Patrick Stöckle
As a researcher in IT security and software engineering, I have published several articles as a first author, notably two A* papers. During my time at the Technical University of Munich (TUM), I worked 4 years on an industry-funded project about security configuration. Furthermore, I was for 4 years (2019 – 2022) the leading teaching assistant for the course Security Engineering. Thus, I have profound knowledge of IT security from an industrial and academic perspective. As a programmer, I have more than 10 years of programming experience in different languages. Furthermore, I can offer excellent software engineering and team collaboration skills.
Experience
Siemens AG
Research Scientist • March 2023 – Present, Munich
Technical University of Munich (TUM)
Research Assistant • November 2017 – February 2023, Munich
I have been working at the Chair of Software and Systems Engineering. I worked for 4 years on a third-party project about security configuration funded by Siemens. Furthermore, I was teaching in the form of central exercises and tutorials, notably as the leading teaching assistant of the course Security Engineering from 2019 until 2022. I created the practical exercises in this course and graded and explained them. Furthermore, I organized the final exam.
3iMedia GmbH
Software Engineer • August 2014 – March 2017, Eggenstein-Leopoldshafen
Web Development, Mobile App Development
Schülerhilfe Ettlingen
Student Tutor • May 2012 – July 2014, Ettlingen
Student tutor for Mathematics, Latin Language, and Physics.
Education
⬆️Technical University of Munich (TUM)
Ph.D., Informatics • November 2022 – Present
Thesis Title: A Holistic Approach for Security Configuration
Supervisor: Prof. Dr. Alexander Pretschner.
2nd supervisor: Prof. Dr. Claudia Eckert.
Karlsruhe Institute of Technology (KIT)
Master of Science, Informatics • April 2016 – September 2017
Master's thesis's title: Model Versioning with Consistency Conservation in Vitruvius in the context of the VITRUVIUS project.
Majors: Software Engineering and Software Security.
Minor: Economics with focus on Game Theory.
Karlsruhe Institute of Technology (KIT)
Bachelor of Science, Informatics • October 2012 – March 2016
Bachelor's thesis's title: Partikelbasierte Erweiterung und Laufzeitoptimierung der Prädiktion von Posen gesuchter Objekte mittels Implicit Shape Models in the context of the Active Scene Recognition project.
Minor: Mathematics (Algebra).
Skills
⬆️IT Security and Security Configuration
Since the IT security focus in my master's degree, I have been heavily involved with this. Later, in my Ph.D., I worked on a cooperation project between the Technical University of Munich (TUM) and Siemens on security configuration. Security misconfigurations enable many cyberattacks and make most of them easier than necessary. Through the experience of that project, I know very well about practical IT security problems and how to fix them. In the industry project, I developed tools to help administrators to harden their systems. If organizations hardened their infrastructure using these tools now, they would prevent data breaches and ransomware attacks in the future.
Teaching and Supervision
I am a good teacher who can help people better understand complex matters. From 2019 until 2022, I was the leading teaching assistant for the course Security Engineering at the TUM, with ca. 300 enlisted students every year. I renovated much of the existing but outdated course material during this time and added more recent and relevant content. Furthermore, I introduced hands-on programming exercises; I provided the exercises to the students via the Artemis Learning Platform. Before introducing these programming exercises, there were only a couple of student submissions every week. Afterward, over 80 students submitted, on average, a working solution per week. Motivating these students to not only study the theory for the exam but also make their hands dirty and implement the stuff made them learn even more.
During my time at the TUM, I supervised 13 bachelor's/master's theses. Although I supervised them, I learned a lot from my students. Supporting others with advice and guidance and seeing how they solved some problems I struggled with or came up with ideas I had never thought about was an incredible experience.
Programming and Software Engineering
I am an experienced programmer with a lot of experience in different languages. Currently, the language I use the most is Python 🐍, but I learned to program with Java ☕️. During my studies, I also programmed in C, C++, Haskell, TypeScript, Xtend, and Kotlin. Furthermore, I am very passionate about everything around writing the actual software.
For me, version control with git is a pivotal part of handling any software project, and I worked a lot with continuous integration tools such GitLab CI/CD. Thanks to an excellent course at the TUM, I know a lot about REST, Microservices, Docker, Protocol Buffers, and Spring. All these concepts, frameworks, and tools can help us as programmers enormously when writing, deploying and maintaining software.
Selected Publications
⬆️Automated Implementation of Windows-related Security-Configuration Guides
Patrick Stöckle, Bernd Grobauer, Alexander Pretschner
In: 35th IEEE/ACM International Conference on Automated Software Engineering
Overall Acceptance Rate: 37 of 312 submissions (12%).
