--- _id: '64823' abstract: - lang: eng text: "Current legal frameworks enforce that Android developers accurately report the data their apps collect. However, large codebases can make this reporting challenging. This paper employs an empirical approach to understand developers' experience with Google Play Store's Data Safety Section (DSS) form.\r\n\r\nWe first survey 41 Android developers to understand how they categorize privacy-related data into DSS categories and how confident they feel when completing the DSS form. To gain a broader and more detailed view of the challenges developers encounter during the process, we complement the survey with an analysis of 172 online developer discussions, capturing the perspectives of 642 additional developers. Together, these two data sources represent insights from 683 developers.\r\n\r\nOur findings reveal that developers often manually classify the privacy-related data their apps collect into the data categories defined by Google-or, in some cases, omit classification entirely-and rely heavily on existing online resources when completing the form. Moreover, developers are generally confident in recognizing the data their apps collect, yet they lack confidence in translating this knowledge into DSS-compliant disclosures. Key challenges include issues in identifying privacy-relevant data to complete the form, limited understanding of the form, and concerns about app rejection due to discrepancies with Google's privacy requirements.\r\nThese results underscore the need for clearer guidance and more accessible tooling to support developers in meeting privacy-aware reporting obligations. " author: - first_name: Mugdha full_name: Khedkar, Mugdha id: '88024' last_name: Khedkar - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Mohamed Aboubakr Mohamed full_name: Soliman, Mohamed Aboubakr Mohamed id: '102489' last_name: Soliman - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Khedkar M, Schlichtig M, Soliman MAM, Bodden E. Challenges in Android Data Disclosure: An Empirical Study. In: Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’26). Association for Computing Machinery, New York, NY, USA, 65–68. ; 2026.' apa: 'Khedkar, M., Schlichtig, M., Soliman, M. A. M., & Bodden, E. (2026). Challenges in Android Data Disclosure: An Empirical Study. Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’26). Association for Computing Machinery, New York, NY, USA, 65–68. 13th International Conference on Mobile Software Engineering and Systems 2024, Rio de Janeiro, Brazil.' bibtex: '@inproceedings{Khedkar_Schlichtig_Soliman_Bodden_2026, title={Challenges in Android Data Disclosure: An Empirical Study.}, booktitle={Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’26). Association for Computing Machinery, New York, NY, USA, 65–68.}, author={Khedkar, Mugdha and Schlichtig, Michael and Soliman, Mohamed Aboubakr Mohamed and Bodden, Eric}, year={2026} }' chicago: 'Khedkar, Mugdha, Michael Schlichtig, Mohamed Aboubakr Mohamed Soliman, and Eric Bodden. “Challenges in Android Data Disclosure: An Empirical Study.” In Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’26). Association for Computing Machinery, New York, NY, USA, 65–68., 2026.' ieee: 'M. Khedkar, M. Schlichtig, M. A. M. Soliman, and E. Bodden, “Challenges in Android Data Disclosure: An Empirical Study.,” presented at the 13th International Conference on Mobile Software Engineering and Systems 2024, Rio de Janeiro, Brazil, 2026.' mla: 'Khedkar, Mugdha, et al. “Challenges in Android Data Disclosure: An Empirical Study.” Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’26). Association for Computing Machinery, New York, NY, USA, 65–68., 2026.' short: 'M. Khedkar, M. Schlichtig, M.A.M. Soliman, E. Bodden, in: Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’26). Association for Computing Machinery, New York, NY, USA, 65–68., 2026.' conference: end_date: 2026-04-18 location: Rio de Janeiro, Brazil name: 13th International Conference on Mobile Software Engineering and Systems 2024 start_date: 2026-04-12 date_created: 2026-03-04T08:10:43Z date_updated: 2026-03-13T12:10:10Z department: - _id: '76' external_id: arxiv: - '2601.20459' keyword: - static analysis - data collection - data protection - privacy-aware reporting language: - iso: eng publication: Proceedings of the IEEE/ACM 13th International Conference on Mobile Software Engineering and Systems (MOBILESoft '26). Association for Computing Machinery, New York, NY, USA, 65–68. status: public title: 'Challenges in Android Data Disclosure: An Empirical Study.' type: conference user_id: '88024' year: '2026' ... --- _id: '64821' article_number: '56' author: - first_name: Mugdha full_name: Khedkar, Mugdha id: '88024' last_name: Khedkar - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Nihad full_name: Atakishiyev, Nihad last_name: Atakishiyev - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Khedkar M, Schlichtig M, Atakishiyev N, Bodden E. Between Law and Code: Challenges and Opportunities for Automating Privacy Assessments. Automated Software Engineering . 2026;33(2). doi:10.1007/s10515-026-00601-4' apa: 'Khedkar, M., Schlichtig, M., Atakishiyev, N., & Bodden, E. (2026). Between Law and Code: Challenges and Opportunities for Automating Privacy Assessments. Automated Software Engineering , 33(2), Article 56. https://doi.org/10.1007/s10515-026-00601-4' bibtex: '@article{Khedkar_Schlichtig_Atakishiyev_Bodden_2026, title={Between Law and Code: Challenges and Opportunities for Automating Privacy Assessments}, volume={33}, DOI={10.1007/s10515-026-00601-4}, number={256}, journal={Automated Software Engineering }, publisher={Springer US}, author={Khedkar, Mugdha and Schlichtig, Michael and Atakishiyev, Nihad and Bodden, Eric}, year={2026} }' chicago: 'Khedkar, Mugdha, Michael Schlichtig, Nihad Atakishiyev, and Eric Bodden. “Between Law and Code: Challenges and Opportunities for Automating Privacy Assessments.” Automated Software Engineering 33, no. 2 (2026). https://doi.org/10.1007/s10515-026-00601-4.' ieee: 'M. Khedkar, M. Schlichtig, N. Atakishiyev, and E. Bodden, “Between Law and Code: Challenges and Opportunities for Automating Privacy Assessments,” Automated Software Engineering , vol. 33, no. 2, Art. no. 56, 2026, doi: 10.1007/s10515-026-00601-4.' mla: 'Khedkar, Mugdha, et al. “Between Law and Code: Challenges and Opportunities for Automating Privacy Assessments.” Automated Software Engineering , vol. 33, no. 2, 56, Springer US, 2026, doi:10.1007/s10515-026-00601-4.' short: M. Khedkar, M. Schlichtig, N. Atakishiyev, E. Bodden, Automated Software Engineering 33 (2026). date_created: 2026-03-04T08:03:14Z date_updated: 2026-03-13T12:10:38Z department: - _id: '76' doi: 10.1007/s10515-026-00601-4 intvolume: ' 33' issue: '2' language: - iso: eng publication: 'Automated Software Engineering ' publication_identifier: unknown: - 1573-7535 publisher: Springer US status: public title: 'Between Law and Code: Challenges and Opportunities for Automating Privacy Assessments' type: journal_article user_id: '88024' volume: 33 year: '2026' ... --- _id: '64909' author: - first_name: Mugdha full_name: Khedkar, Mugdha id: '88024' last_name: Khedkar - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Khedkar M, Schlichtig M, Bodden E. Source Code-Driven GDPR Documentation: Supporting RoPA with Assessor View. In: IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2026). ; 2026.' apa: 'Khedkar, M., Schlichtig, M., & Bodden, E. (2026). Source Code-Driven GDPR Documentation: Supporting RoPA with Assessor View. IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2026).' bibtex: '@inproceedings{Khedkar_Schlichtig_Bodden_2026, title={Source Code-Driven GDPR Documentation: Supporting RoPA with Assessor View}, booktitle={IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2026)}, author={Khedkar, Mugdha and Schlichtig, Michael and Bodden, Eric}, year={2026} }' chicago: 'Khedkar, Mugdha, Michael Schlichtig, and Eric Bodden. “Source Code-Driven GDPR Documentation: Supporting RoPA with Assessor View.” In IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2026), 2026.' ieee: 'M. Khedkar, M. Schlichtig, and E. Bodden, “Source Code-Driven GDPR Documentation: Supporting RoPA with Assessor View,” 2026.' mla: 'Khedkar, Mugdha, et al. “Source Code-Driven GDPR Documentation: Supporting RoPA with Assessor View.” IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2026), 2026.' short: 'M. Khedkar, M. Schlichtig, E. Bodden, in: IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2026), 2026.' date_created: 2026-03-13T12:16:09Z date_updated: 2026-03-13T12:17:01Z department: - _id: '76' language: - iso: eng main_file_link: - url: https://mugdhak30.github.io/assets/Preprints/RoPA_SANER2026.pdf publication: IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2026) status: public title: 'Source Code-Driven GDPR Documentation: Supporting RoPA with Assessor View' type: conference user_id: '88024' year: '2026' ... --- _id: '65017' abstract: - lang: eng text: Static Application Security Testing (SAST) tools play a vital role in modern software development by automatically detecting potential vulnerabilities