Annika Wilde is about to complete her master's degree in IT security and is already a doctoral student at the Chair for Information Security at Ruhr-Universität Bochum (RUB). Already during her studies, she started her PhD via Fast Track - as the first of the still young Faculty of Computer Science at RUB. On the occasion of the International Day of Women and Girls in Science on February 11, she talks in this interview about her path in the field of IT security research so far. This month, she is also featured in the "Women in IT Security" series of the Cluster of Excellence CASA.
Annika, how exactly did you get into IT security? And why did you decide to study IT security?
It actually started at school, when I decided to take the elective subject of math and computer science and came into contact with computers for the first time. At home we had a PC with a few educational games, but that was it. At school, we were given various tasks, such as programming a LEGO MINDSTORMS robot or developing simple games with Java. The tasks got more and more challenging. In the senior classes, we dealt with data structures, among other things. These topics were less playful and more application-oriented.
At that time, I decided that I definitely wanted to do something in the field of computer science, because I find the way of solving problems totally exciting: A computer can do a lot of things automatically that a human being has to think about for a long time. Vice versa, you have to teach a computer certain topics that are logical to a human and don't need to be explained. I then looked around the region and came across the IT security program at RUB. The subject immediately appealed to me more than the standard computer science subjects that you can study anywhere. I tried it out and I was all in right from the start.
Which subjects excited you during the bachelor's program?
The most exciting topic at the beginning was of course the introduction to cryptography by Christof Paar (Note: can also be watched here on Youtube). Otherwise, the focus was very much on math and various programming languages during the first semester to lay grounds for the upcoming classes. In the second semester, I continued with topics that you usually think of as IT security, for example “Internet Security“ with Jörg Schwenk. Over the course of time, I became particularly involved with hardware reverse engineering and embedded security. In the end of my bachelor, I also wrote my bachelor's thesis about in this field. I was even able to work on it together with a professor from the USA which was very exciting.
Currently, you are about to complete your master's degree and are already working on your PhD at the same time. How did this come about? What are you working on in your research?
As part of the Fast Track Program of the Faculty of Computer Science, it is possible to get a position as a research assistant and start your doctorate during your master’s studies. A prerequisite is a high average. Last summer, I was able to start as a student assistant here at the Chair for Information Security of Ghassan Karame and after it turned out that I like the topic and the culture at the chair very much, I was allowed to enter the Fast Track Program. In the area of Platform Security, I am working on "Trusted Execution Environments". A Trusted Execution Environment (TEE) is a dedicated region on a chip (e.g. in the CPU) with additional isolation and access control. It provides confidentiality and integrity for all code and data deployed within the bounds of the TEE. As part of my research, I investigate vulnerabilities in commercial versions of TEEs, thereby gaining insights for developing more secure versions based on open-source platforms such as RISC-V.
What do you like most about IT security research? What challenges you at the moment?
Research is always discovering something new. I think it's really exciting that bit by bit you can get more and more involved in a topic and become an expert in that field. And IT security in particular is a very dynamic field in which a lot is developing and whose direction you can influence through your research. This field opens you a variety of paths for the future and it never gets boring. Currently, I still have to figure out the best way of transferring my knowledge to students in the context of teaching.
Women are still underrepresented in IT security studies and research. What have been your experiences as a woman in IT security so far? What advice would you give to young scientists about starting their studies?
My experiences so far have almost always been positive. Occasionally, you still meet people who assume that women don't know anything about IT security, or who can't accept when you know something better. But those have been exceptions so far. I started my studies with a good level of self-confidence, and I certainly needed that in some places at the beginning. But overall, I always had the feeling that I was very well supported. Our tutorial at the beginning of the program was particularly helpful: our tutor put a lot of emphasis on us getting to know each other very well in the group. So from the beginning you had people you already knew and met at the lectures. I would definitely recommend actively participating in such a tutorial to make contacts. Basically, I would also say that you shouldn't worry too much at the beginning. Most of the students here in IT Security are very open and sociable and treat each other equally. There are a lot of cool people here and you shouldn't get discouraged. It's worth biting the bullet.
Discover Annika's poster as part of the Women in IT Security series.
The International Day of Women and Girls in Science was adopted by the United Nations (UN) General Assembly in 2015. Since then, the UN has been drawing attention to the need for equal participation of women in science, technology and innovation every year on February 11.
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.