Remote latency side channels reveal sensitive information by only observing latency variations in the attacker’s traffic with the victim. While these attacks are easy to mount and scale, there is no practical defense. Considering the more powerful attacker-in-the-middle scenarios, available mitigations require the cooperation of all communication partners for protection, and cause prohibitive overheads.

In this paper, we propose AckwardDelay, a new unilateral, purely client-side, and lightweight defense against remote latency side channels. In detail, we piece-wise apply constant-time principles on the latency side channel and computationally show that a fully remote attacker requires more than 250 samples to reduce the initial search space to below 1% with our recommended parameters, even in a scenario favoring the attacker. Based on our proof-of-concept AckwardDelay implementation with less than 1000 lines of code on Linux, we demonstrate that the accuracy of website- and video-fingerprinting attacks is reduced to random guessing in practice. With an increase of only 5.55% on website-loading times and a reduction of only 0.51% in transfer rates, we conclude that AckwardDelay is a practical, lightweight, and effective mitigation applicable to the vast number of client systems such as smart phones, tablets, and laptops.

This paper addresses the challenge of real-time tool condition monitoring in tapping processes using machine learning techniques, with a focus on cross-material generalization and robust fault detection. The study leverages a historical dataset from 1988, comprising 2,195 tapping experiments on two steel alloys - 16 MnCr 5 and 42 CrMo 4 - monitoring torque (Mz) signals to predict binary quality outcomes (good/bad) based on defined quality criteria. To overcome limitations in prior work, the authors introduce a feature extraction method that captures both amplitude and duration characteristics across distinct phases of the torque signal,. The evaluation framework includes increasingly challenging train/test splits: random, run-wise holdout, and cross-material (training on 16 MnCr 5, testing on 42 CrMo 4), enabling assessment of real-world generalizability.

Multiple machine learning models are tested using both raw time-series data (after cleaning and normalization) and engineered features. Results show Matthews Correlation Coefficients (MCC) of 0.40 - 0.41 under cross-material testing-indicating moderate but meaningful generalization across materials with different mechanical properties. This performance level suggests that fundamental physical regularities in successful tapping produce consistent torque signatures, enabling transferable detection of anomalies without retraining. Findings support the feasibility of plug-and-play monitoring systems in agile manufacturing environments, where minimal setup and broad applicability are essential.

Additive Manufacturing (AM) is increasingly adopted in the aerospace industry, as benefits like resource efficiency are complemented by distributed manufacturing possibilities that enhance supply chain resilience. However, replacing con ventional, established manufacturing methods with Laser Powder Bed Fusion in a highly regulated domain such as civil aviation comes at the price of increased requirements and thus costs for certification and quality assurance, which limit the attractiveness of AM. This paper presents a new data-based certification platform using Machine Learning (ML), a subdomain of artificial intelligence (AI), to enable faster and more cost-efficient design and manufacturing approval for additively manufactured aircraft components. The platform connects all relevant stakeholders and guides them through the certification process. As data sharing across different stakeholders and ML applications are central to the platform, a data governance concept aligned with European legislation, based on project-specific closed groups comprising direct supplier-customer relationships was developed. In addition, a compatible platform business model is described, presenting the roles of stakeholders and their respective value contributions. To this end, a deep dive into the landscape of current certification approaches and requirements was conducted and the impact of AM and the general use of AI on aircraft component certification was evaluated from technical, regulatory, legal, and economic perspectives

We investigate the effectiveness of anti-phishing support systems through a quantitative study involving 453 participants. To this end, we developed a tool that allows participants to immerse themselves in a realistic setting, tasked with classifying emails as either phishing or legitimate, while being assisted by support systems. Despite the prevalence of support systems in webmailers and email clients, our results indicate no significant difference in correctly assessing emails of varying difficulty between these systems and the control group. We found a minor negative effect of the support system that uses tooltips compared to other support systems. In the subsequent survey, we found that the support systems are appreciated and considered helpful by users, as supported by the results of the UEQ-S, even if they have no observable effect. Email context, such as the contact list, as well as hovering over the links, had stronger effects on the classification than the tested support systems. 

Accurate and timely forecasts of road surface conditions are crucial for efficient winter maintenance, enhanced traffic safety, and the optimized use of de-icing agents. Road surface phenomena, in complex fields present challenges to traditional forecasting methods due to their nonlinear and localized nature. This study presents a machine learning framework predicting real-time road states (dry, wet, icy, snowy) across Bavaria, Germany. It integrates data from over 516 Road Weather Stations (RWS), thermal measurements from winter maintenance vehicles, and elevation data from the Open Elevation API. Data undergoes temporal alignment, spatial interpolation, and missing-value imputation. Decision Trees form the core model for interpretability and nonlinear pattern handling. Each RWS employs a localized model, while a generalized version covers unmonitored roads via spatial adjustments. With over 85% accuracy, the system facilitates dynamic winter maintenance and minimizes resource waste. Cyber-physical in smart mobility and transportation networks support improved real-time hazard responses. This approach shows how scalable infrastructure can be made resilient using machine learning.

