TU Wien Informatics

20 Years

Stefan Fenz

Senior Scientist Dipl.-Ing. Mag.rer.soc.oec. Dr.techn.

Research Focus

Stefan Fenz

About

Stefan (CISSP) is senior scientist at TU Wien, key researcher at SBA Research, and co-founder of Xylem Technologies GmbH. From 2012 to 2015, Stefan was an appointed member of the European Network and Information Security Agency’s (ENISA) Permanent Stakeholder Group.

In 2010, Stefan worked as a visiting scholar at Stanford Center for Biomedical Informatics Research at Stanford University (USA). From 2008 to 2012, Stefan lectured on information security at Peking University (Beijing, China), Beijing Jiaotong University (Beijing, China), Konkuk University (Seoul, Korea) and University of Applied Sciences Technikum Wien (Vienna, Austria).

His research is on organizational information security, semantic technologies, AI and decision support. Stefan received an MSc in software engineering & internet computing from TU Wien, an MSc in political science from University of Vienna, an MSc in business informatics from TU Wien, and a PhD in computer science from TU Wien. He is a member of the IFIP WG 11.1 – Information Security Management, the IEEE Systems, Man, and Cybernetics Society and ISC².

Role

2024W

 

2023

  • AI- and data-driven pre-crop values and crop rotation matrices / Fenz, S., Neubauer, T., Heurix, J., Friedel, J. K., & Wohlmuth, M.-L. (2023). AI- and data-driven pre-crop values and crop rotation matrices. European Journal of Agronomy, 150, Article 126949. https://doi.org/10.1016/j.eja.2023.126949
    Download: PDF (6.86 MB)
  • RenoDSS - a BIM-based building renovation decision support system / Fenz, S., Giannakis, G., Bergmayr, J., & Iousef, S. (2023). RenoDSS - a BIM-based building renovation decision support system. Energy and Buildings, Article 112999. https://doi.org/10.1016/j.enbuild.2023.112999
  • IFC-based building renovation scenario generator / Fenz, S., Bergmayr, J., & Giannakis, G. (2023). IFC-based building renovation scenario generator. In Proceedings of the 2023 European Conference on Computing in Construction and the 40th International CIB W78 Conference. 2023 European Conference on Computing in Construction and the 40th International CIB W78 Conference, Heraklion, Greece. https://doi.org/10.35490/EC3.2023.170
  • AI- and data-driven crop rotation planning / Fenz, S., Neubauer, T., Friedel, J. K., & Wohlmuth, M.-L. (2023). AI- and data-driven crop rotation planning. Computers and Electronics in Agriculture, 212, Article 108160. https://doi.org/10.1016/j.compag.2023.108160

2021

  • Integration of building material databases for IFC-based building performance analysis / Fenz, S., Bergmayr, J., Plattner, N., Chávez-Feria, S., Poveda-Villalón, M., & Giannakis, G. (2021). Integration of building material databases for IFC-based building performance analysis. In Proceedings of the 38th International Symposium on Automation and Robotics in Construction (ISARC). International Association for Automation and Robotics in Construction (IAARC), Austria. International Association for Automation and Robotics in Construction (IAARC). https://doi.org/10.22260/isarc2021/0027
  • An Integrated Scan-to-BIM Approach for Buildings Energy Performance Evaluation and Retrofitting / Valero, E., Mohanty, D. D., Ceklarz, M., Tao, B., Bosche, F., Giannakis, G. I., Fenz, S., Katsigarakis, K., N. Lilis, G., Rovas, D., & Papanikolaou, A. (2021). An Integrated Scan-to-BIM Approach for Buildings Energy Performance Evaluation and Retrofitting. In Proceedings of the 38th International Symposium on Automation and Robotics in Construction (ISARC). International Association for Automation and Robotics in Construction (IAARC), Austria. International Association for Automation and Robotics in Construction (IAARC). https://doi.org/10.22260/isarc2021/0030

