In 2021 I joined the Foundational and Experimental Security research group as Assistant Professor (Universitair docent 2) and am working at the Department of Computer Science at Vrije Universiteit Amsterdam. I hold a Ph.D. in Computer Science and Engineering, which I completed at the University of Gothenburg.
I am passionate about building and evaluating methods for analyzing security threats and vulnerabilities in software systems. I like to work on solving practical problems with direct impact to the society. I particularly focus on:
Security-by-design. Threat modeling and risk analysis, automating security analysis of software architecture, compliance of code to the intended security.
Diversity effects in threat analysis. Risk perception, gender bias, diversity processes in technical (i.e., cybersecurity) domain.
Empirical methods for security. Designing and conducting controlled experiments, industrial case studies and studies involving human participants.
Are you interested to do a thesis with me? Find the current thesis topics here!
November 2021, invited talk at research seminar organised by DIGISEC at the Technical University of Denmark (DTU).
October 2021, invited talk at research seminar organised by the RGSE group at the University of Koblenz Landau.
September 2021, speaker at the Aurora Research Conference on the Digital Society and Global Citizenship. Watch video.
Seven pain points of threat analysis & risk assessment in the automotive domain (IEEE), K. Tuma and M. Widman, in IEEE Security & Privacy Magazine.
Checking Security Compliance between Models and Code (PDF), K. Tuma, S. Peldszus, R. Scandariato, J. Jürjens, in submission to Journal on Software and Systems Modeling (SoSyM)
Finding Security Threats That Matter: Two Industrial Case Studies (PDF), K. Tuma, C. Sandberg, U. Thorsson, M. Widman, T. Herpel, R. Scandariato, in Journal of Systems and Software (JSS), 2021.
Efficiency and Automation in Threat Analysis of Software Systems (PDF), K. Tuma, Department of Computer Science and Engineering (University of Gothenburg), defended in January 2021
Course design and teaching
Currently working on new courses at the VU.
Guest lecture in the M.Sc course Software Oriented Design (405061) coordinated and taught by Patricia Lago from the Software and Sustainability (S2) research group.
Co-creation, coordination and assistance in teaching the B.Sc flipped classroom course Mathematical Foundations or Software Engineering (DIT022).
Previous teaching assistance
Foraging mushrooms. This is what I see when I look at a forest. Recently, also rock-climbing.