Main Page

News

Grades are now available

Written on 30.03.22 by Swen Jacobs

Dear students,

the final grades for the seminar should now be visible to you in CMS. These are the combined grades from your presentation, participation, and final report.

For those of you that did not already receive feedback on the first version of the report, I have also added (brief)… Read more

Dear students,

the final grades for the seminar should now be visible to you in CMS. These are the combined grades from your presentation, participation, and final report.

For those of you that did not already receive feedback on the first version of the report, I have also added (brief) feedback on your report (see the submission page).

Cheers, and good luck in the new semester!

Final Report: Initial Feedback and some additional Hints

Written on 28.02.22 by Swen Jacobs

Dear students,

I have just uploaded the feedback for everybody who has already submitted a first version of the report. In addition, I want to give a few hints that apply to multiple reports, and could also be useful to those that have not submitted a first version yet:

- the summaries should be… Read more

Dear students,

- the summaries should be readable for someone who has not participated in the seminar (and who has only a general computer science and security background, but is not specialized in the area of the seminar), and they should give them a good idea of the topics and papers we have covered, and possibly your own conclusions about the papers
- a challenge of technical writing is to be as precise as possible - for example, while in prose or lyrical writing it is good to have a variety of phrases for the same thing, in technical writing you usually want to stick to one phrase to make clear that you are still talking about exactly the same thing, and not something different. Alternatively, you can explicitly state that two phrases mean the same thing, e.g. write something like "we distinguish between secret (or high-security) and public (or low-security) data".
- the report becomes more readable if every summary is based on what has already been written in previous summaries. E.g., constant-time programming is one of the central topics of R3, and therefore should be explained in the summary of R3; when summarizing the other papers that also consider this topic (P7, P9), it does not have to be explained again - instead a short reminder and a reference to (the summary of) R3 is enough.

Meeting today cancelled

Written on 03.02.22 by Swen Jacobs

Dear students,

I am sorry to say that I have to cancel today's meeting for health reasons. I propose to use our regular time slot next week for the final presentation. If that is not possible for you, please let me know and we will see if and what we can do about it.

Scoring Schemes for Presentations and Final Reports

Written on 15.12.21 by Swen Jacobs

Dear Students,

I have just uploaded the scoring schemes for the presentations and the final reports, which should give you a good idea of what we expect for each of them.

If you want feedback on your slides before your presentation, feel free to send us you draft, and/or ask Joachim for a… Read more

Dear Students,

I have just uploaded the scoring schemes for the presentations and the final reports, which should give you a good idea of what we expect for each of them.

If you want feedback on your slides before your presentation, feel free to send us you draft, and/or ask Joachim for a meeting.

Stay safe, see you in the new year!

Template for final report

Written on 17.11.21 by Swen Jacobs

A template for the final report is now available under Materials->Presentations and Final Report. I suggest you use it to already keep summaries of the papers you read.

In the final report, for every paper there should be a short summary of about half a page in the given format.

Registration in LSF/HISPOS, Slides of Kickoff

Written on 10.11.21 by Swen Jacobs

Dear students,

registration for the seminar in LSF/HISPOS is now possible, and will be open until December 10 (this is the deadline for both registering and unregistering).

Also, the slides of the kickoff meeting are now available under Materials -> Background Material

Detailed instructions for certain papers

Written on 08.11.21 by Swen Jacobs

Forgot to mention this before:

for reading group paper R2, in the Materials section there is a comment "Sections 7,8,9 will not be discussed in detail.", i.e., you can ignore these sections when reading and summarizing the paper, and similarly for R4.

Similar instructions will be added for some… Read more

Forgot to mention this before:

Similar instructions will be added for some of the presentation papers, if they are significantly more complex than others.

Regular meeting time, next meeting

Written on 08.11.21 by Swen Jacobs

As discussed in our first meeting, the regular meeting time will be moved to

*Thursdays, 18:00*

We will have
- meetings on Nov 18 and Nov 25 for the reading group papers,
- no meetings in December (to give you time to prepare your presentations), and
- weekly meetings starting on Jan 6, 2022… Read more

As discussed in our first meeting, the regular meeting time will be moved to

*Thursdays, 18:00*

In the next meeting, we will have informal presentations of
R1 by Hadar Muchtar, and
R2 by Paul Eichler and Trupti Koushik.