2020

2018

2017

2016

2015

2014

2013

  • FORISK: Formalizing information security risk and compliance management / Fenz, S., Neubauer, T., Accorsi, R., & Koslowski, T. (2013). FORISK: Formalizing information security risk and compliance management. In 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W). 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W), Budapest, EU. https://doi.org/10.1109/dsnw.2013.6615533
  • SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment / Wolosiuk, D., Ghiassi, N., Pont, U., Shayeganfar, F., Mahdavi, A., Fenz, S., Heurix, J., Anjomshoaa, A., & Tjoa, A. M. (2013). SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment. In J. Hraska (Ed.), enviBUILD 2013 - Buildings and Environment (p. 6). STU - Nakladateľstvo STU, Bratislava 2013. http://hdl.handle.net/20.500.12708/64207
  • Towards web-based information security knowledge sharing / Feledi, D., Fenz, S., & Lechner, L. (2013). Towards web-based information security knowledge sharing. Journal of Information Security and Applications, 17(4), 199–209. https://doi.org/10.1016/j.istr.2013.03.004
  • A Rule-Based Transformation System for Converting Semi-Structured Medical Documents / Heurix, J., Rella, A., Fenz, S., & Neubauer, T. (2013). A Rule-Based Transformation System for Converting Semi-Structured Medical Documents. Health and Technology, 3(1), 51–63. https://doi.org/10.1007/s12553-013-0040-0
  • An ontology-aided Optimization Approach to Eco-Efficient Building Design / Shayeganfar, F., Anjomshoaa, A., Heurix, J., Sustr, C., Ghiassi, N., Pont, U., Fenz, S., Neubauer, T., Tjoa, A. M., & Mahdavi, A. (2013). An ontology-aided Optimization Approach to Eco-Efficient Building Design. In IBPSA (Ed.), Building Simulation 2013 - 13th International Conference of the International Building Performance Simulation Association. (pp. 2193–2199). IBPSA. http://hdl.handle.net/20.500.12708/64187
  • A comprehensive building model for performance-guided decision support / Ghiassi, N., Shayeganfar, F., Pont, U., Mahdavi, A., Heurix, J., Fenz, S., Anjomshoaa, A., & Tjoa, A. M. (2013). A comprehensive building model for performance-guided decision support. In A. Mahdavi & B. Martens (Eds.), Proceedings of the 2nd Central European Symposium on Building Physics 9-11 September 2013, Vienna, Austria (pp. 35–42). ÖKK-Editions. http://hdl.handle.net/20.500.12708/64163
  • Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit / Heurix, J., Fenz, S., Anjomshoaa, A., Neubauer, T., Tjoa, A. M., Taheri, M., Shayeganfar, F., Pont, U., Ghiassi, N., Sustr, C., & Mahdavi, A. (2013). Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit. In A. Mahdavi & B. Martens (Eds.), Proceedings of the 2nd Central European Symposium on Building Physics 9-11 September 2013, Vienna, Austria (pp. 27–34). ÖKK-Editions. http://hdl.handle.net/20.500.12708/64162
  • Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment / Pont, U., Shayeganfar, F., Ghiassi, N., Taheri, M., Sustr, C., Mahdavi, A., Heurix, J., Fenz, S., Neubauer, T., Tjoa, A. M., & Anjomshoaa, A. (2013). Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment. In A. Mahdavi & B. Martens (Eds.), Proceedings of the 2nd Central European Symposium on Building Physics 9-11 September 2013, Vienna, Austria (pp. 19–26). ÖKK-Editions. http://hdl.handle.net/20.500.12708/64161
  • A modular methodology for the development of urban energy planning support software / Ouhajjou, N., Palensky, P., Stifter, M., Page, J., Fenz, S., & Tjoa, A. M. (2013). A modular methodology for the development of urban energy planning support software. In IECON 2013 - 39th Annual Conference of the IEEE Industrial Electronics Society. IEEE Computer Society. https://doi.org/10.1109/iecon.2013.6700392

2012

2011

  • Verification, Validation, and Evaluation in Information Security Risk Management / Fenz, S., & Ekelhart, A. (2011). Verification, Validation, and Evaluation in Information Security Risk Management. IEEE Security and Privacy, 9(2), 58–65. https://doi.org/10.1109/msp.2010.117
    Project: SecOnt (2008–2010)
  • E-Business and Information Security Risk Management / Fenz, S. (2011). E-Business and Information Security Risk Management. In E. Kajan (Ed.), Electronic Business Interoperability (pp. 596–614). IGI Global. https://doi.org/10.4018/978-1-60960-485-1.ch024
    Project: SecOnt (2008–2010)
  • A Community Knowledge Base for IT Security / Fenz, S., Parkin, S., & Moorsel, A. van. (2011). A Community Knowledge Base for IT Security. IT Professional, 13(3), 24–30. https://doi.org/10.1109/mitp.2011.35
  • Information Security Risk Management: In which security solutions is it worth investing? / Fenz, S., Ekelhart, A., & Neubauer, T. (2011). Information Security Risk Management: In which security solutions is it worth investing? Communications of the Association for Information Systems, 28(1), 329–356. http://hdl.handle.net/20.500.12708/161667
  • Towards Automatic Generation of Ontology-Based Antipattern Bayesian Network Models / Settas, D., Cerone, A., & Fenz, S. (2011). Towards Automatic Generation of Ontology-Based Antipattern Bayesian Network Models. In 2011 Ninth International Conference on Software Engineering Research, Management and Applications. 9th International Conference on Software Engineering Research, Management and Applications (SERA 2011), Baltimore, Maryland USA, Non-EU. https://doi.org/10.1109/sera.2011.15
  • Information Security Automation: How Far Can We Go? / Montesino, R., & Fenz, S. (2011). Information Security Automation: How Far Can We Go? In 2011 Sixth International Conference on Availability, Reliability and Security. Sixth International Conference on Availability, Reliability, and Security (ARES 2011), Vienna, Austria. IEEE. https://doi.org/10.1109/ares.2011.48
  • Automation Possibilities in Information Security Management / Montesino, R., & Fenz, S. (2011). Automation Possibilities in Information Security Management. In 2011 European Intelligence and Security Informatics Conference. European Intelligence and Security Informatics Conference 2011, Athens, EU. https://doi.org/10.1109/eisic.2011.39
  • An ontology- and Bayesian-based approach for determining threat probabilities / Fenz, S. (2011). An ontology- and Bayesian-based approach for determining threat probabilities. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS ’11. ACM Symposium on Information, Computer, and Communications Security (ASIACCS 2011), Hongkong, Non-EU. ACM. https://doi.org/10.1145/1966913.1966958
    Project: SecOnt (2008–2010)

