Publications & Demonstrators

All accepted publications from SPARTA partners under its funding as well as videos presenting some of the work done under SPARTA


Privacy Enhancing Technologies for solving the Privacy-Personalization Paradox

Nesrine Kaaniche, Maryline Laurent and Sana Belguith

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as...More>>

Domains: Privacy, enhancing, technologies, Recommendation, services, Web-search, engines, Pervasive, applications, Location-based, Profile-based, Cryptographic, trends, Secure, communications, Anonymous, certification, Private, information, retrieval, multi-party, computation, Homomorphic, encryption, Trust, models

CFI: Control Flow Integrity or Control Flow Interruption?

Nicoló Maunero, Paolo Prinetto, Gianluca Roascio

Runtime memory vulnerabilities, especially present in widely used languages as C and C++, are exploited by attackers to corrupt code pointers and hijack the execution flow of a program running on a target system to force it to behave abnormally. This is the principle of modern Code Reuse Attacks (CRAs)...More>>

Domains: control, flow

dg2pix: Pixel-Based Visual Analysis of Dynamic Graphs

Eren Cakmak, Dominik Jäckle, Tobias Schreck, Daniel Keim

Presenting long sequences of dynamic graphs remains challenging due to the underlying large-scale and high-dimensional data. We propose dg2pix, a novel pixel-based visualization technique, to visually explore temporal and structural properties in long sequences of large-scale graphs. The approach consists of three main steps: (1) the multiscale modeling of...More>>

Domains: Human-centered, computing, Visualization, Visualization, techniques, Machine, learning, Learning, paradigms, Unsupervised, learning

Multiscale Snapshots: Visual Analysis of Temporal Summaries in Dynamic Graphs

Eren Cakmak, Udo Schlegel, Dominik Jäckle, Daniel Keim, Tobias Schreck

The overview-driven visual analysis of large-scale dynamic graphs poses a major challenge. We propose Multiscale Snapshots, a visual analytics approach to analyze temporal summaries of dynamic graphs at multiple temporal scales. First, we recursively generate temporal summaries to abstract overlapping sequences of graphs into compact snapshots. Second, we apply...More>>

Domains: Dynamic, Graph, Network, Unsupervised, Graph, Learning, Embedding, Multiscale, Visualization

Towards Automating Safety and Security Co-Analysis with Patterns

Yuri Dantas, Antoaneta Kondeva, Vivek Nigam

This article presents the first results towards au-tomating safety and security co-analysis with patterns.

Domains: safety, security, co-analysis, automation

Towards Incremental Safety and Security Requirements Co-Certification

Morgagni Andrea, Massonet Philippe, Dupont Sébastien, Grandclaudon Jeremy

The continuous technological developments andthe growing connectivity of applications and infrastructuresis leading to the new threats to the technological world inparticular to the possibility of considering certain threats inenvironments that were not previously touched by them. Nowthat many safety critical systems are becoming connected,they need to be protected from...More>>

Domains: cybersecurity, safety, certification, require-ments, incremental

Cybersecurity Certification for Agile and Dynamic Software Systems – a Process-Based Approach

Volkmar Lotz

In this extended abstract, we outline an approachfor security certification of products or services for moderncommercial systems that are characterized by agiledevelopment, the integration of development and operations,and high dynamics of system features and structures. Theproposed scheme rather evaluates the processes applied indevelopment and operations than investigates into the...More>>

Domains: security, certification, agile, development, software

Less Manual Work for Safety Engineers: Towards an Automated Safety Reasoning with Safety Patterns

Yuri Dantas, Antoaneta Kondeva, Vivek Nigam

The development of safety-critical systems requires the control of hazards that can potentially cause harm. To this end, safety engineers rely during the development phase on architectural solutions, called safety patterns, such as safety monitors, voters, and watchdogs. The goal of these patterns is to control (identified) faults that...More>>

Domains: Systems, Control;, Cryptography, Security;, Formal, Languages, Automata, Theory;, Logic, in, Computer, Science

Towards Detection of Software Supply Chain Attacks by Forensic Artifacts

Ohm, M., Sykosch, A., Meier, M.

Third-party dependencies may introduce security risks to the software supply chain and hence yield harm to their dependent software. There are many known cases of malicious open source packages posing risks to developers and end users. However, while efforts are made to detect vulnerable open source packages, malicious packages...More>>

Domains: Application, Security, Malware, Supply, Chain, Attack, DevSecOps