in source code. However, their effectiveness is often limited by a high rate of false positives, which wastes developer's effort and undermines trust in automated analysis. This work presents a Graph Convolutional Network (GCN) model designed to predict SAST reports as true and false positive. The model leverages Code Property Graphs (CPGs) constructed from static analysis results to capture both, structural and semantic relationships within code. Trained on the CamBenchCAP dataset, the model achieved an accuracy of 100% on the test set using an 80/20 train-test split. Evaluation on the CryptoAPI-Bench benchmark further demonstrated the model's practical applicability, reaching an overall accuracy of up to 96.6%. A detailed qualitative inspection revealed that many cases marked as misclassifications corresponded to genuine security weaknesses, indicating that the model effectively reflects conservative, security-aware reasoning. Identified limitations include incomplete control-flow representation due to missing interprocedural connections. Future work will focus on integrating call graphs, applying graph explainability techniques, and extending training data across multiple SAST tools to improve generalization and interpretability. author: - first_name: Tom full_name: Ohlmer, Tom last_name: Ohlmer - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Ohlmer T, Schlichtig M, Bodden E. FP-Predictor - False Positive Prediction for Static Analysis Reports. arXiv:260310558. Published online 2026. apa: Ohlmer, T., Schlichtig, M., & Bodden, E. (2026). FP-Predictor - False Positive Prediction for Static Analysis Reports. In arXiv:2603.10558. bibtex: '@article{Ohlmer_Schlichtig_Bodden_2026, title={FP-Predictor - False Positive Prediction for Static Analysis Reports}, journal={arXiv:2603.10558}, author={Ohlmer, Tom and Schlichtig, Michael and Bodden, Eric}, year={2026} }' chicago: Ohlmer, Tom, Michael Schlichtig, and Eric Bodden. “FP-Predictor - False Positive Prediction for Static Analysis Reports.” ArXiv:2603.10558, 2026. ieee: T. Ohlmer, M. Schlichtig, and E. Bodden, “FP-Predictor - False Positive Prediction for Static Analysis Reports,” arXiv:2603.10558. 2026. mla: Ohlmer, Tom, et al. “FP-Predictor - False Positive Prediction for Static Analysis Reports.” ArXiv:2603.10558, 2026. short: T. Ohlmer, M. Schlichtig, E. Bodden, ArXiv:2603.10558 (2026). date_created: 2026-03-16T17:38:33Z date_updated: 2026-03-16T17:40:31Z department: - _id: '76' external_id: arxiv: - '2603.10558' language: - iso: eng publication: arXiv:2603.10558 status: public title: FP-Predictor - False Positive Prediction for Static Analysis Reports type: preprint user_id: '32312' year: '2026' ... --- _id: '65030' author: - first_name: Luis full_name: Amaral, Luis last_name: Amaral - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Wagner full_name: Emanuel, Wagner last_name: Emanuel - first_name: Joilton full_name: Almeida, Joilton last_name: Almeida - first_name: Carine full_name: Ferreira, Carine last_name: Ferreira - first_name: Jérôme full_name: Kempf, Jérôme last_name: Kempf - first_name: Rodrigo full_name: Bonifácio, Rodrigo last_name: Bonifácio - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Laerte full_name: Peotta, Laerte last_name: Peotta - first_name: Gustavo full_name: Pinto, Gustavo last_name: Pinto - first_name: Márcio full_name: Ribeiro, Márcio last_name: Ribeiro citation: ama: 'Amaral L, Schlichtig M, Emanuel W, et al. From Legacy Designs to Vulnerability Fixes: Understanding SAST Adoption in Non-Technological Companies. In: 2026 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). ; 2026.' apa: 'Amaral, L., Schlichtig, M., Emanuel, W., Almeida, J., Ferreira, C., Kempf, J., Bonifácio, R., Bodden, E., Peotta, L., Pinto, G., & Ribeiro, M. (2026). From Legacy Designs to Vulnerability Fixes: Understanding SAST Adoption in Non-Technological Companies. 2026 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER).' bibtex: '@inproceedings{Amaral_Schlichtig_Emanuel_Almeida_Ferreira_Kempf_Bonifácio_Bodden_Peotta_Pinto_et al._2026, title={From Legacy Designs to Vulnerability Fixes: Understanding SAST Adoption in Non-Technological Companies}, booktitle={2026 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Amaral, Luis and Schlichtig, Michael and Emanuel, Wagner and Almeida, Joilton and Ferreira, Carine and Kempf, Jérôme and Bonifácio, Rodrigo and Bodden, Eric and Peotta, Laerte and Pinto, Gustavo and et al.}, year={2026} }' chicago: 'Amaral, Luis, Michael Schlichtig, Wagner Emanuel, Joilton Almeida, Carine Ferreira, Jérôme Kempf, Rodrigo Bonifácio, et al. “From Legacy Designs to Vulnerability Fixes: Understanding SAST Adoption in Non-Technological Companies.” In 2026 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2026.' ieee: 'L. Amaral et al., “From Legacy Designs to Vulnerability Fixes: Understanding SAST Adoption in Non-Technological Companies,” 2026.' mla: 'Amaral, Luis, et al. “From Legacy Designs to Vulnerability Fixes: Understanding SAST Adoption in Non-Technological Companies.” 2026 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2026.' short: 'L. Amaral, M. Schlichtig, W. Emanuel, J. Almeida, C. Ferreira, J. Kempf, R. Bonifácio, E. Bodden, L. Peotta, G. Pinto, M. Ribeiro, in: 2026 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2026.' date_created: 2026-03-17T11:59:09Z date_updated: 2026-03-17T12:02:14Z department: - _id: '76' language: - iso: eng publication: 2026 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) status: public title: 'From Legacy Designs to Vulnerability Fixes: Understanding SAST Adoption in Non-Technological Companies' type: conference user_id: '32312' year: '2026' ... --- _id: '65018' abstract: - lang: eng text: "Android applications collecting data from users must protect it according to the current legal frameworks. Such data protection has become even more important since in 2018 the European Union rolled out the General Data Protection Regulation (GDPR). Since app developers are not legal experts, they find it difficult to integrate privacy-aware practices into source code development. Despite these legal obligations, developers have limited tool support to reason about data protection throughout their app development process.\r\n This paper explores the use of static program slicing and software visualization to analyze privacy-relevant data flows in Android apps. We introduce SliceViz, a web tool that analyzes an Android app by slicing all privacy-relevant data sources detected in the source code on the back-end. It then helps developers by visualizing these privacy-relevant program slices.\r\n We conducted a user study with 12 participants demonstrating that SliceViz effectively aids developers in identifying privacy-relevant properties in Android apps.\r\n Our findings indicate that program slicing can be employed to identify and reason about privacy-relevant data flows in Android applications. With further usability improvements, developers can be better equipped to handle privacy-sensitive information." author: - first_name: Mugdha full_name: Khedkar, Mugdha id: '88024' last_name: Khedkar - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Santhosh full_name: Mohan, Santhosh last_name: Mohan - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Khedkar M, Schlichtig M, Mohan S, Bodden E. Visualizing Privacy-Relevant Data Flows in Android Applications. arXiv:250316640. Published online 2025. apa: Khedkar, M., Schlichtig, M., Mohan, S., & Bodden, E. (2025). Visualizing Privacy-Relevant Data Flows in Android Applications. In arXiv:2503.16640. bibtex: '@article{Khedkar_Schlichtig_Mohan_Bodden_2025, title={Visualizing Privacy-Relevant Data Flows in Android Applications}, journal={arXiv:2503.16640}, author={Khedkar, Mugdha and Schlichtig, Michael and Mohan, Santhosh and Bodden, Eric}, year={2025} }' chicago: Khedkar, Mugdha, Michael Schlichtig, Santhosh Mohan, and Eric Bodden. “Visualizing Privacy-Relevant Data Flows in Android Applications.” ArXiv:2503.16640, 2025. ieee: M. Khedkar, M. Schlichtig, S. Mohan, and E. Bodden, “Visualizing Privacy-Relevant Data Flows in Android Applications,” arXiv:2503.16640. 2025. mla: Khedkar, Mugdha, et al. “Visualizing Privacy-Relevant Data Flows in Android Applications.” ArXiv:2503.16640, 2025. short: M. Khedkar, M. Schlichtig, S. Mohan, E. Bodden, ArXiv:2503.16640 (2025). date_created: 2026-03-16T17:39:12Z date_updated: 2026-03-16T17:40:56Z department: - _id: '76' external_id: arxiv: - '2503.16640' language: - iso: eng publication: arXiv:2503.16640 status: public title: Visualizing Privacy-Relevant Data Flows in Android Applications type: preprint user_id: '32312' year: '2025' ... --- _id: '52663' abstract: - lang: eng text: "Context\r\nStatic analyses are well-established to aid in understanding bugs or vulnerabilities during the development process or in large-scale studies. A low false-positive rate is essential for the adaption in practice and for precise results of empirical studies. Unfortunately, static analyses tend to report where a vulnerability manifests rather than the fix location. This can cause presumed false positives or imprecise results.