UPB Logo
Contact
  • Deutsch
  • English
    • Open Page "Studies"
      • Open Page "Prospective students"
      • Eltern
    • Students
    • International students & prospective students
    • School & teachers
    • Open Page "Teaching"
      • Open Page "Profile"
      • Academic Mission Statement
      • Digitalization & E-Learning
      • Open Source
      • Open Page "Teaching"
      • Competence-Oriented Education
      • Exam design
      • Organizing Courses
      • Course Evaluations
      • General Education Requirements
      • Lecture series on sustainability
    • AI in teaching
      • Open Page "Digital Teaching"
      • Digital Teaching
      • Digital learning rooms
      • Digital test formats
      • Digital test formats
      • Digital tools
      • FAQs
      • Open Page "Qualification and service"
      • Higher Education Development Unit
      • Writing Center
      • Internal Professional Development and Further Education
      • Interdisciplinary Cooperation to Improve Quality in Teacher Education (PLAZ)
      • Faculty-Specific Initiatives
      • Internationally Focused Academics
      • Open Page "Educational innovations"
      • Teaching Awards at UPB
      • Fellowship
      • Best-Practices Teaching Symposium
      • Teaching Projects
      • E-Learning Label
      • Open Page "Teaching research networks"
      • DH.NRW
      • Foundation for Innovation in Higher Education
      • Centre for Higher Mathematics Education (khdm)
      • Academic quality
    • Open Page "Research"
      • Open Page "Research profile"
      • Key research areas
      • Interdisciplinary research institutes
      • Research in the faculties
      • Collaborative Research Centres
      • Graduate Programmes and Schools
      • DFG Research Units
      • DFG Priority Programmes
      • ERC Grants
      • Leibniz Prize Winners
      • Heinz Maier Leibnitz Prize Winners
      • Open Page "Academic career"
      • Early career stages
      • Professorship at Paderborn University
      • Job portal
      • University as an employer
      • Open Page "Research funding and services"
      • Funding and application advice
      • Legal advice in research and development
      • Ethics Committee
      • Research Information at UPB
      • Research data management
      • Publication Service of the University Library
      • Open Access Portal
      • Inventions & patents
      • Start-ups and entrepreneurship
      • Network for Interdisciplinary Research
      • Internal grants (Committee for Research and Junior Academics)
      • Open Page "Research culture"
      • Research-Oriented Standards on Gender Equality
      • Gender & Diversity Consulting
      • Ethics committee
      • Good Research Practice
      • Human Resources Strategy for Researchers
    • Open Page "Transfer"
    • Creating together
    • Innovating together
    • Reflecting together
    • Contacts
    • Open Page "International"
    • International Profile
    • International Campus
    • Open Page "University"
      • Open Page "About us"
      • Mission Statement
      • History
      • Important Personalities and Pioneers
      • University Society
      • Alumni
      • Unishop
      • Open Page "Our organisation"
      • University Executive Board
      • Advisory Board
      • Senate
      • Faculties
      • Central University Administration
      • Central research institutes
      • Central operating units
      • Agencies and authorised representatives
      • Anlauf- und Beratungsstellen
      • Universitätskommissionen
      • Open Page "Working at UPB"
      • Vacancies
      • Equality, Compatibility and Diversity
      • Welcome Services
      • Personnel development
      • Scientific career paths
      • Dual Career Service
      • Healthy university
      • Social, sporting and cultural activities
    • Maps & directions
    • Open Page "Faculties"
    • Faculty of Arts and Humanities
    • Faculty of Business Administration and Economics
    • Faculty of Science
    • Faculty of Mechanical Engineering
    • Faculty of Computer Science, Electrical Engineering and Mathematics
  • Press
Millions in EU funding for secure software systems
Millions in EU funding for secure software systems
Contact
  1. Paderborn University
Back to the news list

ERC Grant for Out­stand­ing Re­search Awar­ded to Pader­born Uni­ver­sity Re­search­er

11.04.2024  |  Digitalization,  Research,  Awards,  Press release,  Secure Software Engineering / Heinz Nixdorf Institut

Share post on:

  • Share on Instagram
  • Teilen auf Twitter
  • Teilen auf Facebook
  • Teilen auf Xing
  • Teilen auf LinkedIn
  • Teilen über E-Mail
  • Link kopieren

Millions in EU funding for secure software systems

Professor Eric Bodden, a computer scientist at Paderborn University and director of the Fraunhofer IEM, has been awarded the ‘ERC Advanced Grant’ of 2.5 million euros by the European Research Council for his research into secure software systems. These grants are the most significant European research funding award available and are given to top researchers for their exceptional scientific achievements via a competitive process.

