Take advantage of the opportunity to participate in the Kaspersky Industrial Protection Simulation (KIPS).

Kaspersky Industrial Protection Simulation (KIPS), a 2h-long role-playing game, establishes an understanding between decision-makers (CxO, business, IT), and changes their perception of the problem.

Teams of participants compete in running a simulated company. As the company experiences a series of attacks, they see an unexpected impact on performance, and have to adopt financial, IT or security strategies to minimize loss and maintain profits.  Every response a team makes has a knock-on effect, so participants need to analyze data and make decisions despite uncertain information and limited resources! Sound like real life? That’s the point!

Your task: The task is to develop a scenario and content for such a training course for one of the following industries:

• Healthcare
• Retail
• Metallurgy

The scenario should be based on existing software engine features (details and access to the engine is provided upon request together with the relevant training). The proposals may be used for real product development.

Register now for free.

Joint research efforts between researchers of NIST and SBA Research has lead to an significant advancement of available combinatorial testing technology in tool form today, whereas the used theoretical constructions were recently presented in two paper at IWCT 2019. With the increased capabilities of extended tools being able to handle modern industry-scale problem sizes, researchers at NIST are especially interested in using the technology to apply these methods to increase confidence in high-risk software.

More detailed information can be found in the related announcement from NIST here.

An ambitious research collaboration between the MaTRIS research group of SBA Research (Dimitris Simos, Ludwig Kampel, Manuel Leithner, Bernhard Garn), NIST (Rick Kuhn, Raghu Kacker) and Adobe (Riley Smith, Darryl Jarman, Jared Bellows, Gabe Gosney) resulted in two published papers (Measuring Combinatorial Coverage at Adobe, Applying Combinatorial Testing to Large-scale Data Processing at Adobe) in IWCT 2019. These two papers showcase successful academia-industry collaboration addressing specific real-world, industry-scale applied problems from Adobe, which were solved by the application of strong theoretical techniques and constructions to two very practical problems. One paper was concerned with combinatorial coverage measurement and the other with combinatorial t-way test suite construction for large-scale models. The results of the combinatorial coverage analysis and the results of the test execution of the newly generated test suites provided significant insights to the researchers at Adobe and laid the foundation for extensive beneficial future collaboration. The constructed combinatorial test sets are publicly available here .

Over the last couple of years, IWCT has especially taken care to support joint academia-industry submissions, also making the conference a unique opportunity for participants from both domains, thus uniting academic excellence and industrial experience and needs.

Bernhard Garn and Dimitris Simos from SBA’s MaTRIS research group (https://matris.sba-research.org/) join the 8th International Workshop on Combinatorial Testing (IWCT 2019) (http://iwct2019.sba-research.org/).

Combinatorial Testing (CT) is a widely applicable generic methodology and technology for software verification and validation, considered a testing best practice. In a combinatorial test plan, all interactions between parameters up to a certain level are covered. For example, in pairwise testing, for every pair of parameters, every pair of values will appear at least once. Studies show that CT is more efficient and effective than random testing. The workshop is also a meeting place between academia and industry, thus uniting academic excellence and industrial experience and needs.

IWCT is organized jointly by Dimitris Simos (SBA Research) (https://matris.sba-research.org/team/dsimos/) and Jeff Lei (University of Texas at Arlington) (http://ranger.uta.edu/~ylei/).