Following the principle of security and privacy by design, the EC SPRIDE research group on Secure Software Engineering thrives to support software developers in designing and implementing software systems that are known upfront to be secure with respect to certain attack vectors. Opposed to offensive approaches to software security, like ethical hacking, our group specializes on constructive techniques for software security.
Our recipe to success is a unique novel combination of program synthesis and analysis techniques. In our group, we develop languages, mechanisms, processes and tools that allow software developers to clearly state security requirements and, if possible, synthesize partial implementations that achieve or help achieve these requirements. In cases where automated synthesis is impossible, and a programmer hence needs to implement security features by hand, we use automated program analyses to assist the programmer in deciding whether the implementation indeed fulfills the stated security requirements.
Our research is made possible through the Federal Ministry of Education and Research (BMBF) within EC SPRIDE, through the German Research Foundation within the Emmy Noether Project RUNSECURE, and through generous funding from the Horst Görtz Foundation. We receive additional funding from the German Academic Exchange Service (DAAD).
New Lecture in Fall: Automated Code Analysis for Large Software Systems (ACA)
Looking for an interesting thesis topic in the area of Secure Software Engineering? We have made available a range of interesting topics on our website.
Have an even better idea for a topic in the area of Secure Software Engineering? By all means, let us know, we are always happy to host projects within our area of expertise.