\r\nMethod\r\nTo address this problem, we designed an adaption of an existing static analysis algorithm that can distinguish between a manifestation and fix location, and reports error chains. An error chain represents at least two interconnected errors that occur successively, thus building the connection between the fix and manifestation location. We used our tool CogniCryptSUBS for a case study on 471 GitHub repositories, a performance benchmark to compare different analysis configurations, and conducted an expert interview.\r\nResult\r\nWe found that 50 % of the projects with a report had at least one error chain. Our runtime benchmark demonstrated that our improvement caused only a minimal runtime overhead of less than 4 %. The results of our expert interview indicate that with our adapted version participants require fewer executions of the analysis.\r\nConclusion\r\nOur results indicate that error chains occur frequently in real-world projects, and ignoring them can lead to imprecise evaluation results. The runtime benchmark indicates that our tool is a feasible and efficient solution for detecting error chains in real-world projects. Further, our results gave a hint that the usability of static analyses may benefit from supporting error chains." author: - first_name: Anna-Katharina full_name: Wickert, Anna-Katharina last_name: Wickert - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Marvin full_name: Vogel, Marvin last_name: Vogel - first_name: Lukas full_name: Winter, Lukas last_name: Winter - first_name: Mira full_name: Mezini, Mira last_name: Mezini - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Wickert A-K, Schlichtig M, Vogel M, Winter L, Mezini M, Bodden E. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability.; 2024. apa: Wickert, A.-K., Schlichtig, M., Vogel, M., Winter, L., Mezini, M., & Bodden, E. (2024). Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability. bibtex: '@book{Wickert_Schlichtig_Vogel_Winter_Mezini_Bodden_2024, title={Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability}, author={Wickert, Anna-Katharina and Schlichtig, Michael and Vogel, Marvin and Winter, Lukas and Mezini, Mira and Bodden, Eric}, year={2024} }' chicago: Wickert, Anna-Katharina, Michael Schlichtig, Marvin Vogel, Lukas Winter, Mira Mezini, and Eric Bodden. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability, 2024. ieee: A.-K. Wickert, M. Schlichtig, M. Vogel, L. Winter, M. Mezini, and E. Bodden, Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability. 2024. mla: Wickert, Anna-Katharina, et al. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability. 2024. short: A.-K. Wickert, M. Schlichtig, M. Vogel, L. Winter, M. Mezini, E. Bodden, Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability, 2024. date_created: 2024-03-20T09:28:36Z date_updated: 2024-03-20T09:32:29Z department: - _id: '76' keyword: - Static analysis - error chains - false positive re- duction - empirical studies language: - iso: eng main_file_link: - url: https://arxiv.org/abs/2403.07808 status: public title: Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability type: misc user_id: '32312' year: '2024' ... --- _id: '56140' abstract: - lang: eng text: " Android apps collecting data from users must comply with legal frameworks to ensure data protection. This requirement has become even more important since the implementation of the General Data Protection Regulation (GDPR) by the European Union in 2018. Moreover, with the proposed Cyber Resilience Act on the horizon, stakeholders will soon need to assess software against even more stringent security and privacy standards. Effective privacy assessments require collaboration among groups with diverse expertise to function effectively as a cohesive unit.\r\n \ This paper motivates the need for an automated approach that enhances understanding of data protection in Android apps and improves communication between the various parties involved in privacy assessments. We propose the Assessor View, a tool designed to bridge the knowledge gap between these parties, facilitating more effective privacy assessments of Android applications. " author: - first_name: Mugdha full_name: Khedkar, Mugdha id: '88024' last_name: Khedkar - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Khedkar M, Schlichtig M, Bodden E. Advancing Android Privacy Assessments with Automation. In: In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24). ; 2024. doi:10.1145/3691621.3694953' apa: Khedkar, M., Schlichtig, M., & Bodden, E. (2024). Advancing Android Privacy Assessments with Automation. In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24). 39th IEEE/ACM International Conference on Automated Software Engineering (ASE 2024), Sacramento, California. https://doi.org/10.1145/3691621.3694953 bibtex: '@inproceedings{Khedkar_Schlichtig_Bodden_2024, title={Advancing Android Privacy Assessments with Automation}, DOI={10.1145/3691621.3694953}, booktitle={In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24)}, author={Khedkar, Mugdha and Schlichtig, Michael and Bodden, Eric}, year={2024} }' chicago: Khedkar, Mugdha, Michael Schlichtig, and Eric Bodden. “Advancing Android Privacy Assessments with Automation.” In In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24), 2024. https://doi.org/10.1145/3691621.3694953. ieee: 'M. Khedkar, M. Schlichtig, and E. Bodden, “Advancing Android Privacy Assessments with Automation,” presented at the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE 2024), Sacramento, California, 2024, doi: 10.1145/3691621.3694953.' mla: Khedkar, Mugdha, et al. “Advancing Android Privacy Assessments with Automation.” In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24), 2024, doi:10.1145/3691621.3694953. short: 'M. Khedkar, M. Schlichtig, E. Bodden, in: In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24), 2024.' conference: end_date: 2024-11-01 location: Sacramento, California name: 39th IEEE/ACM International Conference on Automated Software Engineering (ASE 2024) start_date: 2024-10-27 date_created: 2024-09-16T08:55:34Z date_updated: 2026-03-13T12:12:45Z ddc: - '000' department: - _id: '76' doi: 10.1145/3691621.3694953 external_id: arxiv: - '2409.06564' file: - access_level: closed content_type: application/pdf creator: khedkarm date_created: 2024-09-16T08:55:23Z date_updated: 2024-09-16T08:55:23Z file_id: '56141' file_name: 2409.06564v1.pdf file_size: 1207856 relation: main_file success: 1 file_date_updated: 2024-09-16T08:55:23Z has_accepted_license: '1' language: - iso: eng publication: In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24) status: public title: Advancing Android Privacy Assessments with Automation type: conference user_id: '32312' year: '2024' ... --- _id: '52662' abstract: - lang: eng text: Static analysis tools support developers in detecting potential coding issues, such as bugs or vulnerabilities. Research emphasizes technical challenges of such tools but also mentions severe usability shortcomings. These shortcomings hinder the adoption of static analysis tools, and user dissatisfaction may even lead to tool abandonment. To comprehensively assess the state of the art, we present the first systematic usability evaluation of a wide range of static analysis tools. We derived a set of 36 relevant criteria from the literature and used them to evaluate a total of 46 static analysis tools complying with our inclusion and exclusion criteria - a representative set of mainly non-proprietary tools. The evaluation against the usability criteria in a multiple-raters approach shows that two thirds of the considered tools off er poor warning messages, while about three-quarters provide hardly any fix support. Furthermore, the integration of user knowledge is strongly neglected, which could be used for instance, to improve handling of false positives. Finally, issues regarding workflow integration and specialized user interfaces are revealed. These findings should prove useful in guiding and focusing further research and development in user experience for static code analyses. author: - first_name: Marcus full_name: Nachtigall, Marcus id: '41213' last_name: Nachtigall - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Nachtigall M, Schlichtig M, Bodden E. Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:95–96.' apa: Nachtigall, M., Schlichtig, M., & Bodden, E. (2023). Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale. In Software Engineering 2023 (pp. 95–96). Gesellschaft für Informatik e.V. bibtex: '@inbook{Nachtigall_Schlichtig_Bodden_2023, place={Bonn}, title={Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2023}, pages={95–96} }' chicago: 'Nachtigall, Marcus, Michael Schlichtig, and Eric Bodden. “Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale.” In Software Engineering 2023, 95–96. Bonn: Gesellschaft für Informatik e.V., 2023.' ieee: 'M. Nachtigall, M. Schlichtig, and E. Bodden, “Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale,” in Software Engineering 2023, Bonn: Gesellschaft für Informatik e.V., 2023, pp. 95–96.' mla: Nachtigall, Marcus, et al. “Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale.” Software Engineering 2023, Gesellschaft für Informatik e.V., 2023, pp. 95–96. short: 'M. Nachtigall, M. Schlichtig, E. Bodden, in: Software Engineering 2023, Gesellschaft für Informatik e.V., Bonn, 2023, pp. 95–96.' date_created: 2024-03-20T09:26:29Z date_updated: 2024-03-20T09:27:41Z department: - _id: '76' keyword: - Automated static analysis - Software usability language: - iso: eng main_file_link: - url: https://dl.gi.de/items/5afe477f-2f6a-4b3d-b391-f024baf0b7a5 page: 95–96 place: Bonn publication: Software Engineering 2023 publication_identifier: isbn: - 978-3-88579-726-5 publisher: Gesellschaft für Informatik e.V. status: public title: Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale type: book_chapter user_id: '32312' year: '2023' ... --- _id: '52660' abstract: - lang: eng text: Application Programming Interfaces (APIs) are the primary mechanism developers use to obtain access to third-party algorithms and services. Unfortunately, APIs can be misused, which can have catastrophic consequences, especially if the APIs provide security-critical functionalities like cryptography. Understanding what API misuses are, and how they are caused, is important to prevent them, eg, with API misuse detectors. However, definitions for API misuses and related terms in literature vary. This paper presents a systematic literature review to clarify these terms and introduces FUM, a novel Framework for API Usage constraint and Misuse classification. The literature review revealed that API misuses are violations of API usage constraints. To address this, we provide unified definitions and use them to derive FUM. To assess the extent to which FUM aids in determining and guiding the improvement of an API misuses detector’s capabilities, we performed a case study on the state-of the-art misuse detection tool CogniCrypt. The study showed that FUM can be used to properly assess CogniCrypt’s capabilities, identify weaknesses and assist in deriving mitigations and improvements. author: - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Steffen full_name: Sassalla, Steffen last_name: Sassalla - first_name: Krishna full_name: Narasimhan, Krishna last_name: Narasimhan - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Schlichtig M, Sassalla S, Narasimhan K, Bodden E. Introducing FUM: A Framework for API Usage Constraint and Misuse Classification. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:105–106.' apa: 'Schlichtig, M., Sassalla, S., Narasimhan, K., & Bodden, E. (2023). Introducing FUM: A Framework for API Usage Constraint and Misuse Classification. In Software Engineering 2023 (pp. 105–106). Gesellschaft für Informatik e.V.' bibtex: '@inbook{Schlichtig_Sassalla_Narasimhan_Bodden_2023, place={Bonn}, title={Introducing FUM: A Framework for API Usage Constraint and Misuse Classification}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2023}, pages={105–106} }' chicago: 'Schlichtig, Michael, Steffen Sassalla, Krishna Narasimhan, and Eric Bodden. “Introducing FUM: A Framework for API Usage Constraint and Misuse Classification.” In Software Engineering 2023, 105–106. Bonn: Gesellschaft für Informatik e.V., 2023.' ieee: 'M. Schlichtig, S. Sassalla, K. Narasimhan, and E. Bodden, “Introducing FUM: A Framework for API Usage Constraint and Misuse Classification,” in Software Engineering 2023, Bonn: Gesellschaft für Informatik e.V., 2023, pp. 105–106.' mla: 'Schlichtig, Michael, et al. “Introducing FUM: A Framework for API Usage Constraint and Misuse Classification.” Software Engineering 2023, Gesellschaft für Informatik e.V., 2023, pp. 105–106.' short: 'M. Schlichtig, S. Sassalla, K. Narasimhan, E. Bodden, in: Software Engineering 2023, Gesellschaft für Informatik e.V., Bonn, 2023, pp. 105–106.' date_created: 2024-03-20T09:22:27Z date_updated: 2024-03-20T09:25:46Z department: - _id: '76' keyword: - API misuses API usage constraints - classification framework - API misuse detection - static analysis language: - iso: eng main_file_link: - url: https://dl.gi.de/items/c4825557-cf3d-4038-933a-d8f95fd324a2 page: 105–106 place: Bonn publication: Software Engineering 2023 publication_identifier: isbn: - 978-3-88579-726-5 publisher: Gesellschaft für Informatik e.V. status: public title: 'Introducing FUM: A Framework for API Usage Constraint and Misuse Classification' type: book_chapter user_id: '32312' year: '2023' ... --- _id: '32409' abstract: - lang: eng text: 'Context: Cryptographic APIs are often misused in real-world applications. Therefore, many cryptographic API misuse detection tools have been introduced. However, there exists no established reference benchmark for a fair and comprehensive comparison and evaluation of these tools. While there are benchmarks, they often only address a subset of the domain or were only used to evaluate a subset of existing misuse detection tools. Objective: To fairly compare cryptographic API misuse detection tools and to drive future development in this domain, we will devise such a benchmark. Openness and transparency in the generation process are key factors to fairly generate and establish the needed benchmark. Method: We propose an approach where we derive the benchmark generation methodology from the literature which consists of general best practices in benchmarking and domain-specific benchmark generation. A part of this methodology is transparency and openness of the generation process, which is achieved by pre-registering this work. Based on our methodology we design CamBench, a fair "Cryptographic API Misuse Detection Tool Benchmark Suite". We will implement the first version of CamBench limiting the domain to Java, the JCA, and static analyses. Finally, we will use CamBench to compare current misuse detection tools and compare CamBench to related benchmarks of its domain.' author: - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Anna-Katharina full_name: Wickert, Anna-Katharina last_name: Wickert - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Mira full_name: Mezini, Mira last_name: Mezini citation: ama: Schlichtig M, Wickert A-K, Krüger S, Bodden E, Mezini M. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite.; 2022. doi:10.48550/ARXIV.2204.06447 apa: Schlichtig, M., Wickert, A.-K., Krüger, S., Bodden, E., & Mezini, M. (2022). CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite. https://doi.org/10.48550/ARXIV.2204.06447 bibtex: '@book{Schlichtig_Wickert_Krüger_Bodden_Mezini_2022, title={CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite}, DOI={10.48550/ARXIV.2204.06447}, author={Schlichtig, Michael and Wickert, Anna-Katharina and Krüger, Stefan and Bodden, Eric and Mezini, Mira}, year={2022} }' chicago: Schlichtig, Michael, Anna-Katharina Wickert, Stefan Krüger, Eric Bodden, and Mira Mezini. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite, 2022. https://doi.org/10.48550/ARXIV.2204.06447. ieee: M. Schlichtig, A.-K. Wickert, S. Krüger, E. Bodden, and M. Mezini, CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite. 2022. mla: Schlichtig, Michael, et al. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite. 2022, doi:10.48550/ARXIV.2204.06447. short: M. Schlichtig, A.-K. Wickert, S. Krüger, E. Bodden, M. Mezini, CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite, 2022. date_created: 2022-07-25T07:56:59Z date_updated: 2022-07-25T10:23:44Z department: - _id: '76' doi: 10.48550/ARXIV.2204.06447 keyword: - cryptography - benchmark - API misuse - static analysis language: - iso: eng related_material: link: - relation: confirmation url: https://arxiv.org/abs/2204.06447 status: public title: CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite type: misc user_id: '32312' year: '2022' ... --- _id: '32410' abstract: - lang: eng text: "Static analysis tools support developers in detecting potential coding issues, such as bugs or vulnerabilities. Research on static analysis emphasizes its technical challenges but also mentions severe usability shortcomings. These shortcomings hinder the adoption of static analysis tools, and in some cases, user dissatisfaction even leads to tool abandonment.\r\nTo comprehensively assess the current state of the art, this paper presents the first systematic usability evaluation in a wide range of static analysis tools. We derived a set of 36 relevant criteria from the scientific literature and gathered a collection of 46 static analysis tools complying with our inclusion and exclusion criteria - a representative set of mainly non-proprietary tools. Then, we evaluated how well these tools fulfill the aforementioned criteria.\r\nThe evaluation shows that more than half of the considered tools offer poor warning messages, while about three-quarters of the tools provide hardly any fix support. Furthermore, the integration of user knowledge is strongly neglected, which could be used for improved handling of false positives and tuning the results for the corresponding developer. Finally, issues regarding workflow integration and specialized user interfaces are proved further.