Automated Identification of Security-Relevant Configuration Settings Using NLP
Patrick Stöckle, Theresa Wasserer, Bernd Grobauer, Alexander Pretschner
In: 37th IEEE/ACM International Conference on Automated Software Engineering
Overall Acceptance Rate: 128 of 562 submissions (23%).
Hardening with Scapolite: A DevOps-based Approach for Improved Authoring and Testing of Security-Configuration Guides in Large-Scale Organizations
Patrick Stöckle, Ionuț Pruteanu, Bernd Grobauer, Alexander Pretschner
In: Twelveth ACM Conference on Data and Application Security and Privacy (CODASPY)
Overall Acceptance Rate: 65 of 357 submissions (18%).
Sichere Konfigurationshärtung laufender Systeme
Patrick Stöckle, Michael Sammereier, Bernd Grobauer, Alexander Pretschner
Automatisierte Identifikation von sicherheitsrelevanten Konfigurationseinstellungen mittels NLP
Patrick Stöckle, Theresa Wasserer, Bernd Grobauer, Alexander Pretschner
For a full list of my publications, please have a look at my Google Scholar profile.
Talks
⬆️Automatisierte Identifikation von sicherheitsrelevanten Konfigurationseinstellungen mittels NLP
Date: 24.02.2023
Event: Software Engineering 2023
Sichere Konfigurationshärtung laufender Systeme
Date: 09.02.2023
Event: 30. DFN-Konferenz "Sicherheit in vernetzten Systemen"
Sichere Konfiguration leicht(er) gemacht
Date: 17.10.2022
Event: 2. Online-Informationsveranstaltung für kommunale IT-Dienstleister
Automated Identification of Security-Relevant Configuration Settings Using NLP
Date: 11.10.2022
Event: ASE'22
Sicherheitskonfigurationsrichtlinien effizient verwalten und umsetzen: Der Scapolite-Ansatz
Date: 03.02.2022
Event: 29. DFN-Konferenz "Sicherheit in vernetzten Systemen"
Automated Implementation of Windows-related Security-Configuration Guides
Date: 26.02.2021
Event: SE'21
Open Windows? Attacks on poorly configured Windows 10 instances
Date: 20.10.2020
Event: TAPAS@Siemens
Automated Implementation of Windows-related Security-Configuration Guides
Date: 23.09.2020
Event: ASE'20
Towards deriving automated implementation & verification mechanisms from a single machine-readable requirements specification
Date: 02.05.2019
Event: SCAPv2 Workshop
Teaching
⬆️Summer '22
Security Engineering
University: Technical University of Munich (TUM)
Role: Leading Teaching Assistant
Summer '21
Security Engineering
University: Technical University of Munich (TUM)
Role: Leading Teaching Assistant
Winter '20/21
Advanced Topics of Software Engineering
University: Technical University of Munich (TUM)
Role: Teaching Assistant
Summer '20
Security Engineering
University: Technical University of Munich (TUM)
Role: Leading Teaching Assistant
Winter '19/20
Advanced Topics of Software Engineering
University: Technical University of Munich (TUM)
Role: Teaching assistant
Summer '19
Security Engineering
University: Technical University of Munich (TUM)
Role: Leading Teaching Assistant
Personal Interests
⬆️- I'm a dog owner since 2021. I love to spend time outside with my wife and our dog on walks within the city of Munich and hikes outside the city, for example, in the Alps. 🐕🥾⛰
- I love to go to museums and visit exhibitions. 🖼 My favorite permanent exhibition in the city of Munich is the Lenbachhaus, but I really like the temporary exhibitions of the Kunsthalle.
- Another hobby of mine is going to theaters and operas. 🎭 Here in Munich, my favorite place is the Gärtnerplatztheater for operas and the Volkstheater for plays.
- I really like playing soccer and started recently with flag football. ⚽️🏈 Furthermore, I like to participate in running events like the Munich Marathon where I was running the half-marathon in 2022. 🏃🏻♂️
Social Links
- Email: patrick.stoeckle@posteo.de
- Github: https://github.com/pstoeckle
- Twitter: https://twitter.com/p_stoeckle
- LinkedIn: https://www.linkedin.com/in/patrick-stoeckle/
- ResearchGate: https://www.researchgate.net/profile/Patrick-Stoeckle-2
- Google Scholar: https://scholar.google.com/citations?user=rq9oDIoAAAAJ
- Website: https://pstoeckle.github.io/