2010

  • From the Resource to the Business Process Risk Level / Fenz, S. (2010). From the Resource to the Business Process Risk Level. In Proceedings of the South African Information Security Multi-Conference (SAISMC’2010) (pp. 100–109). http://hdl.handle.net/20.500.12708/53131
    Project: SecOnt (2008–2010)
  • Ontology-based generation of IT-security metrics / Fenz, S. (2010). Ontology-based generation of IT-security metrics. In Proceedings of the 2010 ACM Symposium on Applied Computing - SAC ’10. 25th ACM Symposium on Applied Computing (SAC 2010), Sierre, Switzerland, Non-EU. ACM. https://doi.org/10.1145/1774088.1774478
    Project: SecOnt (2008–2010)

2009

  • Business Process-Based Resource Importance Determination / Fenz, S., Ekelhart, A., & Neubauer, T. (2009). Business Process-Based Resource Importance Determination. In Business Process Management (pp. 113–127). Springer. https://doi.org/10.1007/978-3-642-03848-8_9
    Project: SecOnt (2008–2010)
  • Ontologiebasiertes IT Risikomanagement / Ekelhart, A., Fenz, S., & Neubauer, T. (2009). Ontologiebasiertes IT Risikomanagement. In D.A.CH Security 2009 (pp. 14–24). Heise Zeitschriften Verlag GmbH & Co. KG. http://hdl.handle.net/20.500.12708/53162
    Project: SecOnt (2008–2010)
  • Ontology-based generation of Bayesian networks / Fenz, S., Tjoa, A. M., & Hudec, M. (2009). Ontology-based generation of Bayesian networks. In Proceedings of the Third International Conference on Complex, Intelligent and Software Intensive Systems - International Workshop on Ontology Alignment and Visualization - OnAV’09 (pp. 712–717). http://hdl.handle.net/20.500.12708/52599
    Project: SecOnt (2008–2010)
  • How to determine threat probabilities using ontologies and Bayesian networks / Fenz, S., & Neubauer, T. (2009). How to determine threat probabilities using ontologies and Bayesian networks. In Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies - CSIIRW ’09. 5th Annual Workshop on Cyber Security and Information Intelligence Research, Knoxville, TN, Non-EU. ACM New York. https://doi.org/10.1145/1558607.1558686
    Project: SecOnt (2008–2010)
  • Ontological Mapping of Information Security Best-Practice Guidelines / Fenz, S., Pruckner, T., & Manutscheri, A. (2009). Ontological Mapping of Information Security Best-Practice Guidelines. In Proceedings of the 12th International Conference on Business Information Systems (pp. 49–60). http://hdl.handle.net/20.500.12708/52659
    Project: SecOnt (2008–2010)
  • Automated Risk and Utility Management / Ekelhart, A., Fenz, S., & Neubauer, T. (2009). Automated Risk and Utility Management. In Proceedings of the Sixth International Conference on Information Technology: New Generations (pp. 393–398). IEEE Computer Society. http://hdl.handle.net/20.500.12708/52658
    Project: SecOnt (2008–2010)
  • Ontology-based Decision Support for Information Security Risk Management / Fenz, S., Ekelhart, A., & Neubauer, T. (2009). Ontology-based Decision Support for Information Security Risk Management. In Proceedings of the 4th International Conference on Systems (pp. 80–85). http://hdl.handle.net/20.500.12708/52623
    Project: SecOnt (2008–2010)
  • Formalizing information security knowledge / Fenz, S., & Ekelhart, A. (2009). Formalizing information security knowledge. In Proceedings of the 2009 ACM symposium on Information, computer and communications security (pp. 183–194). http://hdl.handle.net/20.500.12708/52594
    Project: SecOnt (2008–2010)
  • AURUM: A Framework for Information Security Risk Management / Neubauer, T., Ekelhart, A., & Fenz, S. (2009). AURUM: A Framework for Information Security Risk Management. In Proceedings of the 42th Hawaii International Conference on System Sciences (HICSS’09) (pp. 1–10). http://hdl.handle.net/20.500.12708/52370
    Project: SecOnt (2008–2010)

