4998 BIS Seminar
Dr. Alexander Novotny, MSc.
Contact details
alexander.novotny [at]
Weekly hours
Language of instruction
02/09/23 to 03/02/23
Registration via LPIS
Notes to the course
Day Date Time Room
Friday 03/17/23 03:15 PM - 07:45 PM TC.4.12
Friday 03/31/23 03:15 PM - 07:45 PM TC.4.12
Friday 04/14/23 02:30 PM - 07:00 PM TC.5.12
Friday 05/12/23 03:15 PM - 07:45 PM TC.4.12
Friday 06/23/23 02:00 PM - 06:30 PM TC.4.12

The digital economy increasingly builds upon the Internet of Things (IoT). The IoT connects physical objects such as buildings, vehicles, production facilities and wind turbines with the Internet enabling them to collect and exchange an increasing amount of data. With Internet connectivity and data collection built into all physical objects, cyber risks are not further restricted to the cyberspace. They threaten the functioning of society’s critical services such as food, energy and water supply and endanger communities sharing the same values such as human dignity and privacy.

As Marc Elsberg has contemplated in his novel “Blackout”, cyber attacks on the smart electricity grid may trigger a power breakdown of far reach. Global corporate and government networks compromised by advanced persistent threats (APTs) cannot only threaten the digital economy but additionally enable attackers to destroy industry facilities and public infrastructure on a mouse-click. The possibility of effective and universal cyberwarfare has become an alarming reality. Personal health data aggregated from different smart health devices may have the potential to expose a meaningful health status of patients to employers, and the government infringing their privacy. In these technology-driven ecosystems fostering sustainable human development is challenging and requires novel approaches and methods.

This research-guided seminar approaches how IoT-connected cyberphysical systems can be designed to be resilient against these risks by rigorously following a Security and Privacy by Design process. Risks and mitigating controls specific to essential services for different critical industry sectors in the digitally enabled economy such as energy, transport, banking, financial market infrastructure, health, drinking water and food supply, as well as telecommunication are elucidated.

Learning outcomes

After attending this course, students will have the following skills.

Subject-related skills

  • Know about threats, risks and controls to security and data protection in the Internet of Things.
  • Understand the specific challenges to security and crisis protection specific to essential services in critical sectors (energy, transport, banking, financial market infrastructure, health, drinking water supply and telecommunication) of the digitally enabled economy.
  • Understand the regulatory context of security and data protection in the Internet of Things within the European Union.
  • Judge on the impact IoT technologies have on human safety, privacy, freedom and autonomy as well as on the security of connected ICT systems.

Transferable skills

  • Apply a Security and Privacy by Design process in the lifecycle of IoT systems.
  • Discuss research-oriented topics related to the design, security, privacy, resilience, ethical and legal foundations of information technology in the IoT and in critical infrastructures.
  • Apply scientific research and academic writing.
Attendance requirements

Standard FS (=”Forschungsseminar”) attendance policy applies. Attendance in the first unit and overall for 80% of the time is required. Attendance in the first unit is mandatory (unqualified absence will result in deregistration from the course). For more information on the WU FS attendance policy please refer to
See below for mandatory attendance policy in the first unit.

Teaching/learning method(s)

The research-driven seminar is guided by current research results. Students are expected to elaborate on a topic of their choice, write an individual seminar paper (min. 25 norm pages á 1.800 characters incl. spaces per page (= min. 45.000 characters incl. spaces); this corresponds to approx. 15 DIN A4 pages depending on font size and spacing) and present the results to their peers. During this process, students will be intensively and individually coached. The seminar is complemented by interactive teaching and discussions.


Grading involves 3 independent components, including:

55% Seminar paper
20% Seminar presentation and accompanying materials (e.g., slides)

15% Research proposal and seminar paper coaching
10% Active participation in the units, in-class exercises

Grading system

87.5% - 100%             = "Sehr gut" (Excellent)
75% - 87.49%             = "Gut" (Good)
62.5% - 74.99%          = "Befriedigend" (Satisfactory)
50% - 62.49%             = "Genügend" (Sufficient)
Below 50%                 = "Nicht Genügend" (Fail)

Prerequisites for participation and waiting lists

Successful completion of course 1 (“Basics of ICT” / “Grundzüge der IKT”) of the SBWL Business Information Systems.
It is strongly recommended to also have completed course 2 to 4 of the SBWL before commencing with this course.
If you hold a valid registration for the course but are unable to participate, please deregister during the open registration period in LPIS. Your spot can be granted to other fellow students.
Spots are allocated on a first-come, first-served basis during the registration period.
After completion of the registration period, available spots will be allocated to students on the waiting list who have no valid registration for the relevant curricula's point. Students will be ranked by their study progress as determined by the vice rectorat for teaching ("hardship principle"), not by their rank on the waiting list.
Important Note: The participation in the first unit is mandatory; students who fail to come forfeit their place to students on the waiting list (in the  sequence of the waiting list). Students can excuse themselves if the reason for missing the first unit is serious and will concern only the first unit.

Selecting a seminar paper topic counts as participation and will lead to the course being graded. If you do not plan to participate please deregister before end of the registration period!


Please log in with your WU account to use all functionalities of read!t. For off-campus access to our licensed electronic resources, remember to activate your VPN connection connection. In case you encounter any technical problems or have questions regarding read!t, please feel free to contact the library at

Additional (blank) field



Last edited: 2022-12-08