The SICP – Software Innovation Campus Paderborn invites to the 17th "Paderborn IT Security Day" on Tuesday and Wednesday, 5 and 6 September. "During the event, experts from different sub-disciplines of the complex field of IT security will give insights into their work and research and present current topics," explains Prof. Dr. Johannes Blömer, Vice President for Research and Young Academics and head of the "Codes and Cryptography" research group at Paderborn University. While the first day of the event will feature scientific-technical and application-oriented lectures, the second day will offer the opportunity to participate and exchange experiences in interactive workshops. Participants can choose from a total of five workshops. The venue is Zukunftsmeile 2 in Paderborn. Participation is free of charge. Interested parties can register up to and including 1 September. The programme and registration instructions are available on the SICP website.
The "Paderborn IT Security Day" is organised by SICP's "Digital Security" competence area. The scientists research methods to integrate security into the design of durable systems and to guarantee it over the entire life cycle. "Our goal is to make IT security understandable, sustainable and comprehensible," explains Prof. Dr. Eric Bodden, director of the "Digital Security" competence area and head of the "Secure Software Engineering" group at Paderborn University. The event is supported by the InnoZent OWL e. V. innovation network, the OWL regional group of the Gesellschaft für Informatik e. V. and by the district of Paderborn.
Keynotes: Software Testing and Cyber Resilience
Prof. Dr.-Ing. Andreas Zeller from CISPA – Helmholtz Centre for Information Security gGmbH in Saarbrücken will give the keynote speech on the first day of the event on the topic of "Fuzzing with <Structured> Inputs". "Over the years, testing with random data – so-called 'fuzzing' – has become the most important method for detecting errors and vulnerabilities in software systems," explains Bodden. He adds: "In his keynote, Professor Zeller will explain what happens when the 'fuzzer' is taught the input language of a system so that it can generate valid inputs a million times over. He will outline how even complex structured inputs for business and management systems can be created in a simple way and give first impressions of what these inputs can do." Zeller was awarded the 2023 ERC Advanced Grant Semantics of Software Systems for his research.
The keynote address on the second day of the event will be given by Dr Matthias Voigt and Andreas Eckey from Westfalen AG in Münster on the topic of "Living Cyber Resilience – The Interplay of Security Architecture and Organisation". "Matthias Voigt and Andreas Eckey will report on the major cyber attack at Westfalen AG in 2021 and how it was responded to or what follow-up measures were initiated," explains Dr Simon Oberthür, manager of the SICP's "Digital Security" competence area. Voigt was awarded the IT prize "CIO of the Year in the area of 'Cyber Resilience'" for his work in connection with the hacker attack.
Lectures and workshops on current IT security topics
At the event, the following topics, among others, will be presented in lectures or dealt with in workshops: "Designing Security and Privacy for Everyone", "How secure is my TLS? Evaluating TLS Configurations and Implementations with Open Source Tools", "Insights into the Relationship between encoded Attributes in Face Recognition Systems and their Operational Performance", "Trust as a Service: Hardware Security Modules and the Movement to the Cloud", "Field Report: Effective Protection and Dealing with Ransomware Attacks", "Securing the Software Supply Chain".
"I would like to draw particular attention to the lecture 'Risk Quantum Computing – What is to be done?' by the BSI. The lecture will present the results of a joint survey by the BSI and KPMG and discuss the need to migrate to quantum-safe cryptography," Bodden emphasises.