Up-to-date announcements for all courses will be made on VC. Please sign up for the respective VC courses. Definitive pieces of information regarding all courses are published in the Modulhandbuch of your studies program.
Looking for teaching offerings from the past? Check the Teaching Archive.
Winter Term 2022/23
Prof. Herrmann will be on a sabbatical in winter 2022/23. As a consequence, there will be no PSI Seminar. The lectures PSI-IntroSP-B and PSI-EDS-B will be offered as online-only courses. PSI-IntroSP-B tutorials will probably take place online as well as face-to-face.
Summer Term 2022
|AdvaSP-M||Lecture Advanced Security and Privacy (online) Syllabus||M.Sc.|
|Tutorials Advanced Security and Privacy (online)|
|EiRBS-B||Vorlesung Einführung in Rechner- und Betriebssysteme||B.Sc.|
|Zentralübung zu PSI-EiRBS-B|
|Ablauf und Inhalt (Syllabus)|
|Sem-B/M||Seminar Security and Privacy||both|
|ProjectPAD||Project Practical Attacks and Defenses||B.Sc.|
|ProjectCAD-M||Project Complex Attacks and Defenses||M.Sc.|
|ProjectSP||Project Security and Privacy Research||M.Sc.|
|SSSProject-B||Project Software Systems Science Project||B.Sc.|
PSI-Sem-B/PSI-Sem-M: This seminar belongs to the subject group of computer science. If you do not study Software Systems Science, you must check whether you can take this seminar. Information about recommended requirements and registration procedures will be provided via VC. Topics will be announced in the VC channel in the first week of the semester.
Bachelor and Master projects: There will a Block PSI Project at the end of the Summer Term 2022 (see below).
Software Systems Science Project: Duration: one or two semesters, topics offered on an individual basis upon request.
Block Project Summer 2022
Degree Program: B.Sc. AI, B.Sc. SoSySc, B.Sc. WI (requires special admission by PA), M.Sc. AI, M.Sc. ISoSySc, M.Sc. WI (requires special admission by PA)
Hard-constraints: Participation in PSI-IntroSP-B or PSI-AdvaSP-M (i.e., registered for the exam at least once), ability to work with Linux on the command line, working knowledge with at least one programming language.
Description: The goal of this project is to analyze various smartphone apps and/or wearable devices (five different smartwatches, among them devices from Fitbit, Samsung, and Apple) for privacy compliance issues, security weaknesses, and poorly implemented privacy notices. On a technical level, you will learn how to perform TLS interception to analyze network flows to third-party servers. On the compliance level you will learn about the privacy requirements that follow from the GDPR and how to exercise your rights (e.g., Subject Access Requests according to Art. 15). You will have the chance to conduct technical analyses ("What is actually transferred to the device vendor or other third parties?"), perform human-interaction experiments in a controlled environment ("Do users understand what the device does with their data?"), and determine compliance violations ("Do device vendors respond adequately to requests for access or deletion?").
In July 2022 you will get assigned scientific papers to familiarize yourself with related work. In early September, there will be practical in-presence workshops: (1) everyone presents what they found out in related work, and (2) we will practice analysis tools, experiment design and methods, privacy compliance requirements. In the following two weeks you conduct technical analyses, perform experiments with users, and check for privacy compliance violations. In the last week of September you present your results and write them up in a report.
Time and location: This is a block project, i.e. there is no weekly meeting during the semester.
Registration: from 21–30 June 2022 via the following VC course: https://vc.uni-bamberg.de/course/view.php?id=54450