\r\nThese findings should prove useful in guiding and focusing further research and development in the area of user experience for static code analyses." author: - first_name: Marcus full_name: Nachtigall, Marcus id: '41213' last_name: Nachtigall - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Nachtigall M, Schlichtig M, Bodden E. A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools. In: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis. ACM; 2022:532-543. doi:10.1145/3533767' apa: Nachtigall, M., Schlichtig, M., & Bodden, E. (2022). A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools. Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, 532–543. https://doi.org/10.1145/3533767 bibtex: '@inproceedings{Nachtigall_Schlichtig_Bodden_2022, title={A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools}, DOI={10.1145/3533767}, booktitle={Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis}, publisher={ACM}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2022}, pages={532–543} }' chicago: Nachtigall, Marcus, Michael Schlichtig, and Eric Bodden. “A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools.” In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, 532–43. ACM, 2022. https://doi.org/10.1145/3533767. ieee: 'M. Nachtigall, M. Schlichtig, and E. Bodden, “A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools,” in Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, 2022, pp. 532–543, doi: 10.1145/3533767.' mla: Nachtigall, Marcus, et al. “A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools.” Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, ACM, 2022, pp. 532–43, doi:10.1145/3533767. short: 'M. Nachtigall, M. Schlichtig, E. Bodden, in: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, ACM, 2022, pp. 532–543.' date_created: 2022-07-25T08:02:36Z date_updated: 2022-07-26T11:42:23Z department: - _id: '76' doi: 10.1145/3533767 keyword: - Automated static analysis - Software usability language: - iso: eng page: 532 - 543 publication: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis publication_identifier: isbn: - '9781450393799' publication_status: published publisher: ACM quality_controlled: '1' related_material: link: - relation: confirmation url: https://dl.acm.org/doi/10.1145/3533767.3534374 status: public title: A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools type: conference user_id: '32312' year: '2022' ... --- _id: '31133' abstract: - lang: eng text: Application Programming Interfaces (APIs) are the primary mechanism that developers use to obtain access to third-party algorithms and services. Unfortunately, APIs can be misused, which can have catastrophic consequences, especially if the APIs provide security-critical functionalities like cryptography. Understanding what API misuses are, and for what reasons they are caused, is important to prevent them, e.g., with API misuse detectors. However, definitions and nominations for API misuses and related terms in literature vary and are diverse. This paper addresses the problem of scattered knowledge and definitions of API misuses by presenting a systematic literature review on the subject and introducing FUM, a novel Framework for API Usage constraint and Misuse classification. The literature review revealed that API misuses are violations of API usage constraints. To capture this, we provide unified definitions and use them to derive FUM. To assess the extent to which FUM aids in determining and guiding the improvement of an API misuses detectors' capabilities, we performed a case study on CogniCrypt, a state-of-the-art misuse detector for cryptographic APIs. The study showed that FUM can be used to properly assess CogniCrypt's capabilities, identify weaknesses and assist in deriving mitigations and improvements. And it appears that also more generally FUM can aid the development and improvement of misuse detection tools. author: - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Steffen full_name: Sassalla, Steffen last_name: Sassalla - first_name: Krishna full_name: Narasimhan, Krishna last_name: Narasimhan - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Schlichtig M, Sassalla S, Narasimhan K, Bodden E. FUM - A Framework for API Usage constraint and Misuse Classification. In: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). ; 2022:673-684. doi:https://doi.org/10.1109/SANER53432.2022.00085' apa: Schlichtig, M., Sassalla, S., Narasimhan, K., & Bodden, E. (2022). FUM - A Framework for API Usage constraint and Misuse Classification. 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 673–684. https://doi.org/10.1109/SANER53432.2022.00085 bibtex: '@inproceedings{Schlichtig_Sassalla_Narasimhan_Bodden_2022, title={FUM - A Framework for API Usage constraint and Misuse Classification}, DOI={https://doi.org/10.1109/SANER53432.2022.00085}, booktitle={2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2022}, pages={673–684} }' chicago: Schlichtig, Michael, Steffen Sassalla, Krishna Narasimhan, and Eric Bodden. “FUM - A Framework for API Usage Constraint and Misuse Classification.” In 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 673–84, 2022. https://doi.org/10.1109/SANER53432.2022.00085. ieee: 'M. Schlichtig, S. Sassalla, K. Narasimhan, and E. Bodden, “FUM - A Framework for API Usage constraint and Misuse Classification,” in 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2022, pp. 673–684, doi: https://doi.org/10.1109/SANER53432.2022.00085.' mla: Schlichtig, Michael, et al. “FUM - A Framework for API Usage Constraint and Misuse Classification.” 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2022, pp. 673–84, doi:https://doi.org/10.1109/SANER53432.2022.00085. short: 'M. Schlichtig, S. Sassalla, K. Narasimhan, E. Bodden, in: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2022, pp. 673–684.' date_created: 2022-05-09T13:04:10Z date_updated: 2022-07-26T11:42:30Z department: - _id: '76' doi: https://doi.org/10.1109/SANER53432.2022.00085 keyword: - API misuses - API usage constraints - classification framework - API misuse detection - static analysis language: - iso: eng page: 673 - 684 publication: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) quality_controlled: '1' related_material: link: - relation: confirmation url: https://ieeexplore.ieee.org/document/9825763 status: public title: FUM - A Framework for API Usage constraint and Misuse Classification type: conference user_id: '32312' year: '2022' ... --- _id: '33959' abstract: - lang: eng text: Recent studies have revealed that 87 % to 96 % of the Android apps using cryptographic APIs have a misuse which may cause security vulnerabilities. As previous studies did not conduct a qualitative examination of the validity and severity of the findings, our objective was to understand the findings in more depth. We analyzed a set of 936 open-source Java applications for cryptographic misuses. Our study reveals that 88.10 % of the analyzed applications fail to use cryptographic APIs securely. Through our manual analysis of a random sample, we gained new insights into effective false positives. For example, every fourth misuse of the frequently misused JCA class MessageDigest is an effective false positive due to its occurrence in a non-security context. As we wanted to gain deeper insights into the security implications of these misuses, we created an extensive vulnerability model for cryptographic API misuses. Our model includes previously undiscussed attacks in the context of cryptographic APIs such as DoS attacks. This model reveals that nearly half of the misuses are of high severity, e.g., hard-coded credentials and potential Man-in-the-Middle attacks. author: - first_name: Anna-Katharina full_name: Wickert, Anna-Katharina last_name: Wickert - first_name: Lars full_name: Baumgärtner, Lars last_name: Baumgärtner - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Mira full_name: Mezini, Mira last_name: Mezini citation: ama: 'Wickert A-K, Baumgärtner L, Schlichtig M, Mezini M. To Fix or Not to Fix: A Critical Study of Crypto-Misuses in the Wild.; 2022. doi:10.48550/ARXIV.2209.11103' apa: 'Wickert, A.-K., Baumgärtner, L., Schlichtig, M., & Mezini, M. (2022). To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild. https://doi.org/10.48550/ARXIV.2209.11103' bibtex: '@book{Wickert_Baumgärtner_Schlichtig_Mezini_2022, title={To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild}, DOI={10.48550/ARXIV.2209.11103}, author={Wickert, Anna-Katharina and Baumgärtner, Lars and Schlichtig, Michael and Mezini, Mira}, year={2022} }' chicago: 'Wickert, Anna-Katharina, Lars Baumgärtner, Michael Schlichtig, and Mira Mezini. To Fix or Not to Fix: A Critical Study of Crypto-Misuses in the Wild, 2022. https://doi.org/10.48550/ARXIV.2209.11103.' ieee: 'A.-K. Wickert, L. Baumgärtner, M. Schlichtig, and M. Mezini, To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild. 2022.' mla: 'Wickert, Anna-Katharina, et al. To Fix or Not to Fix: A Critical Study of Crypto-Misuses in the Wild. 2022, doi:10.48550/ARXIV.2209.11103.' short: 'A.