People of ACM European Chapters - Hans-Joachim Hof

September 12, 2017

Can you briefly describe your own line of research and how you became interested in this area?

For many years, I have been interested in the design of systems with a high IT security level, looking into secure communication as well as into software security. Designing secure systems not only includes the technical part, but also needs to focus on processes for software development and for system design as well as on tools for security testing. So my portfolio spans from Secure Scrum, a methodology to develop secure software with Scrum, to fuzzers for TCP/IP stacks and secure system architectures for Smart Grids.

I became interested in my field of research when my parents bought me my first C64 in primary school. Working around anti-cheating and other protection methods in computer games on this machine was my start into the hacking community. I was very lucky to have access to the very active computer mailbox community in southern Germany that gave me the ability to learn about computer science. If I only had heard about the ACM in those days… Later on, I decided to focus more on the constructive part of IT security, namely secure system design.

In your area of research, what recent advance/emerging subfield will yield important advances in the years ahead?

Advances in other fields often drive IT security. In my opinion, Big Data, artificial intelligence, and the networking of legacy devices are the most interesting current trends for IT security. Increasingly, my research is not about designing new systems but about methodologies to raise the security level of legacy systems or networked embedded systems (e.g., Internet of Things, automotive cyber systems, cyber-physical systems, etc.). Those systems have recently gotten onto the radar of attackers, have seen the first wave of massive attacks, and in their current state have little to no means for defense.

Another issue that became important in the networking of embedded devices is the interaction between safety and security. This topic has been around for quite a while, but finding solutions for current systems still is an interesting research challenge (e.g., in the automotive domain).

Can you tell us a little about the ACM Germany Chapter? (How many members? What are your most important activities?)

We are happy to celebrate the 50th birthday of the German Chapter of ACM (GChACM) next year, so this chapter is quite mature. The chapter runs more than 35 regional groups in Germany in cooperation with the national computer science association of Germany. The regional groups are spread all over Germany and usually each group organizes six to 10 talks about current subjects a year. GChACM also organizes or supports several activities with a focus on computer science practitioners, e.g., Software Engineering Live, IT-Security Live, ERP Future, and eHealth & Society. Our latest activity is the Computer Science in Cars Symposium (CSCS), an event to promote computer science in the automotive domain. The event attracted more than 100 international participants from academia and industry. Three different ACM chapters in Germany organized it: GChACM, the ACM Munich Student Chapter, and the Munich ACM SIGGRAPH Chapter.

What advice would you give to a younger colleague just starting out in your field?

My top advice to all my students and PhD candidates is: “Do what you love to do”. Following a scientific career can be frustrating on so many levels, so it really helps to be in love with your research field. I always felt privileged to get paid to do a job I like so much. Another general piece of advice is to grow a sustainable network. ACM is an ideal environment to do so. ACM gives you the possibility to show other people in the organization what you are able to do.

Another piece of advice I would offer—especially to colleagues in IT security—is to be open for as many application domains as possible. As I mentioned earlier, IT security is heavily driven by current trends in computer science, so it really helps to be open-minded and to talk to many people from other fields. Again, ACM is an ideal environment for this. I also advise my students that it is a good idea to have worked for some time in industry when you are planning a career in academia. Knowing current problems of industry is of great help in positively advancing computer science.

Hans-Joachim Hof is Chair of the ACM German Chapter and a member of the board of the national computer science association of Germany (Gesellschaft für Informatik). He is a professor at the Technical University of Ingolstadt (Technische Hochschule Ingolstadt) and a lecturer at the Munich University of Applied Science. He is the head of the research groups INSicherheit (Ingolstadt Research Group of Applied IT Security) and MuSe (Munich IT Security Research Group).

Hof is also the Editor-in-Chief of the International Journal on Advances in Security. Before becoming a professor, he was a research scientist at the Corporate Technology research center at Siemens AG in Munich.