The next generation of automatic vulnerability analysis

‘Software pervades our lives – but its lack of security is a threat that should be taken seriously. To ensure that software systems are reliable, we have to review their program code’, Bodden explains. The computer scientist is a leading expert in the field of secure software development, focusing on automatic vulnerability analysis tools. This is where his ERC project comes in: Bodden is developing a technology to produce vulnerability analysis tools that will operate perfectly for the relevant company’s software – all fully automated.

Binding security requirements prescribed by law

The topic could scarcely be more relevant: as the number of successful attacks is constantly increasing, in 2023 the EU presented an expanded draft of what they called the ‘Cyber Resilience Act’ (CRA). This seeks to protect consumers and companies who purchase products with digital components. This law introduces binding cybersecurity requirements, seeking to make insufficient software attack prevention a thing of the past. ‘The CRA makes it vital to establish a secure software engineering method for any software-ready product sold in the EU. For many companies that develop software, however, this means radical change. To tackle this change, they need tools that are as automated as possible’, Bodden continues.

Static program analyses: potential that still remains untapped

Static program analysis (i.e. the automatic review of program code) is the key technology for ensuring security, as it is able to analyse a program for any potential inputs – including from hackers – and identify errors and vulnerabilities such as data leaks. Bodden: ‘Although static program analysis is an extremely high-performance tool, it has spent decades fighting to be widely used. However, as the EU is now stipulating that software must be securely developed, we can no longer ignore this technology.’ However, in Bodden’s view, current systems are not sufficiently adapted to development contexts, meaning that they will for example often issue false warnings and thus divert developers’ attentions from the actual vulnerabilities. It will be particularly difficult for less experienced software engineers, who will now have to carry out static analyses as a result of the CRA.

Technology that analyses itself

The technology that Bodden is seeking to research in his ERC project ‘Self-Optimizing Static Program Analysis’ aims to use automation to assist, as it enables users to conduct analyses for any given usage context. Relevant warnings are issued within an extremely short time without users having to manually intervene. They receive precise reports for the programs they provide. ‘No previous projects have tackled the idea of making these ideal analyses fully automatic. To enable this, we must begin by developing static analyses that can analyse and optimise not only programs, but also themselves.’

Security for millions of programs

As a result, this project should enable software engineers to independently use this kind of error detection and ensure that any necessary adjustments to the analysis can be performed automatically. ‘And it should help to secure millions of software systems that we have all learned to rely on’, the researcher summarises.

Eric Bodden is Professor of Secure Software Engineering and Chairman of the Board at Paderborn University’s Heinz Nixdorf Institute, Head of the University’s Department of Computer Science, and Director of Software Engineering and IT Security at the Fraunhofer Institute for Mechatronic Systems Design. He is also a member of the ‘Working Group 2.4 Software Implementation Technology’ at the ‘International Federation for Information Processing, (IFIP), of the DFG ‘Computer Science’ review board, and of acatech.

Photo (Paderborn University): Professor Eric Bodden has been awarded an ERC grant for his research into secure software systems.
Download (88 KB)

Contact

business-card image

Prof. Dr. Eric Bodden

Secure Software Engineering / Heinz Nixdorf Institut

Write email +49 5251 60-6563
More about the person
Universität Paderborn

Warburger Str. 100
33098 Paderborn
Germany

Phone University

+49 5251 60-0
Quick links
  • Cafeteria
  • Online application
  • Library
  • PAUL
  • PANDA
Social networks
Legal notice
  • Imprint
  • Data privacy
  • Whistleblower system
  • Accessibility Declaration