Shao-Fang Wen

Shao-Fang Wen

Førsteamanuensis
Institutt for økonomi og IT
USN Handelshøyskolen
Campus Bø
31 00 95 54
Shao Fang (Steven) Wen er førsteamanuensis i IT med bred profesjonell erfaring innen systemutvikling, cybersikkerhet, teknologiledelse og forskningsbasert innovasjon. Han har mer enn 15 års erfaring fra IT-sektoren, blant annet fra roller innen IT-ledelse, prosjektledelse, systemimplementering, business intelligence, ERP, webapplikasjonsutvikling og sikker tilgangsstyring. Hans profesjonelle kompetanse omfatter systemanalyse, programvaredesign, Java og webapplikasjonsutvikling, datavarehus, styringsdashbord, implementering av virksomhetssystemer, cybersikkerhetsledelse, semantiske webteknologier, ontologier, kunnskapsforvaltning og utvikling av applikasjoner støttet av kunstig intelligens. Han har erfaring fra flere industrielle domener, blant annet halvlederindustri, elektronikk, mekanisk industri, kjemisk industri, mikrosystemer og forskningsprosjekter i samarbeid med offentlig sektor. I sin nåværende akademiske rolle underviser Steven i programmering, objektorientert design, algoritmer, datastrukturer, systemutviklingsmetodikk og programvaresikkerhet. Han arbeider også med emneutvikling, praktisk laboratoriedesign og veiledning av bachelor og masterprosjekter. Gjennom sitt arbeid kombinerer han industriell IT-erfaring, teknisk kompetanse, forskningsbaserte metoder og pedagogisk praksis for å bidra til sikrere, mer pålitelige og bedre forståtte digitale systemer.

Ansvarsområder

Teaching:

  • Object-Oriented Design and Programming
  • Advanced Java Programming
  • Algorithms and Data Structures
  • Programming Methodology and Software Design
  • Software Security and Secure Programming
  • Supervision of bachelor projects and student projects in system development and cybersecurity
  • Development of reflection-based teaching and assessment methods in programming education

Research Areas

  • Security Assurance and Security Assessment of Software, Hardware, AI, and Cyber Physical Systems
  • AI-driven Security Assurance and Governed AI Reasoning
  • Quantitative, Traceable, and Threat Validated Security Evaluation
  • Assurance Context Modelling and Context-based Cybersecurity Analysis
  • Sociotechnical analysis of digital systems and security practices
  • Ontologies, Metadata Design, and Semantic Knowledge Modelling
  • Governance and responsible use of AI in computer science education

Professional Roles and Networks

Kompetanse

  • IT Leadership and Technology Management
  • System Development, System Analysis, and Software Design
  • Business Intelligence, Data Warehousing, and Data Analytics
  • ERP and Enterprise System Implementation
  • Cybersecurity Management and Secure System Development
  • Web Application Development and Advanced Programming
  • Semantic Web Technologies, Ontologies, and Knowledge Management Systems
  • AI-supported System Development and LLM-based Applications
  • Interdisciplinary Collaboration with Academia, Industry, and Public Sector Partners

CV

Publikasjoner

Journal Publications

  1. Wen, Shao-Fang, and Arvind Sharma. "Assurance Oriented Hardware Decomposition: A Deterministic Approach to Security Assurance." (2026).
  2. Wen, Shao-Fang. "Ontological Foundations for Deterministic Assurance Context Construction and Governed AI Reasoning." Applied Sciences 16, no. 4 (2026): 1984.
  3. Wen, Shao-Fang, and Arvind Sharma. "A Unified, Threat-Validated Taxonomy for Hardware Security Assurance." Journal of Cybersecurity and Privacy 5.4 (2025): 86.
  4. Wen, Shao-Fang, Ankur Shukla, and Basel Katt. "Artificial intelligence for system security assurance: A systematic literature review." International Journal of Information Security 24, no. 1 (2025): 1-42.
  5. Shukla, Ankur, Shao-Fang Wen, and Basel Katt. "AI Security Assurance: Developing Framework for Secure and Resilient AI." (2025).
  6. Wen, Shao-Fang, and Basel Katt. "A quantitative security evaluation and analysis model for web applications based on OWASP application security verification standard." Computers & Security 135 (2023): 103532.
  7. Wen, Shao-Fang, and Basel Katt. "Exploring the role of assurance context in system security assurance evaluation: a conceptual model." Information & Computer Security (2023).
  8. Wen, Shao-Fang. "Context-Based Support to Enhance Developers’ Learning of Software Security." Education Sciences 13, no. 7 (2023): 631.
  9. Wen, Shao-Fang, and Basel Katt. "Ontology-Based Metrics Computation for System Security Assurance Evaluation." Journal of Applied Security Research (2022): 1-46.
  10. Wen, Shao-Fang, Ankur Shukla, and Basel Katt. "Developing Security Assurance Metrics to Support Quantitative Security Assurance Evaluation." Journal of Cybersecurity and Privacy 2.3 (2022): 587-605.
  11. Wen, Shao-Fang and Katt, Basel. “Development of Ontology-Based Software Security Learning System with Contextualized Learning Approaches.” Journal of Advances in Information Technology. 2019, volume 10, no. 3, pp 81-90.
  12. Wen, Shao-Fang and Katt, Basel. “Towards a Context-Based Approach for Software Security Learning.”  Journal of Applied Security Research. 2019, volume 14, issue 3, pp. 288-307.
  13. Wen, Shao-Fang, and Basel Katt. "Managing Software Security Knowledge in Context: An Ontology-Based Approach." Information. 2019: 216.
  14. Wen, Shao-Fang. "An Empirical Study on Security Knowledge Sharing and Learning in Open Source Software Communities." Computers, 2018, volume 7, issue 4.

