Sven Bugiel

Tenured Faculty

CISPA Helmholtz Center for Information Security

Professional Summary

I am a security researcher focusing on (mobile) operating system security and trusted computing. In the past, I was particularly looking into mandatory access control systems for the Android OS and integrating hardware security building blocks into mobile operating systems. This interest has extended to object-capability systems and developing new confidential computing solutions. More recently, I also worked on the intersection of those topics with human-centered studies, authentication, and data science.

Since December 2021 I am a tenured faculty at the CISPA Helmholtz Center for Information Security in Saarbrücken, Germany, and heading the Trusted Systems Group. Between July 2018 and December 2021 I headed the same group at CISPA as tenure-track faculty and between June 2016 and July 2018 as a Research Group Leader.

I earned my Dr.-Ing. from Saarland University in 2016 with my thesis on ‘Establishing Mandatory Access Control on Android OS,’ which I wrote under supervision of Prof. Michael Backes. I finished my Master of Science in Engineering, Security and Mobile Computing on the KTH/DTU track of the NordSecMob Erasmus Mundus programme with my thesis “Using TCG/DRTM for application-specific credential storage and usage” in cooperation with Nokia Research Center, Helsinki, Finland.

Education

Ph.D. in Security in Information Technology

Saarland University, Germany

Master of Science in Engineering, Security and Mobile Computing

Royal Institute of Technology (KTH), Stockholm, Sweden / Technical University of Denmark (DTU), Copenhagen, Denmark

Interests

Mobile Platform Security Trusted Computing Usable Security

Recent Publications

HTMA Riyadh, Divyanshu Bhardwaj, Maria Victoria Hellenthal, Alexander Hart, Katharina Krombholz, Sven Bugiel (2026). From Discovery to Decisions: Archetypal Journeys of Mobile App Users and Their Implications on Privacy. ACM International Conference on Human Factors in Computing Systems (CHI ‘26).

PDF

Alfusainey Jallow, Sven Bugiel (2025). Stack Overflow Meets Replication: Security Research Amid Evolving Code Snippets. 34th USENIX Security Symposium (SEC ‘25) Honorable Mention Award.

Extended Version Artifacts Slides PDF

Yusra Elbitar, Soheil Khodayari, Marian Harbach, Gianluca De Stefano, Balazs Csaba Engedy, Giancarlo Pellegrino, Sven Bugiel (2025). Permission Rationales in the Web Ecosystem: An Exploration of Rationale Text and Design Patterns. ACM International Conference on Human Factors in Computing Systems (CHI ‘25) Best paper award.

Slides Video PDF

Yusra Elbitar, Alexander Hart, Sven Bugiel (2025). The Power of Words: A Comprehensive Analysis of Rationales and Their Effects on Users’ Permission Decisions. 32nd Annual Network & Distributed System Security Symposium (NDSS ‘25).

Slides Video PDF

Eric Ackermann, Noah Mauthe, Sven Bugiel (2024). Work-in-Progress: Northcape: Embedded Real-Time Capability-Based Addressing. IEEE European Symposium on Security and Privacy Workshops.

PDF

See all publications

Academic Service

Program (Co-)Chair

Symposium on Usable Security and Privacy (USEC'25) together with Sanchari Das
Who Are You?! Adventures in Authentication Workshop 2021 (WAY'21) together with Sarah Pearman

Program Committee Member

IEEE SP: 2027, 2026, 2025, 2024, 2022
USENIX Security: 2027, 2025, 2024, 2023, 2021, 2020, 2019
ACM CCS: 2019, 2018
ACM SAC: 2019
IEEE EuroSP: 2016

Workshops

FoPI (co-located with IEEE EuroSP): 2021
WAY (co-located with USENIX SOUPS): 2020
SysTEX (co-located with ACM CCS): 2016

External Reviewer

ACM CHI: 2024

Journal Reviewer

ACM TOPS: 2023
IEEE TDSC: 2021, 2016, 2014
IEEE TIFS: 2017
IEEE TDSCSI: 2014