This paper presents a low-complexity, open-source platform designed to empower small and medium-sized enterprises (SMEs) in the premium business to business (B2B) packaging industry with advanced digital capabilities for product personalization and rapid design visualization. Addressing the sector’s persistent barriers such as limited IT resources, manual workflows, and lack of structured supplier data access, the proposed system integrates dynamic web scraping for automated supplier data acquisition with real-time image processing for printable area detection on packaging components, particularly bottles. Leveraging open-source tools like Beautiful Soup, OpenCV, and Shapely, the platform eliminates reliance on time-intensive manual integration and supports agile, data-driven design workflows. The development process is guided by human-centered design principles to ensure usability and alignment with SME operational realities. Results demonstrate that this approach significantly streamlines catalog management and design preparation, offering a scalable pathway for SMEs to achieve digital transformation and maintain competitive differentiation in an increasingly digitalized packaging market.

We present SITUATE, a novel dataset designed for training and evaluating Vision Language Models on counting tasks with spatial constraints. The dataset bridges the gap between simple 2D datasets like VLMCountBench and often ambiguous real-life datasets like TallyQA, which lack control over occlusions and spatial composition. Experiments show that our dataset helps to improve generalization for out-of-distribution images, since a finetune of Qwen VL 2.5 7B on SITUATE improves accuracy on the Pixmo count test data, but not vice versa. We cross validate this by comparing the model performance across established other counting benchmarks and against an equally sized fine-tuning set derived from Pixmo count.

Triple Graph Grammars (TGGs) are a visual, intuitive approach for specifying model transformations, allowing the automatic derivation of model management operations including forward/backward transformations and incremental synchronisation with guaranteed, desirable properties.
The conceptual simplicity of TGGs comes at a price, however, as all TGG tools impose substantial limits on practical expressiveness (measured by ease of specification, size, and readability in this paper), rendering TGGs unsuitable for real-world transformations and representing a major barrier to their mainstream adoption.
This paper discusses excerpts of model transformations that are exceedingly difficult (and perhaps even impossible) to specify using TGGs, analyses the underlying causes, and suggests suitable extensions of existing language features.
Our goal is to inspire research that improves the practical expressiveness of TGGs and facilitates applications of the approach.

This paper revisits the Families to Persons Case with a significant extension: concurrent model synchronization. Building on the original benchmark test cases, we introduce new tests for synchronizing models and resolving conflicts, thereby enhancing the framework's capability to benchmark bidirectional transformation tools under more realistic conditions. This advancement is crucial for assessing the tools' performance in concurrent engineering scenarios requiring data consistency across multiple models.

Rowhammer bit flips in DRAM enable software attackers to fully compromise a great variety of systems. Hardware mitigations can be precise and efficient but suffer from long deployment cycles and very limited or no update capabilities. Consequently, refined attack methods have repeatedly bypassed deployed hardware protections, repeatedly leaving commodity systems vulnerable to Rowhammer attacks.

In this paper, we present Memory Band-Aid, a principled defense-in-depth against Rowhammer. Memory Band-Aid is no replacement for long-term, efficient hardware mitigations but a defense-in-depth that is activated when hardware mitigations are discovered to be insufficient on a specific system generation. For this purpose, Memory Band-Aid introduces per-thread and per-bank rate limits for DRAM accesses in the memory controller, ensuring that the minimum number of row activations for Rowhammer bit flips cannot be reached. We implement a proof-of-concept of Memory Band-Aid on Ubuntu Linux and test it on 3 Intel and 3 AMD systems. In a micro-benchmark to cause DRAM pressure, we observe a slow down up to a factor of 5.2. In a collection of realistic Phoronix macro-benchmarks, we observe a low overhead of 0 % to 9.4 %. Both overheads only apply to untrusted throttled workloads, e.g., sandboxes, for instance in browsers. Especially as Memory Band-Aid can be enabled on demand, we conclude that Memory Band-Aid is an important defense-in-depth that should be deployed in practice as a second defense layer.

Rowhammer is a disturbance error in Dynamic Random-Access Memory (DRAM) that can be deliberately triggered from software by repeatedly reading, i. e., hammering, proximate memory locations in different DRAM rows. While numerous studies evaluated the Rowhammer effect, in particular how it can be triggered and how it can be exploited, most studies only use a small sample size of Dual In-line Memory Modules (DIMMs). Only few studies provided indication for the prevalence of the effect, with clear limitations to specific hardware configurations or FPGA-based experiments with precise control of the DIMM, limiting how far the results can be generalized.