2008

  • XML Security - A Comparative Literature Review / Ekelhart, A., Fenz, S., Goluch, G., Steinkellner, M., & Weippl, E. (2008). XML Security - A Comparative Literature Review. Journal of Systems and Software, 81(10), 1715–1724. https://doi.org/10.1016/j.jss.2007.12.763
    Project: SecOnt (2008–2010)
  • Integration of an Ontological Information Security Concept in Risk Aware  Business Process Management / Goluch, G., Ekelhart, A., Fenz, S., Jakoubi, S., & Mück, T. (2008). Integration of an Ontological Information Security Concept in Risk Aware  Business Process Management. In Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008). 41th Hawaii International Conference on System Sciences (HICSS’08), Hawaii, Non-EU. IEEE Computer Society. https://doi.org/10.1109/hicss.2008.211
    Project: SecOnt (2008–2010)
  • Pseudonymization for improving the Privacy in E-Health Applications / Neubauer, T., Riedl, B., Fenz, S., & Grascher, V. (2008). Pseudonymization for improving the Privacy in E-Health Applications. In Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008). 41th Hawaii International Conference on System Sciences (HICSS’08), Hawaii, Non-EU. IEEE Computer Society. https://doi.org/10.1109/hicss.2008.366
  • Ontology- and Bayesian-based information security risk management / Fenz, S. (2008). Ontology- and Bayesian-based information security risk management [Dissertation, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/179784
  • Ontology- and Bayesian-based Threat Probability Determination / Fenz, S., & Tjoa, A. M. (2008). Ontology- and Bayesian-based Threat Probability Determination. In Proceedings of the Junior Scientist Conference 2008 (pp. 69–70). http://hdl.handle.net/20.500.12708/52597
    Project: SecOnt (2008–2010)
  • Fortification of IT Security by Automatic Security Advisory Processing / Weippl, E., Fenz, S., & Ekelhart, A. (2008). Fortification of IT Security by Automatic Security Advisory Processing. In 22nd International Conference on Advanced Information Networking and Applications (aina 2008). 22nd International Conference on Advanced Information Networking and Applications AINA 2008, Okinawa, Japan, Non-EU. IEEE Computer Society. https://doi.org/10.1109/aina.2008.69
    Project: SecOnt (2008–2010)
  • Interactive Selection of ISO 27001 Controls under Multiple Objectives / Neubauer, T., Ekelhart, A., & Fenz, S. (2008). Interactive Selection of ISO 27001 Controls under Multiple Objectives. In Proceedings of The Ifip Tc 11 23rd International Information Security Conference (pp. 477–492). Springer-Verlag GmbH. https://doi.org/10.1007/978-0-387-09699-5_31
    Project: SecOnt (2008–2010)
  • Semantic Potential of existing Security Advisory Standards / Ekelhart, A., Weippl, E., & Fenz, S. (2008). Semantic Potential of existing Security Advisory Standards. In Inproceedings of the FIRST 2008. The Forum of Incident Response and Security Teams (FIRST), Vancouver, Non-EU. http://hdl.handle.net/20.500.12708/52160
    Project: SecOnt (2008–2010)

2007

2006

  • Security ontologies : improving quantitative risk analysis / Fenz, S. (2006). Security ontologies : improving quantitative risk analysis [Master Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/184418
  • Ontology-Based Business Knowledge for Simulating Threats to Corporate Assets / Tjoa, A. M., Weippl, E., Klemen, M., Ekelhart, A., & Fenz, S. (2006). Ontology-Based Business Knowledge for Simulating Threats to Corporate Assets. In Proceedings of the 6th International Conference on Practical Aspects of Knowledge Management (pp. 37–48). Springer. http://hdl.handle.net/20.500.12708/176626
    Project: SecOnt (2008–2010)
  • Security Ontology: Simulating Threats to Corporate Assets / Klemen, M., Weippl, E., Ekelhart, A., & Fenz, S. (2006). Security Ontology: Simulating Threats to Corporate Assets. In Proceedings of the 2nd International Conference on Information Systems Security(ICISS 2006) (pp. 249–259). Springer. http://hdl.handle.net/20.500.12708/51423
    Project: SecOnt (2008–2010)
  • Ontology-based IT-Security planning / Weippl, E., & Fenz, S. (2006). Ontology-based IT-Security planning. In Proceedings of the 2006 IEEE International Symposium Pacific Rim Dependable Computing (PRDC’06) (pp. 389–390). http://hdl.handle.net/20.500.12708/51421
    Project: SecOnt (2008–2010)

2005