CASA Summer School on Software Security: Inspiring Talks and Creative Approaches

The three-day event took place at the RUB from 14 – 16.8.2023.

The participants of the CASA Summer School 2023. Coyright: CASA, Mareen Meyer

In tutorials and group work, the participants were able to approach the topics in a partly playful way. Copyright: CASA, Mareen Meyer

Helen Sharp of the Open University UK. Copyright: CASA, Mareen Meyer

Verena Zimmermann from ETH Zurich talks to participants during the Security Exit Game. Copyright: CASA, Mareen Meyer

Fish Wang of the Arizona State University. Copyright: CASA, Katja Marquard

During the coffee breaks there were good opportunities for exchange in a relaxed atmosphere. Copyright: CASA, Mareen Meyer

The three-day event took place from Aug. 14-16, 2023, at the RUB's Beckmanns-Hof conference center under the direction of CASA PIs Prof. Kevin Borgolte, Prof. Alena Naiakshina and Prof. Marcel Böhme (from left to right). Copyright: CASA, Mareen Meyer

Creativity is always part of science, and this year's CASA Summer School on Software Security was no exception. The three-day event took place from August 14-16 at the Beckmanns-Hof of the RUB under the chairmanship of the CASA PIs Prof. Kevin BorgolteProf. Marcel Böhme and Prof. Alena Naiakshina.

The program included not only classical talks where international speakers gave exciting insights into their research. A Capture the Flag Contest, a Science Escape Game and a Summer Pitch gave participants the opportunity to engage with the topic in a playful way.

Invited to Bochum were Prof. Eric Bodden (Heinz Nixdorf Institute at the University of Paderborn and Fraunhofer IEM), Prof. Helen Sharp (The Open University), Prof. Fish Wang (Arizona State University), Prof. Andreas Zeller (CISPA Helmholtz Center for Information Security), and Prof. Verena Zimmermann (ETH Zurich). In addition, Dr. Tamara Lopez (The Open University) and Fabian Schiebel (Fraunhofer Institute for Mechatronics Design IEM) gave concurrent tutorials.

Diverse and engaging presentations

Helen Sharp kicked off the Summer School program with a keynote on "Secure code development in practice: the developer's point of view". The first day continued with a spotlight on the human factor in IT security: In her keynote "Human-Centered Security: Focusing on the human in IT security and privacy research", Verena Zimmermann reflected on the psychological aspects of IT security and their consideration in the design of usable security and privacy solutions. On the second day, the attendees gained exciting insights into "Language Based Fuzzing", which was addressed by Andreas Zeller from CISPA. Eric Bodden presented his research in his keynote on "Managing the Dependency Hell - Challenges and Current Approaches to Software Composition Analysis" and provided a deeper understanding of the subject.

"For me, the CASA Summer School was a successful event due to the diverse and engaging presentations and tutorials by excellent researchers and the active interaction of highly qualified and motivated participants," summarizes Alena Naiakshina. In her opinion, summer schools are always a good opportunity for early career researchers to meet leading experts in their respective fields and to foster interdisciplinary perspectives and the development of new ideas.

Security Exit Game for a playful approach

To generate ideas at all, you have to be creative - as in the playful approach in the form of a card-based security exit game presented by speaker Prof. Verena Zimmermann from ETH Zurich. The game is part of a research project that Zimmermann is working on with her student Linda Fanconi. "Various studies have shown that people find cybersecurity important, but on the other hand it has many negative associations: too complex, sometimes scary, and at the same time too boring. We developed the game to give people a positive approach to the topic," explains Zimmermann. At the CASA Summer School, participants were able to try out the prototype and experience not only the fun of the game, but also the practical aspects of human-centered security.

Networking in a relaxed atmosphere

Besides the mix of topics like testing, fuzzing and developer-centered security presented by the high-ranking speaker the venue Beckmannshof contributed to the participants' positive experience, says Naiakshina. Attendee Kushal Ramkumar from the University College Dublin was also pleased by the variety of topics: "The CASA Summer School is very well organized and I learned a lot about topics I didn't know so well before." Whether at the evening BBQ or during the guided tour of the adjacent botanical garden: There was plenty of opportunity to network in a relaxed atmosphere. "Events like the Summer School are very important to me to keep myself up-to-date with the latest research. Of course, you can learn a lot from literature, but in a setting like this, you can speak directly to the authors and get their thoughts on a topic. These conversations might spark interesting collaborations and also provide some new perspectives on my own research," says Kushal Ramkumar.

Next year, the CASA Summer School will be held cooperatively with Crypt@b-it in Bochum, Germany, and will take place from August 26-30, 2024. We will share more information about this on this -> Website soon.

General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.