Andreas Poller


Andreas Poller studied “Applied Computer Science” at the Chemnitz University of Technology and finished his course of studies with his diploma in November 2006. Before, he joined the Testlabor team in February 2006 for writing his diploma thesis “Approaches for "Automated Software Security Evaluations”. He already worked for five years as scientific assistant at the Fraunhofer Institute for Machine Tools and Forming Technology in Chemnitz in several artificial intelligence research areas like classification and feature extraction systems or image processing.

Areas of expertise:
Security analysis, security evaluation frameworks, banking security

Research interests:
Data protection and privacy, test automation, tools for security tests, standards and regulations, “semantic web”


Phone: +49(0)6151/869-170

PGP Key ID: 0x640168E1
S/MIME: X.509 certificate, Fraunhofer CA root certificate, Instructions



Sven Türpe; Andreas Poller: Managing Security Work in Scrum: Tensions and Challenges. In: M.G. Jaatun, D.S. Cruzes (eds.): Proceedings of the International Workshop on Security in DevOps and Agile Secure Software Engineering (SecSE 2017), published at © authors. [BibTeX]
also available: workshop presentation (.mp4 - slides and audio), slides (.pdf)

Laura Kocksch; Andreas Poller: Breaking New Ground for Researching Secure Software Development with Social Theory. CSCW'17 "Theory transfers? Social theory & CSCW research" Workshop, February 25, 2017, Portland, OR, USA. © authors. [BibTeX]

Andreas Poller; Laura Kocksch; Sven Türpe; Felix Anand Epp; Katharina Kinder-Kurlanda: Can Security Become a Routine? A Study of Organizational Change in an Agile Software Development Group. Proceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW'17), February 25–March 1, 2017, Portland, OR, USA. DOI: 10.1145/2998181.2998191, © authors/ACM. [BibTeX]
also available: CSCW'17 slide deck

Sven Türpe; Jürgen Geuter; Andreas Poller: Emission statt Transaktion: Weshalb das klassische Datenschutzparadigma nicht mehr funktioniert. In: Friedewald, M.; Roßnagel, A.; Lamla, J. (Hrsg.) (2017): Informationelle Selbstbestimmung im digitalen Wandel. Wiesbaden: Springer Vieweg DOI: 10.1007/978-3-658-17662-4_14, © Springer. [BibTeX]
auch online: Slides des Konferenzvortrags am 26.11.2015


Sven Türpe; Laura Kocksch; Andreas Poller: Penetration Tests a Turning Point in Security Practices? Organizational Challenges and Implications in a Software Development Team. 2nd Workshop on Security Information Workers, Denver, CO, 22 June 2016. © authors. [BibTeX]
(see also our CSCW'17 paper for more detail)

Andreas Poller; Laura Kocksch; Katharina Kinder-Kurlanda; Felix Anand Epp: First-time Security Audits As a Turning Point? Challenges for Security Practices in an Industry Software Development Team. Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems. DOI: 10.1145/2851581.2892392, © authors/ACM. [BibTeX]
(see also our CSCW'17 paper for more detail)


Mauro Baluda; Andreas Fuchs; Philipp Holzinger; Lotfi ben Othmane; Andreas Poller; Jürgen Repp; Johannes Späth; Jan Steffan; Stefan Triller; Eric Bodden: Security Analysis of TrueCrypt. Fraunhofer Institute for Secure Information Technology (SIT) for the German Federal Office for Information Security (BSI), 2015. [BibTeX]

Mauro Baluda; Andreas Fuchs; Philipp Holzinger; Lotfi ben Othmane; Andreas Poller; Jürgen Repp; Johannes Späth; Jan Steffan; Stefan Triller; Eric Bodden: Sicherheitsanalyse TrueCrypt. Fraunhofer-Institut für Sichere Informationstechnologie (SIT) im Auftrag des Bundesamts für Sicherheit in der Informationstechnik (BSI), 2015. [BibTeX]

Andreas Kramm; Petra Ilyes; Andreas Poller; Laura Kocksch: Studying the Effects of SNS Users’ Alternative Privacy Strategies With an Activity Tracking Tool. CSCW '15 The Future of Networked Privacy: Challenges and Opportunities Workshop, Vancouver, British Columbia, Canada. [BibTeX]