In this paper, we perform the frist large-scale study of the Rowhammer effect involving 1 006 data sets from 822 systems. We measure Rowhammer prevalence in a fully automated crossplatform framework, FLIPKIT, using the available state-of-theart software-based DRAM and Rowhammer tools. Our framework automatically gathers information about the DRAM and uses 5 tools to reverse-engineer the DRAM addressing functions, and based on the reverse-engineered functions uses 7 tools to mount Rowhammer. We distributed the framework online and via USB thumb drives to thousands of participants from December 30, 2024, to June 30, 2025. Overall, we collected 1 006 datasets from systems with various CPUs, DRAM generations, and vendors. Our study reveals that out of 1 006 datasets, 453 (371 of the 822 unique systems) succeeded in the first stage of reverseengineering the DRAM addressing functions, indicating that successfully and reliably recovering DRAM addressing functions remains a significant open problem. In the second stage, 126 (12.5 % of all datasets) exhibited bit flips in our fully automated Rowhammer attacks. Our results show that fully-automated, i. e., weaponizable, Rowhammer attacks work on a lower share of systems than FPGA-based and lab experiments indicated but with 12.5 % enough to be a practical vector for threat actors. Furthermore, our results highlight that the two most pressing research challenges around Rowhammer exploitability are more reliable reverse-engineering addressing functions, as 50 % of datasets without bit flips failed in the DRAM reverse-engineering stage, and reliable Rowhammer attacks across diverse processor microarchitectures1, as only 12.5 % of datasets contained bit flips. Addressing each of these challenges could double the number of systems susceptible to Rowhammer and make Rowhammer a more pressing threat in real-world scenarios. 

The digital product passport is becoming an essential tool to increase transparency about the sustainability of products and to boost the circular economy in the European Union. With the revised Ecodesign for Sustainable Products Regulation having entered into force in July 2024, the digital product passport will become a necessary extension for many products placed on the European market. Industry practitioners are faced with the challenge of fulfilling content requirements while maintaining interoperability at the same time. Although industry practitioners face challenges in implementing digital product passports, existing research has largely focused on digital product passport systems, often overlooking the crucial aspect of digital product passport data. Work on this data typically falls short of addressing comprehensive interoperability. This research therefore proposes a minimal digital product passport data model that integrates current regulatory requirements while ensuring interoperability through the use of standardised submodel templates of the asset administration shell. We demonstrate that the current regulatory requirements can be met, but foreseeable extensions will require adjustments and therefore close synchronisation between standardisation initiatives and the institutions that further specify regulatory requirements.

Selected Contributions: Sustainable Excellence—Economic, Social, and Environmental Issues presents a curated collection of peer-reviewed research papers presented at the 2nd Tunisian Symposium on Economics and Management (TSEM 2025), held in Tunisia from April 11 to 13, 2025. The symposium was organised by the Research Unit "Economy, Enterprise, Environment" (3E) at the Higher Institute of Management (ISG), University of Gabes.

This volume offers a multidisciplinary and innovative examination of the factors underpinning sustainable excellence amid contemporary global challenges. The contributions are organised around five core themes: first, the role of innovation as a critical driver of ecological transition; second, the transformation of labour markets and accompanying social dynamics necessary for a just transition; third, the design and evaluation of sustainable economic models; fourth, the synergistic effects of artificial intelligence (AI) and financial inclusion on progress toward the Sustainable Development Goals (SDGs); and fifth, the significance of responsible managerial practices grounded in corporate social responsibility (CSR) and ethical governance.

Collectively, these contributions provide rigorous, timely insights into the interdependencies among economic, social, and environmental systems. This volume serves as an essential reference for academics, researchers, policymakers, and practitioners in the field.

This paper investigates the physiological responses of individuals driving both on a real
route and within a vehicle simulator designed as a digital twin of that route. The analysis
of observed data patterns in stress response bio signals provides sufficient evidence of
similarity to validating the driving simulation digital twin as a reliable replacement for
real-world experiences in controlled and consistent settings, or when overall trends of
physiological variables, rather than specific variable levels, are of interest. The findings also
stress the need for optimizing the precision of digital twins in complex settings. This study
introduces a time-series-based validation approach for driving digital twins by comparing
continuous physiological trajectories between real and simulated driving

Successful innovation processes involve multiple actors with distinct objectives, resources,
and competences across different stages of value creation. Close collaboration among relevant
stakeholders is therefore essential, yet it also entails substantial coordination and alignment
challenges. Drawing on a multi-method research design, this study examines the development and
market introduction of an advanced driver assistance system (ADAS) for passenger vehicles across
multiple market stages.
The findings conceptually and empirically demonstrate how stakeholders’ heterogeneous goal
structures and value assessments influence the innovation process across stages. In particular, the
results reveal that the absence of a multi-stage marketing (MSM) perspective can lead to
misalignments that adversely affect the progression and market success of the innovation. The
study further provides insights into how innovation processes can be systematically designed
across market stages to ensure end-user orientation and economic viability.
By integrating a multi-stage marketing perspective into innovation research, this paper
contributes to a more comprehensive understanding of innovation processes in complex, multi-
actor environments.

