Usable Security Advanced Lecture

Katharina Krombholz

News

Supplementary Reading Material

Written on 06.05.26 by Alexander Ponticello

Dear students,

We noticed that some of your are still struggling with the prerequisites we have for this class, specifically the statistics part. We uploaded some supplementary reading material to help you familiarize yourself with this knowledge and close any gaps you might still have. Basic… Read more

Dear students,

We noticed that some of your are still struggling with the prerequisites we have for this class, specifically the statistics part. We uploaded some supplementary reading material to help you familiarize yourself with this knowledge and close any gaps you might still have. Basic statistic knowledge is absolutely vital to follow the contents of this course and will be necessary to pass both the assignment and the final exam. So, if you feel like you need a refresher, now is the perfect time to start.

Hope to see you all in large numbers again on Monday, wishing you all the best

Preparation for Second Lecture

Written on 23.04.26 by Katharina Krombholz

Dear Students,

We have uploaded the slide deck for next Monday's lecture on quantitative methods and statistics. We added a small crash course to this slide deck to repeat basic terminology from statistics (slides 23-38). Please note that statistics is a pre-requisite for this lecture, so we will… Read more

Dear Students,

We have uploaded the slide deck for next Monday's lecture on quantitative methods and statistics. We added a small crash course to this slide deck to repeat basic terminology from statistics (slides 23-38). Please note that statistics is a pre-requisite for this lecture, so we will not repeat these foundations during the lecture, but focus more on their application. Therefore, please look at slides 23-38 to recap and make sure that you are familiar with these fundamentals. Have a great rest of the week and see you on Monday!

Registration in CMS

Written on 20.04.26 by Katharina Krombholz

Dear students,

Thank you very much for coming to the lecture today and thank you also for all the fruitful discussions. It is a pleasure to teach such an inspiring crowd!
Unfortunately, *only half of the registered students* showed up today. Don't worry, attendance is not mandatory, but there is… Read more

Dear students,

Thank you very much for coming to the lecture today and thank you also for all the fruitful discussions. It is a pleasure to teach such an inspiring crowd!
Unfortunately, *only half of the registered students* showed up today. Don't worry, attendance is not mandatory, but there is one thing we are wondering about: do you *really* want to take this course this semester? If not, please let us know as soon as possible. We had some students in class today that did not get a spot and just listened to the lecture without being graded. If you decide to not take this lecture despite getting one of the precious spots, please send us an email as soon as possible, so that we can make sure that someone else can get your spot. 

Many thanks for your collaboration - see you next week!

Welcome to the Lecture!

Written on 10.04.26 by DaƱiel Gerhardt

Dear students,
We have randomly selected 30 students (out of 117) to participate in the lecture. If you are still registered for this course, this means you have a spot in the lecture.

We look forward to seeing you at the first lecture on Monday, 20 April, at 10 am in the CISPA Lecture Hall (Room… Read more

Dear students,
We have randomly selected 30 students (out of 117) to participate in the lecture. If you are still registered for this course, this means you have a spot in the lecture.

We look forward to seeing you at the first lecture on Monday, 20 April, at 10 am in the CISPA Lecture Hall (Room 0.05, Building E9.1). 

Important

We limit the number of students who can participate in this course to 30. We will open the registration on CMS from 7 April 2026, 10 am until 9 April 2026, 10 am.

If the number of registered students exceeds 30 when registration closes, we will randomly select 30 students from all registered students to participate in the course.

Therefore, please sign up only if you really want to stick with this lecture and fulfill all the prerequisites. If you do not meet these prerequisites, you will likely not be able to pass the assignments and the exam.

 

Prerequisites

Foundations of Cybersecurity 1 and 2, or the core lecture Security. Additionally, deep knowledge in statistics (Mathematics for Computer Scientists 2 and/or Statistics Lab)

These are the topics needed to follow this course, and we won't cover them in this lecture.

 

Overview

In this lecture, you will learn about human-centric aspects of IT security. In addition to research and design methods, you will learn about hot topics in usable security, such as authentication, confidentiality, and privacy. In particular, you will learn to

  • design user studies to study how humans interact with security & privacy technology with respect to threat models, 
  • collect, understand, and evaluate qualitative & quantitative data,
  • interpret results and draw conclusions based on your data,
  • design new security and privacy technology that is better tied to the users' needs and values.

