Model-Based Security -- Detecting Code Reuse Attacks with a Model of Conformant Program Execution -- Security@Runtime: A Flexible MDE Approach to Enforce Fine-Grained Security Policies -- Idea: Towards a Vision of Engineering Controlled Interaction Execution for Information Services -- Formal Methods -- Automated Formal Verification of Application-Specific Security Properties -- Fault-Tolerant Non-interference -- Quantitative Security Analysis for Programs with Low Input and Noisy Output -- A Modeling and Formal Approach for the Precise Specification of Security Patterns -- On the Relation between Redactable and Sanitizable Signature Schemes -- Idea: Towards a Working Fully Homomorphic Crypto-processor: Practice and the Secret Computer -- Web and Mobile Security -- Architectures for Inlining Security Monitors in Web Applications -- Automatic and Robust Client-Side Protection for Cookie-Based Sessions -- Security Testing of GSM Implementations -- Applications -- User-Centric Security Assessment of Software Configurations: A Case Study -- Idea: Security Engineering Principles for Day Two Car2X Applications.-Idea: Embedded Fault Injection Simulator on Smartcard.