Time for first meeting, Zoom link for meetings

Written on 25.10.21 by Swen Jacobs

Dear students,

based on the results of our poll, our first meeting will be on

Monday, November 8, at 14:00.

If this timeslot does not also work for you as a regular meeting slot during the semester, please let me know soon.

Below is the zoom link that will be used for all of our meetings… Read more

Dear students,

based on the results of our poll, our first meeting will be on

Monday, November 8, at 14:00.

If this timeslot does not also work for you as a regular meeting slot during the semester, please let me know soon.

Below is the zoom link that will be used for all of our meetings this semester.

==========

Swen Jacobs is inviting you to a scheduled Zoom meeting.

Topic: Seminar: Formal Methods for Finding and Fixing Information Leaks
Time: This is a recurring meeting Meet anytime

Join Zoom Meeting
https://cispa-de.zoom.us/j/95651131029?pwd=KzlsZzBkRk45SXdpSmV5V29lRkxBUT09

Meeting ID: 956 5113 1029
Passcode: 9$?%Dz
One tap mobile
+496971049922,,95651131029# Germany
+496950502596,,95651131029# Germany

Dial by your location
+49 69 7104 9922 Germany
+49 695 050 2596 Germany
Meeting ID: 956 5113 1029
Find your local number: https://cispa-de.zoom.us/u/abGWisk9FB

Privacy Notice:
Please refer to https://cispa.de/en/data-privacy-policy-zoom for our privacy notice regarding the use of Zoom at CISPA

Wrong data shown in CMS

Written on 24.10.21 by Swen Jacobs

Dear students,

due to a misconfiguration, the CMS showed that the time for submitting the slides and final report had passed (and that you had failed to submit them). This is of course not true, and has been fixed.

Welcome, and poll for our first meeting timeslot

Written on 22.10.21 by Swen Jacobs

Dear students,

welcome again to our seminar :-)

We (i.e., myself and Joachim Bard, who will support me as an assistant) are excited to have you with us for our seminar, on a topic that has become very important in recent years, both in research and in practice.

As our first order of business,… Read more

Dear students,

welcome again to our seminar :-)

As our first order of business, we need to find a timeslot for our first meeting. Like the whole seminar, it will be held online via Zoom.

Please answer the following poll as soon as possible, latest until Sunday evening: https://terminplaner4.dfn.de/y2Vp5U4EDJXVp3Ik

Looking forward to seeing you next week!

Show all

Seminar Topic

Information leaks are a security topic that makes it to the news regularly, with side-channel attacks like Spectre showing how vulnerable much of our information infrastructure is. Systems that store and manipulate sensitive data should be secured against information leaks, but attackers keep finding more sophisticated attacks on systems that have been deemed secure thus far, exploiting side-channels and low-level behavior of the system hardware. Due to the abundance of possible leaks, it is almost impossible for a human designer to prevent them, and automatic formal methods can play a crucial role in finding and fixing such leaks.

In this seminar, students will learn to present, discuss, and summarize papers that aim at formalizing, analyzing and automatically fixing information leaks. The seminar is split into two parts. The first part will take the form of reading sessions, where we lay the foundations of the topic. For the second part, each student is assigned a recent paper from the research area. Students will present their paper and will write a seminar paper on the topic assigned to them, taking into account connections to the topics discussed in the seminar.

Important Dates

First Meeting: tba.

During our first meeting, I will present a short overview of the content and format of the seminar.

Requirements

Reading Group: In the reading group sessions, we discuss background papers that lay the foundations, or give an overview of the recent work on information leaks, and formal methods to find and fix them. Each paper will be presented informally by selected students, followed by a joint discussion. The list of papers for the reading group will be announced soon.

Talks: At the first reading group session, each participant will be assigned a topic. Each topic will be presented by the respective student, followed by joint discussion. For the discussions, it is important that every participant has read the paper(s) that are presented. The list of presentation topics will be announced soon.

Summary: At the end of the seminar we would like you to submit a summary of the seminar topics, including a comparison of your topic to the ones presented by other students.