-K. Wickert, L. Baumgärtner, M. Schlichtig, M. Mezini, To Fix or Not to Fix: A Critical Study of Crypto-Misuses in the Wild, 2022.' date_created: 2022-10-28T13:21:05Z date_updated: 2022-10-28T13:26:39Z department: - _id: '76' doi: 10.48550/ARXIV.2209.11103 language: - iso: eng related_material: link: - relation: confirmation url: https://arxiv.org/abs/2209.11103 status: public title: 'To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild' type: misc user_id: '32312' year: '2022' ... --- _id: '29298' abstract: - lang: ger text: "Die Themen „Big Data“, „Künstliche Intelligenz und „Data Science“ werden seit einiger Zeit nicht nur in der breiten Öffentlichkeit kontrovers diskutiert, sondern stellen für die Ausbildung in den IT- und IT-nahen Berufen schon heute neue Herausforderungen dar, die in Zukunft durch die gesellschaftliche und technologische Weiterentwicklung hin zu einer Datengesellschaft noch größer werden.\r\nAn dieser Stelle stellt sich die Frage, welche Aspekte dieses großen Themenkomplexes für Schule und Ausbildung von Wichtigkeit sind und wie diese Themen sinnstiftend und gewinnbringend in die informatische Ausbildung in verschiedenen Bildungsgängen integriert werden können. Im Rahmen des von uns im Jahr 2017 organisierten Symposiums zum Thema „Data Science“ wurden für die Bildung relevante Aspekte erörtert, wodurch als Kernelemente für den Unterricht Algorithmen der Künstlichen Intelligenz und ihre Anwendung in Industrie und Gesellschaft, Explorationen von Big Data sowie der Umgang mit eigenen Daten in sozialen Netzwerken herausgearbeitet wurden. Ziel ist, aus diesen Themenbereichen sowohl ein umfassendes Curriculum als auch Module für verschiedene Unterrichtsszenarien zu entwickeln und zu erproben. Durch diese Materialien soll es Lehrkräften aus der Informatik, Mathematik oder Technik ermöglicht werden, diese Themen auf Basis des Curriculums und der erprobten Unterrichtskonzepte selbst zu unterrichten.\r\nHierfür wurde im Rahmen des Projekts ProDaBi (Projekt Data Science und Big Data in der Schule, https://www.prodabi.de), initiiert von der Telekom Stiftung, ein experimenteller Projektkurs entwickelt, den wir mit Schüler:innen der Sekundarstufe II an der Universität Paderborn im Schuljahr 2018/19 durchführten. Dieser Kurs enthält neben einem Modul zur Exploration von Big Data und einem weiteren Modul zum Maschinellen Lernen als Teil der Künstlichen Intelligenz auch eine Projektphase, die es in Zusammenarbeit mit lokalen Unternehmen den Schüler:innen\r\nermöglicht, das Erlernte in ein reales Data Science-Projekt einzubringen. Aus den Erfahrungen dieses Projektkurses sowie den parallel durchgeführten Erprobungen einzelner Bausteine auch mit beruflichen Schulen werden ab dem Schuljahr 2019/20 die hierfür verwendeten Materialien weiterentwickelt und weiteren Kooperationspartnern zur Erprobung zur Verfügung gestellt. Damit wurden zum Ende des Projekts nicht nur vollständige Unterrichtsmaterialien, sondern auch ein umfassendes Curriculum entwickelt." - lang: eng text: "The topics ”Big Data”, “Artificial Intelligence” and “Data Science” are controversially discussed among the general public, but they present new challenges for training in IT and IT-related professions. These challenges will become more important in the future as a result of further social and technological development towards a data society.\r\nAt this point, the question arises as to which aspects of this large complex of topics are important for school and education, and how these topics can be integrated in a meaningful and profitable way into informatics education in vocational education. In 2017, we organized a symposium towards the topic “Data Science” and discussed relevant aspects for general and vocational education. Algorithms of artificial intelligence and their application in industry and society, explorations of Big Data as well as the handling of one's own data in social networks were worked out as core elements for teaching. For this reason, our aim is to develop a comprehensive curriculum on this topic from these subject areas and to develop and test modules for various teaching scenarios in order to enable teachers from computer science, mathematics or technology to teach these topics themselves.\r\nFor this purpose, an experimental project course was developed within the framework of the ProDaBi project (Project Data Science and Big Data at School, https://www.prodabi.de), which we conducted with students from upper secondary classes at the University of Paderborn in the school year 2018/19. In this course we try to address all these aspects. This course consists of several modules: One module has been designed to teach the exploration of Big Data. Another module encompasses aspects of machine learning as part of artificial intelligence. The course concludes in a project phase which, in cooperation with local companies, will enable the students to apply what they have learned into a real Data Science project. Based on the experiences of this project course and the parallel testing of individual modules with vocational schools, we will further develop the material and make it available to other cooperation partners for testing, so that not only complete teaching materials but also a comprehensive curriculum will have been developed until the end of the project." author: - first_name: Simone Anna full_name: Opel, Simone Anna id: '72932' last_name: Opel - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig citation: ama: 'Opel SA, Schlichtig M. Data Science und Big Data in der beruflichen Bildung – Konzeption und Erprobung eines Projektkurses für die Sekundarstufe II. In: Vollmer T, Karges T, Richter T, Schlömer B, Schütt-Sayed S, eds. Sammelband der 27. Fachtagung der BAG Berufliche Bildung. Vol 55. Berufsbildung, Arbeit und Innovation. wbv Media GmbH & Co. KG; 2020:176-194. doi:https://doi.org/10.3278/6004722w' apa: Opel, S. A., & Schlichtig, M. (2020). Data Science und Big Data in der beruflichen Bildung – Konzeption und Erprobung eines Projektkurses für die Sekundarstufe II. In T. Vollmer, T. Karges, T. Richter, B. Schlömer, & S. Schütt-Sayed (Eds.), Sammelband der 27. Fachtagung der BAG Berufliche Bildung (Vol. 55, pp. 176–194). wbv Media GmbH & Co. KG. https://doi.org/10.3278/6004722w bibtex: '@inproceedings{Opel_Schlichtig_2020, place={Bielefeld}, series={Berufsbildung, Arbeit und Innovation}, title={Data Science und Big Data in der beruflichen Bildung – Konzeption und Erprobung eines Projektkurses für die Sekundarstufe II}, volume={55}, DOI={https://doi.org/10.3278/6004722w}, booktitle={Sammelband der 27. Fachtagung der BAG Berufliche Bildung}, publisher={wbv Media GmbH & Co. KG}, author={Opel, Simone Anna and Schlichtig, Michael}, editor={Vollmer, Thomas and Karges, Torben and Richter, Tim and Schlömer, Britta and Schütt-Sayed, Sören}, year={2020}, pages={176–194}, collection={Berufsbildung, Arbeit und Innovation} }' chicago: 'Opel, Simone Anna, and Michael Schlichtig. “Data Science und Big Data in der beruflichen Bildung – Konzeption und Erprobung eines Projektkurses für die Sekundarstufe II.” In Sammelband der 27. Fachtagung der BAG Berufliche Bildung, edited by Thomas Vollmer, Torben Karges, Tim Richter, Britta Schlömer, and Sören Schütt-Sayed, 55:176–94. Berufsbildung, Arbeit und Innovation. Bielefeld: wbv Media GmbH & Co. KG, 2020. https://doi.org/10.3278/6004722w.' ieee: 'S. A. Opel and M. Schlichtig, “Data Science und Big Data in der beruflichen Bildung – Konzeption und Erprobung eines Projektkurses für die Sekundarstufe II,” in Sammelband der 27. Fachtagung der BAG Berufliche Bildung, Siegen, 2020, vol. 55, pp. 176–194, doi: https://doi.org/10.3278/6004722w.' mla: Opel, Simone Anna, and Michael Schlichtig. “Data Science und Big Data in der beruflichen Bildung – Konzeption und Erprobung eines Projektkurses für die Sekundarstufe II.” Sammelband der 27. Fachtagung der BAG Berufliche Bildung, edited by Thomas Vollmer et al., vol. 55, wbv Media GmbH & Co. KG, 2020, pp. 176–94, doi:https://doi.org/10.3278/6004722w. short: 'S.A. Opel, M. Schlichtig, in: T. Vollmer, T. Karges, T. Richter, B. Schlömer, S. Schütt-Sayed (Eds.), Sammelband der 27. Fachtagung der BAG Berufliche Bildung, wbv Media GmbH & Co. KG, Bielefeld, 2020, pp. 176–194.' conference: end_date: 2019-03-13 location: Siegen name: 20. Hochschultage Berufliche Bildung (HTBB) "Digitale Welt - Bildung und Arbeit in Transformationsgesellschaften". start_date: 2019-03-11 date_created: 2022-01-12T16:43:38Z date_updated: 2022-01-12T17:04:10Z department: - _id: '67' doi: https://doi.org/10.3278/6004722w editor: - first_name: Thomas full_name: Vollmer, Thomas last_name: Vollmer - first_name: Torben full_name: Karges, Torben last_name: Karges - first_name: Tim full_name: Richter, Tim last_name: Richter - first_name: Britta full_name: Schlömer, Britta last_name: Schlömer - first_name: Sören full_name: Schütt-Sayed, Sören last_name: Schütt-Sayed intvolume: ' 55' keyword: - Berufsbildung - vocational education - Ausbildung - training - berufliche Weiterbildung - advanced vocational education - Digitalisierung - digitalization - Unterricht - teaching - Lehrmethode - teaching method - Interdisziplinarität - interdisciplinarity - Fachdidaktik - subject didactics - Curriculum - curriculum - gewerblich-technischer Beruf - vocational/technical occupation - Fachkraft - specialist - Qualifikationsanforderungen - qualification requirements - Kompetenz - competence - Lehrerbildung - teacher training - Bundesrepublik Deutschland - Federal Republic of Germany language: - iso: ger main_file_link: - open_access: '1' url: https://library.oapen.org/handle/20.500.12657/43933 oa: '1' page: 176-194 place: Bielefeld publication: Sammelband der 27. Fachtagung der BAG Berufliche Bildung publication_status: published publisher: wbv Media GmbH & Co. KG series_title: Berufsbildung, Arbeit und Innovation status: public title: Data Science und Big Data in der beruflichen Bildung – Konzeption und Erprobung eines Projektkurses für die Sekundarstufe II type: conference user_id: '32312' volume: 55 year: '2020' ... --- _id: '15332' abstract: - lang: eng text: "Artificial intelligence (AI) has the potential for far-reaching – in our opinion – irreversible changes.