 

Please make sure to allocate enough time to prepare for the assignments for this course. Programming skills and profound knowledge of statistics and data analysis are required. If you have not yet completed any security courses, BUT have a strong background in human-computer interaction, psychology, or design, you are still welcome to attend this interdisciplinary lecture. In that case, please get in touch with us to discuss whether this is the right course for you.


Registration

This lecture is limited to 30 students. You can register from 7 April 2026, 10 am until 9 April 2026, 10 am, and we will randomly pick 30 students from those who registered.  

Registration closes: 9 April 2026, 10 am (CMS).

Contact: usablesecurityAL@cispa.de

Please contact us only via this email address and refrain from contacting team members individually.


When & Where?

The lecture will take place on Mondays from 10:00 to 12:00, starting on 20 April 2026. See the calendar for concrete dates. The last lecture will be on 13 July 2026. The final exam will be on 20 July 2026, and the re-exam will be on 17 August 2026.

There will be two office hours in total, one before each in-person assignment.


Locations

Lectures will be in the CISPA Lecture Hall (Room 0.05).

 

Grading

The written exam will determine your grade. You will need more than 60% of the available points to pass this course.

To be admitted to the exam, you will have to pass both in-person assignments by scoring more than 60% of the available points in each assignment.


Assignments

There will be 2 in-person assignments during the lecture period. Passing them is a requirement to be admitted to the exam, meaning you cannot pass the lecture without them.

The assignments will cover the content from the lectures and materials we provide beforehand. We already set the dates, and we expect every student to be there if they want to pass the lecture.

If the dates do not work for you, do not sign up for this course!

Assignment Date Location
Assignment 1 (Qualitative) 15 June 2026 CISPA Lecture Hall (Room 0.05)
Assignment 2 (Quantitative) 06 July 2026 CISPA Lecture Hall (Room 0.05)

 

 

 

 

You must score more than 60% of the available points in each assignment to be admitted for the exam.

 

Office Hours

There will be two office hours in total, each scheduled about a week before each in-person assignment. We will announce the exact times and dates beforehand.

 

Exam

The exam will consist of knowledge questions and scenarios that we expect you to solve. Only those who fail the written exam will be able to take a re-take exam. 

Exam: 20 July 2026, 10 am, CISPA Lecture Hall, Room 0.05

(Mandatory registration in HISPOS LSF before)

 

Lecture Overview & Topics

Please note that this is a tentative timetable. Changes will be announced as news posts. Refer to the timetable on CMS for more details.

Date Topic
(Lecturer)
 20.04.26 Introduction & Qualitative Research Methods
(Katharina Krombholz)
 27.04.26 Quantitative Research Methods
(Katharina Krombholz)
 04.05.26 User Study Design
(Katharina Krombholz)
 11.05.26 Privacy
(Katharina Krombholz)
 18.05.26 Authentication
(Maximilian Golla)
 08.06.26 Authentication
(Maximilian Golla)
 15.06.26 Assignment (Qualitative)
 22.06.26 Social Media and AI Recommender Systems
(Jane Im)

 29.06.26

 Usable Security in Organizations
(Jonas Hielscher)
 06.07.26 Assignment (Quantitative)
 13.07.26 Backup Lecture Slot
(tbd)
 20.07.26 Exam
 17.08.26 Re-Exam

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 









Is this the right course for me?

This course is intended for all computer scientists who would like to take an interdisciplinary perspective on the origins of security vulnerabilities. It will also be of interest to anyone interested in societal discourse about the security and privacy of the systems we interact with. In this course, you will have the chance to conduct interdisciplinary research, including designing user studies and collecting and analyzing data. You will also have to write code and use statistical testing. Please make sure you meet the requirements stated above to determine whether your knowledge is sufficient for this course.

 

Mental Health

Being a student can be challenging and very overwhelming at times. If you need support during times of struggle, reach out to friends, family, or faculty you trust. The student union at UdS also offers a counselling service that you may contact. You do not have to go through this alone! If, for whatever reason (e.g., a personal emergency), you cannot attend the lecture, tutorial, or deliver your work in time, please let us know, and we will make appropriate arrangements.

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.