Conference Proceedings

  1. Sharma, Arvind, and Shao-Fang Wen. "A Quantitative Framework for Assessing and Enhancing Hardware Security Resilience." In 2024 IEEE Physical Assurance and Inspection of Electronics (PAINE), pp. 1-7. IEEE, 2024.
  2. Wen, Shao-Fang, and Basel Katt. " A Metamodel for Web Application Security Evaluation." 35th Conference of Open Innovations Association (FRUCT). IEEE, 2023.
  3. Wen, Shao-Fang, and Basel Katt. "SAEOn: An Ontological Metamodel for Quantitative Security Assurance Evaluation." In European Symposium on Research in Computer Security, pp. 605-624. Cham: Springer International Publishing, 2022.
  4. Wen, Shao-Fang, Muhammad Mudassar Yamin, and Basel Katt. "Ontology-Based Scenario Modeling for Cyber Security Exercise." 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 2021.
  5. Kianpour, Mazaher, and Shao-Fang Wen. "Timing attacks on machine learning: State of the art." Intelligent Systems and Applications: Proceedings of the 2019 Intelligent Systems Conference (IntelliSys) Volume 1. Springer International Publishing, 2020.
  6. Wen, Shao-Fang, Mazaher Kianpour, and Stewart Kowalski. “An Empirical Study of Security Culture in Open-Source Software Communities.” 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). IEEE, 2019.
  7. Wen, Shao-Fang and Katt, Basel. “Learning Software Security in Context: An Evaluation in Open-Source Software Development Environment.” In Proceedings of the 14th International Conference on Availability, Reliability, and Security. ACM, 2019, pp 58-67.
  8. Wen, Shao-Fang and Katt, Basel. “Preliminary Evaluation of an Ontology-Based Contextualized Learning System for Software Security.” In Proceedings of the 23rd International Conference on Evaluation and Assessment in Software Engineering. ACM, 2019, pp.90-99.
  9. Wen, Shao-Fang, and Basel Katt. "An ontology-based context model for managing security knowledge in software development." 23rd Conference of Open Innovations Association (FRUCT). IEEE, 2018.
  10. Wen, Shao-Fang. "Learning secure programming in open-source software communities: a socio-technical view." In Proceedings of the 6th International Conference on Information and Education Technology, ACM 2018, pp. 25-32.
  11. Wen, Shao-Fang, Mazaher Kianpour, and Basel Katt. "Security knowledge management in open-source software communities." International Conference on Security for Information Technology and Communications. Springer, Cham, 2018.
  12. Wen, Shao-Fang. "Software Security Knowledge Transferring and Learning with Concept Maps." In Proceedings of the 2nd International Conference on E-Society, E-Education and E-Technology, ACM, 2018, pp. 51-55.
  13. Wen, Shao-Fang, and Stewart Kowalski. "A Case Study: Heartbleed Vulnerability Management and Swedish Municipalities." In International Conference on Human Aspects of Information Security, Privacy, and Trust, Springer, Cham, 2017, pp. 414-431.
  14. Wen, Shao-Fang. "Software security in open-source development: A systematic literature review." In 2017 21st Conference of Open Innovations Association (FRUCT), IEEE, 2017, pp. 364-373.
  15. Wen, Shao-Fang. "Hyper Contextual Software Security Management for Open Source Software." STPIS@ CAiSE. 2016.