Andreas Poller; Sven Türpe; Katharina Kinder-Kurlanda: An Asset to Security Modeling? Analyzing Stakeholder Collaborations Instead of Threats to Assets. New Security Paradigms Workshop (NSPW'14), Victoria, BC, September 15-18, 2014. DOI: 10.1145/2683467.2683474 [BibTeX]

Andreas Poller; Andreas Kramm; Petra Ilyes; Laura Kocksch: Investigating OSN Users’ Privacy Strategies With In-Situ Observation. CSCW Companion ’14, Baltimore, 2014. DOI: 10.1145/2556420.2556508, © ACM. [BibTeX]

Sven Türpe; Annika Selzer; Andreas Poller; Mark Bedner: Denkverbote für Star-Trek-Computer? Datenschutz und Datensicherheit - DuD 38(1), Januar 2014, S. 31-35. DOI: 10.1007/s11623-014-0008-x, © Autoren / Springer Gabler. [BibTeX]

Jim Whitmore; Sven Türpe; Stefan Triller; Andreas Poller; Christina Carlson: Threat analysis in the software development lifecycle. IBM Journal of Research and Development 58(1), 2014. DOI: 10.1147/JRD.2013.2288060, © IBM. [BibTeX]


Andreas Poller; Ulrich Waldmann: Soziale Netzwerke bewusst nutzen. Ein Dossier zu Datenschutz, Privatsphärenschutz und Unternehmenssicherheit. SIT Technical Reports, SIT-TR-2013-02, August 2013. [BibTeX]

Andreas Poller; Petra Ilyes; Andreas Kramm: Designing privacy-aware online social networks - A reflective socio-technical approach. CSCW ’13 Measuring Networked Social Privacy Workshop, February 23-27, 2013, San Antonio, Texas, USA. [BibTeX]


Andreas Poller; Martin Steinebach; Huajian Liu: Robust Image Obfuscation for Privacy Protection in Web 2.0 Applications. Proceedings of SPIE Vol. 8303 - Media Watermarking, Security, and Forensics 2012, SPIE, 2012. DOI: 10.1117/12.908587 [BibTeX]

Andreas Poller; Ulrich Waldmann; Sven Vowé; Sven Türpe: Electronic Identity Cards for User Authentication – Promise and Practice. IEEE Security and Privacy Magazine, vol. 10, no. 1 (jan/feb) 2012. DOI: 10.1109/MSP.2011.148, © IEEE. [BibTeX]


Sven Türpe; Andreas Poller; Jan Steffan; Jan-Peter Stotz; Jan Trukenmüller: Attacking the BitLocker Boot Process. 2nd International Conference on Trusted Computing (Trust 2009), Oxford, UK; April 6-8th. DOI: 10.1007/978-3-642-00587-9_12, © Springer. [BibTeX]
(see also our demonstration video)


Andreas Poller: Privatsphärenschutz in Soziale-Netzwerke-Plattformen. Studie; Fraunhofer-Institut SIT; 25. September 2008; 124 Seiten. [BibTeX]

Sven Türpe; Andreas Poller; Jan Steffan; Jan-Peter Stotz; Jan Trukenmüller: Attacking the BitLocker Boot Process. Research Workshop on Challenges for Trusted Computing at the 3rd European Trusted Infrastructure Summer School (ETISS 2008). [BibTeX]
(superseded by Trust 2009 version)

Sven Türpe; Andreas Poller; Jürgen Repp; Jan Trukenmüller; Christian Bornmann: Supporting Security Testers in Discovering Injection Flaws. 3rd IEEE Testing: Academic and Industrial Conference (TAIC-PART 2008); Windsor, England, United Kingdom, August 2008. DOI: 10.1109/TAIC-PART.2008.7, © IEEE. [BibTeX]

Jan Steffan; Andreas Poller; Jan Trukenmüller; Jan-Peter Stotz; Sven Türpe: BitLocker Drive Encryption im mobilen und stationären Unternehmenseinsatz. Ein Leitfaden für Anwender. Fraunhofer-Institut SIT und BSI; 84 Seiten; 03/2008. [BibTeX]
[more information]