At a time when vehicle automation is becoming increasingly important, there
is a growing need for greater consumer centricity. However, the importance of
effectively deriving functional product specifications appears to be diminishing.
The case of Automated Parking Systems (APS) demonstrates that the automotive
industry often employs a top-down approach, in contrast to a more customer-
-centric method in the development process. To assess the effectiveness of this
top-down approach, we conducted a field study and a mixed-method online
survey to explore user expectations of APS functionality. Our findings indicate
that drivers strongly dislike excessive parking maneuvers caused by overly re-
strictive product specifications. Moreover, user demands are less stringent
than the development requirements set by OEMs. Based on these insights, we
recommend adopting a more user-centered approach. This shift could enable
companies to reduce development costs and time investments, while accelerat-
ing the adoption of their innovations.

Scents influence emotions, cognition and behavior by activating memories, enhanc-
ing mood and modulating mental processes. Perception of scents is shaped by both
stimulus-related dimensions, including familiarity, pleasantness and intensity and
individual factors – such as mood, sensory sensitivity and personality traits. The
present study systematically examined the relative impact of these determinants in
a quasi-experimental design involving 51 participants. Seven scents were evaluated
along perceptual dimensions (recognizability, pleasantness, familiarity, intensity)
and related to participants’ individual characteristics. Findings emphasize the inter-
play of stimulus-related dimensions and personality traits but highlight the need
for refined measures of (sensory-specific) personality traits in olfactory process-
ing for multisensory marketing and immersive applications.

Background

Rare diseases affect a small percentage of the population, leading to challenges such as delayed diagnoses and limited treatment options. Mobile health technologies offer solutions to improve patient outcomes, yet their application in rare diseases remains underexplored. The German citizen science project SelEe created a customizable app for the self-management of rare diseases through a co-creation process that involved patients with such conditions.

Methods

The project consisted of three phases. In Phase 1, 9 to 68 patients or relatives of patients participated in workshops to define research topics and app requirements. Phase 2 involved a core research team of nine patients and researchers who iteratively developed the app, released in March 2023. Phase 3 focused on evaluating the app’s usage and usability through an in-app survey conducted from March 2023 to February 2024. We utilized descriptive statistics to evaluate app usage and employed the mHealth App Usability Questionnaire to assess usability.

Results

The SelEe app offers the possibility to create and store data in a personalized health diary. Patients can create their own templates or use templates which were defined by the core research team. Users can record findings (e.g. blood test results) and export data using different graphs and formats. Furthermore, the app supports blind users. The app was downloaded 3040 times and 1456 users registered, with 1967 unique diseases entered. 50.7% of the diseases were rare, 30.5% non-rare, and 18.8% were classified as suspected, undefined, or symptoms. A total of 1223 valid user profiles were analyzed for app usage and demographics. Furthermore, 432 users qualified for the in-app survey by making at least one health diary entry, and 117 participated. The app was rated with an overall usability score of 5.19 out of 7. While the app’s health diary function was frequently used, other functionalities like findings and data export were less utilized. Feedback highlighted the need for improved usability and additional features.

Conclusions

The study highlights active patient engagement in developing a mobile health app for individuals with rare diseases. Although improvements are necessary for broader acceptance, the app is promising for the management of rare diseases.

KI im Marketing, Methoden des maschinellen Lernens, Anwendungsmöglichkeiten von KI im Marketing, insbesondere auch von generativer KI

This paper introduces a novel benchmark dataset designed to evaluate the capabilities of Vision Language Models (VLMs) on tasks that combine visual reasoning with subject-specific background knowledge in the German language. In contrast to widely used English-language benchmarks that often rely on artificially difficult or decontextualized problems, this dataset draws from real middle school curricula across nine domains including mathematics, history, biology, and religion. The benchmark includes over 2,000 open-ended questions grounded in 486 images, ensuring that models must integrate visual interpretation with factual reasoning rather than rely on superficial textual cues. We evaluate thirteen state-of-the-art open-weight VLMs across multiple dimensions, including domain-specific accuracy and performance on adversarial crafted questions. Our findings reveal that even the strongest models achieve less than 45% overall accuracy, with particularly poor performance in music, mathematics, and adversarial settings. Furthermore, the results indicate significant discrepancies between success on popular benchmarks and real-world multimodal understanding. We conclude that middle school-level tasks offer a meaningful and underutilized avenue for stress-testing VLMs, especially in non-English contexts. The dataset and evaluation protocol serve as a rigorous testbed to better understand and improve the visual and linguistic reasoning capabilities of future AI systems.