\r\nThey range from effects on the individual and society to new societal and social issues. The question arises\r\nas to how students can learn the basic functioning of AI systems, what areas of life and society are affected\r\nby these and – most important – how their own lives are affected by these changes. Therefore, we are developing and evaluating school materials for the German ”Science Year AI”. It can be used for students of all\r\nschool types from the seventh grade upwards and will be distributed to about 2000 schools in autumn with\r\nthe support of the Federal Ministry of Education and Research. The material deals with the following aspects\r\nof AI: Discussing everyday experiences with AI, how does machine learning work, historical development\r\nof AI concepts, difference between man and machine, future distribution of roles between man and machine,\r\nin which AI world do we want to live and how much AI would we like to have in our lives. Through an\r\naccompanying evaluation, high quality of the technical content and didactic preparation is achieved in order\r\nto guarantee the long-term applicability in the teaching context in the different age groups and school types.\r\nIn this paper, we describe the current state of the material development, the challenges arising, and the results\r\nof tests with different classes to date. We also present first ideas for evaluating the results." author: - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Simone Anna full_name: Opel, Simone Anna id: '72932' last_name: Opel - first_name: Lea full_name: Budde, Lea id: '32443' last_name: Budde - first_name: Carsten full_name: Schulte, Carsten id: '60311' last_name: Schulte citation: ama: 'Schlichtig M, Opel SA, Budde L, Schulte C. Understanding Artificial Intelligence – A Project for the Development of Comprehensive Teaching Material. In: Jasutė E, Pozdniakov S, eds. ISSEP 2019 - 12th International Conference on Informatics in Schools: Situation, Evaluation and Perspectives, Local Proceedings. Vol 12. ; 2019:65-73.' apa: 'Schlichtig, M., Opel, S. A., Budde, L., & Schulte, C. (2019). Understanding Artificial Intelligence – A Project for the Development of Comprehensive Teaching Material. In E. Jasutė & S. Pozdniakov (Eds.), ISSEP 2019 - 12th International conference on informatics in schools: Situation, evaluation and perspectives, Local Proceedings (Vol. 12, pp. 65–73).' bibtex: '@inproceedings{Schlichtig_Opel_Budde_Schulte_2019, title={Understanding Artificial Intelligence – A Project for the Development of Comprehensive Teaching Material}, volume={12}, booktitle={ISSEP 2019 - 12th International conference on informatics in schools: Situation, evaluation and perspectives, Local Proceedings}, author={Schlichtig, Michael and Opel, Simone Anna and Budde, Lea and Schulte, Carsten}, editor={Jasutė, Eglė and Pozdniakov, Sergei}, year={2019}, pages={65–73} }' chicago: 'Schlichtig, Michael, Simone Anna Opel, Lea Budde, and Carsten Schulte. “Understanding Artificial Intelligence – A Project for the Development of Comprehensive Teaching Material.” In ISSEP 2019 - 12th International Conference on Informatics in Schools: Situation, Evaluation and Perspectives, Local Proceedings, edited by Eglė Jasutė and Sergei Pozdniakov, 12:65–73, 2019.' ieee: 'M. Schlichtig, S. A. Opel, L. Budde, and C. Schulte, “Understanding Artificial Intelligence – A Project for the Development of Comprehensive Teaching Material,” in ISSEP 2019 - 12th International conference on informatics in schools: Situation, evaluation and perspectives, Local Proceedings, Lanarca, 2019, vol. 12, pp. 65–73.' mla: 'Schlichtig, Michael, et al. “Understanding Artificial Intelligence – A Project for the Development of Comprehensive Teaching Material.” ISSEP 2019 - 12th International Conference on Informatics in Schools: Situation, Evaluation and Perspectives, Local Proceedings, edited by Eglė Jasutė and Sergei Pozdniakov, vol. 12, 2019, pp. 65–73.' short: 'M. Schlichtig, S.A. Opel, L. Budde, C. Schulte, in: E. Jasutė, S. Pozdniakov (Eds.), ISSEP 2019 - 12th International Conference on Informatics in Schools: Situation, Evaluation and Perspectives, Local Proceedings, 2019, pp. 65–73.' conference: end_date: 2019-11-20 location: Lanarca name: 'ISSEP 2019 - 12th International conference on informatics in schools: Situation, evaluation and perspectives' start_date: 2019-11-18 date_created: 2019-12-16T17:50:08Z date_updated: 2022-07-26T11:41:41Z department: - _id: '67' editor: - first_name: Eglė full_name: Jasutė, Eglė last_name: Jasutė - first_name: Sergei full_name: Pozdniakov, Sergei last_name: Pozdniakov intvolume: ' 12' keyword: - Artificial Intelligence - Machine Learning - Teaching Material - Societal Aspects - Ethics. Social Aspects - Science Year - Simulation Game language: - iso: eng main_file_link: - url: http://cyprusconferences.org/issep2019/wp-content/uploads/2019/10/LocalISSEP-v5.pdf page: 65 - 73 publication: 'ISSEP 2019 - 12th International conference on informatics in schools: Situation, evaluation and perspectives, Local Proceedings' publication_identifier: isbn: - 978-9925-553-27-3 publication_status: published quality_controlled: '1' status: public title: Understanding Artificial Intelligence – A Project for the Development of Comprehensive Teaching Material type: conference user_id: '32312' volume: 12 year: '2019' ... --- _id: '15640' author: - first_name: Simone Anna full_name: Opel, Simone Anna id: '72932' last_name: Opel - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Carsten full_name: Schulte, Carsten id: '60311' last_name: Schulte - first_name: Rolf full_name: Biehler, Rolf last_name: Biehler - first_name: Daniel full_name: Frischemeier, Daniel last_name: Frischemeier - first_name: Susanne full_name: Podworny, Susanne last_name: Podworny - first_name: Thomas full_name: Wassong, Thomas id: '21241' last_name: Wassong citation: ama: 'Opel SA, Schlichtig M, Schulte C, et al. Entwicklung und Reflexion einer Unterrichtssequenz zum Maschinellen Lernen als Aspekt von Data Science in der Sekundarstufe II. In: INFOS. Vol P-288. LNI. Gesellschaft für Informatik; 2019:285-294.' apa: Opel, S. A., Schlichtig, M., Schulte, C., Biehler, R., Frischemeier, D., Podworny, S., & Wassong, T. (2019). Entwicklung und Reflexion einer Unterrichtssequenz zum Maschinellen Lernen als Aspekt von Data Science in der Sekundarstufe II. INFOS, P-288, 285–294. bibtex: '@inproceedings{Opel_Schlichtig_Schulte_Biehler_Frischemeier_Podworny_Wassong_2019, series={LNI}, title={Entwicklung und Reflexion einer Unterrichtssequenz zum Maschinellen Lernen als Aspekt von Data Science in der Sekundarstufe II}, volume={P-288}, booktitle={INFOS}, publisher={Gesellschaft für Informatik}, author={Opel, Simone Anna and Schlichtig, Michael and Schulte, Carsten and Biehler, Rolf and Frischemeier, Daniel and Podworny, Susanne and Wassong, Thomas}, year={2019}, pages={285–294}, collection={LNI} }' chicago: Opel, Simone Anna, Michael Schlichtig, Carsten Schulte, Rolf Biehler, Daniel Frischemeier, Susanne Podworny, and Thomas Wassong. “Entwicklung und Reflexion einer Unterrichtssequenz zum Maschinellen Lernen als Aspekt von Data Science in der Sekundarstufe II.” In INFOS, P-288:285–94. LNI. Gesellschaft für Informatik, 2019. ieee: S. A. Opel et al., “Entwicklung und Reflexion einer Unterrichtssequenz zum Maschinellen Lernen als Aspekt von Data Science in der Sekundarstufe II,” in INFOS, 2019, vol. P-288, pp. 285–294. mla: Opel, Simone Anna, et al. “Entwicklung und Reflexion einer Unterrichtssequenz zum Maschinellen Lernen als Aspekt von Data Science in der Sekundarstufe II.” INFOS, vol. P-288, Gesellschaft für Informatik, 2019, pp. 285–94. short: 'S.A. Opel, M. Schlichtig, C. Schulte, R. Biehler, D. Frischemeier, S. Podworny, T. Wassong, in: INFOS, Gesellschaft für Informatik, 2019, pp. 285–294.' date_created: 2020-01-28T10:28:34Z date_updated: 2022-07-26T11:42:05Z department: - _id: '67' language: - iso: ger page: 285-294 publication: INFOS publisher: Gesellschaft für Informatik quality_controlled: '1' series_title: LNI status: public title: Entwicklung und Reflexion einer Unterrichtssequenz zum Maschinellen Lernen als Aspekt von Data Science in der Sekundarstufe II type: conference user_id: '32312' volume: P-288 year: '2019' ... --- _id: '15641' author: - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Simone Anna full_name: Opel, Simone Anna id: '72932' last_name: Opel - first_name: Carsten full_name: Schulte, Carsten id: '60311' last_name: Schulte - first_name: Rolf full_name: Biehler, Rolf last_name: Biehler - first_name: Daniel full_name: Frischemeier, Daniel last_name: Frischemeier - first_name: Susanne full_name: Podworny, Susanne last_name: Podworny - first_name: Thomas full_name: Wassong, Thomas id: '21241' last_name: Wassong citation: ama: 'Schlichtig M, Opel SA, Schulte C, et al. Maschinelles Lernen im Unterricht mit Jupyter Notebook. In: INFOS. Vol P-288. LNI. Gesellschaft für Informatik; 2019:385.' apa: Schlichtig, M., Opel, S. A., Schulte, C., Biehler, R., Frischemeier, D., Podworny, S., & Wassong, T. (2019). Maschinelles Lernen im Unterricht mit Jupyter Notebook. INFOS, P-288, 385. bibtex: '@inproceedings{Schlichtig_Opel_Schulte_Biehler_Frischemeier_Podworny_Wassong_2019, series={LNI}, title={Maschinelles Lernen im Unterricht mit Jupyter Notebook}, volume={P-288}, booktitle={INFOS}, publisher={Gesellschaft für Informatik}, author={Schlichtig, Michael and Opel, Simone Anna and Schulte, Carsten and Biehler, Rolf and Frischemeier, Daniel and Podworny, Susanne and Wassong, Thomas}, year={2019}, pages={385}, collection={LNI} }' chicago: Schlichtig, Michael, Simone Anna Opel, Carsten Schulte, Rolf Biehler, Daniel Frischemeier, Susanne Podworny, and Thomas Wassong. “Maschinelles Lernen im Unterricht mit Jupyter Notebook.” In INFOS, P-288:385. LNI. Gesellschaft für Informatik, 2019. ieee: M. Schlichtig et al., “Maschinelles Lernen im Unterricht mit Jupyter Notebook,” in INFOS, 2019, vol. P-288, p. 385. mla: Schlichtig, Michael, et al. “Maschinelles Lernen im Unterricht mit Jupyter Notebook.” INFOS, vol. P-288, Gesellschaft für Informatik, 2019, p. 385. short: 'M. Schlichtig, S.A. Opel, C. Schulte, R. Biehler, D. Frischemeier, S. Podworny, T. Wassong, in: INFOS, Gesellschaft für Informatik, 2019, p. 385.' date_created: 2020-01-28T10:28:35Z date_updated: 2022-07-26T11:41:58Z department: - _id: '67' language: - iso: ger page: '385' publication: INFOS publisher: Gesellschaft für Informatik quality_controlled: '1' series_title: LNI status: public title: Maschinelles Lernen im Unterricht mit Jupyter Notebook type: conference user_id: '32312' volume: P-288 year: '2019' ... --- _id: '15643' author: - first_name: Simone Anna full_name: Opel, Simone Anna id: '72932' last_name: Opel - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Carsten full_name: Schulte, Carsten id: '60311' last_name: Schulte citation: ama: 'Opel SA, Schlichtig M, Schulte C. Developing Teaching Materials on Artificial Intelligence by Using a Simulation Game (Work in Progress). In: WiPSCE. ACM; 2019:11:1-11:2.' apa: Opel, S. A., Schlichtig, M., & Schulte, C. (2019). Developing Teaching Materials on Artificial Intelligence by Using a Simulation Game (Work in Progress). WiPSCE, 11:1-11:2. bibtex: '@inproceedings{Opel_Schlichtig_Schulte_2019, title={Developing Teaching Materials on Artificial Intelligence by Using a Simulation Game (Work in Progress)}, booktitle={WiPSCE}, publisher={ACM}, author={Opel, Simone Anna and Schlichtig, Michael and Schulte, Carsten}, year={2019}, pages={11:1-11:2} }' chicago: Opel, Simone Anna, Michael Schlichtig, and Carsten Schulte. “Developing Teaching Materials on Artificial Intelligence by Using a Simulation Game (Work in Progress).” In WiPSCE, 11:1-11:2. ACM, 2019. ieee: S. A. Opel, M. Schlichtig, and C. Schulte, “Developing Teaching Materials on Artificial Intelligence by Using a Simulation Game (Work in Progress),” in WiPSCE, 2019, p. 11:1-11:2. mla: Opel, Simone Anna, et al. “Developing Teaching Materials on Artificial Intelligence by Using a Simulation Game (Work in Progress).” WiPSCE, ACM, 2019, p. 11:1-11:2. short: 'S.A. Opel, M. Schlichtig, C. Schulte, in: WiPSCE, ACM, 2019, p. 11:1-11:2.' date_created: 2020-01-28T10:28:37Z date_updated: 2022-07-26T11:41:51Z department: - _id: '67' language: - iso: eng page: 11:1-11:2 publication: WiPSCE publisher: ACM quality_controlled: '1' status: public title: Developing Teaching Materials on Artificial Intelligence by Using a Simulation Game (Work in Progress) type: conference user_id: '32312' year: '2019' ... --- _id: '14848' abstract: - lang: ger text: Data Science und Big Data durchdringt in ihren diversen Facetten unser tägliches Leben– kaum ein Tag, an dem nicht verschiedene Meldungen über technische Innovationen, Einsatzmöglichkeiten von Künstlicher Intelligenz (KI) und Maschinelles Lernen (ML) und ihre ethischen sowie gesellschaftlichen Implikationen in den unterschiedlichen Medien diskutiert werden. Aus diesem Grund erscheint es uns immens wichtig, diese Fragestellungen und Technologien auch in den Unterricht der Sekundarstufe II zu integrieren. Um diesem Anspruch gerecht zu werden, entwickelten wir im Rahmen eines Forschungsprojekts ein Curriculum, welches wir als konkretes Unterrichtskonzept innerhalb eines Projektkurses erprobt, evaluiert weiterentwickelt wird. Bei der Implementierung entschieden wir uns, zur aktiven Umsetzung von Konzepten von ML als Plattform Jupyter Notebook mit Python zu verwenden, da diese Umgebung durch die Verbindung von Code und Hypertext zur Dokumentation und Erklärung Medienbrüche im Lernprozess verringern kann. Zudem ist Python zur Implementierung der Methoden von ML sehr gut geeignet. Im Themenfeld des ML als Teilgebiet der KI legen wir den Fokus auf zwei unterschiedliche Lernverfahren um verschieden Aspekte von ML, u.A. wie Nachvollziehbarkeit unter gesellschaftlichen Gesichtspunkten zu vermitteln. Diese sind Künstliche Neuronale Netze (bei denen die Berechnung und Bedeutung der Kantengewichte zwischen den Neuronen für den Menschen insbesondere bei komplexeren Netzen kaum nachvollziehbar erschienen) und Entscheidungsbäume (strukturierte und gerichtete Bäume zur Darstellung von Entscheidungsregeln, welche auch für Schülerinnen und Schüler meist gut nachvollziehbares und verständliches KI-Modell darstellen). In diesem Workshop stellen wir konkrete Umsetzungsbeispiele inklusive der Programmierung für beide Verfahren mit Jupyter Notebook und Python als Teil einer Unterrichtssequenz vor und diskutieren diese. author: - first_name: Michael full_name: Schlichtig, Michael id: '32312' last_name: Schlichtig orcid: 0000-0001-6600-6171 - first_name: Simone full_name: Opel, Simone last_name: Opel - first_name: Carsten full_name: Schulte, Carsten last_name: Schulte - first_name: Rolf full_name: Biehler, Rolf last_name: Biehler - first_name: Daniel full_name: Frischemeier, Daniel last_name: Frischemeier - first_name: Susanne full_name: Podworny, Susanne last_name: Podworny - first_name: Thomas full_name: Wassong, Thomas id: '21241' last_name: Wassong citation: ama: 'Schlichtig M, Opel S, Schulte C, et al. Maschinelles Lernen im Unterricht mit Jupyter Notebook. In: Pasternak A, ed. Informatik für alle. Gesellschaft für Informatik; 2019:385.' apa: Schlichtig, M., Opel, S., Schulte, C., Biehler, R., Frischemeier, D., Podworny, S., & Wassong, T. (2019). Maschinelles Lernen im Unterricht mit Jupyter Notebook. In A. Pasternak (Ed.), Informatik für alle (p. 385). Gesellschaft für Informatik. bibtex: '@inproceedings{Schlichtig_Opel_Schulte_Biehler_Frischemeier_Podworny_Wassong_2019, place={Bonn}, title={Maschinelles Lernen im Unterricht mit Jupyter Notebook}, booktitle={Informatik für alle}, publisher={Gesellschaft für Informatik}, author={Schlichtig, Michael and Opel, Simone and Schulte, Carsten and Biehler, Rolf and Frischemeier, Daniel and Podworny, Susanne and Wassong, Thomas}, editor={Pasternak, Arno}, year={2019}, pages={385} }' chicago: 'Schlichtig, Michael, Simone Opel, Carsten Schulte, Rolf Biehler, Daniel Frischemeier, Susanne Podworny, and Thomas Wassong. “Maschinelles Lernen im Unterricht mit Jupyter Notebook.” In Informatik für alle, edited by Arno Pasternak, 385. Bonn: Gesellschaft für Informatik, 2019.' ieee: M. Schlichtig et al., “Maschinelles Lernen im Unterricht mit Jupyter Notebook,” in Informatik für alle, Dortmund, Germany, 2019, p. 385. mla: Schlichtig, Michael, et al. “Maschinelles Lernen im Unterricht mit Jupyter Notebook.” Informatik für alle, edited by Arno Pasternak, Gesellschaft für Informatik, 2019, p. 385. short: 'M. Schlichtig, S. Opel, C. Schulte, R. Biehler, D. Frischemeier, S. Podworny, T. Wassong, in: A. Pasternak (Ed.), Informatik für alle, Gesellschaft für Informatik, Bonn, 2019, p. 385.' conference: end_date: 2019-09-18 location: Dortmund, Germany name: INFOS 2019 start_date: 2019-09-16 date_created: 2019-11-07T14:08:13Z date_updated: 2025-05-25T20:01:30Z department: - _id: '67' - _id: '97' editor: - first_name: Arno full_name: Pasternak, Arno last_name: Pasternak language: - iso: ger main_file_link: - url: https://dl.gi.de/handle/20.500.12116/28964 page: ' 385 ' place: Bonn publication: Informatik für alle publication_identifier: isbn: - 978-3-88579-682-4 publication_status: published publisher: Gesellschaft für Informatik status: public title: Maschinelles Lernen im Unterricht mit Jupyter Notebook type: conference user_id: '21241' year: '2019' ...