News

Direkt zum Inhalt   Log in

News

  • 2013/02/18

    Analyzing Software Product Lines in Minutes instead of Years

    SPL LIFT Logo

    In our new publication SPLlift – Statically Analyzing Software Product Lines in Minutes Instead of Years (to appear at PLDI’13) we show how to efficiently conduct inter-procedural, flow-sensitive, context-sensitive data-flow analysis for software product lines. Previously, such analyses would have taken years, due to the many software configurations a product line encodes. Our approach SPLlift processes the entire product line at once, and typically within minutes, without any loss of precision. It works for any IFDS-based data-flow analysis. SPLlift is available as an open-source extension to our IFDS/IDE solver Heros. To access our benchmark data, click here. This is joint work with Mira Mezini, Claus Brabrand, Társis Tolêdo, Márcio Ribeiro and Paulo Borba. go

  • 2013/01/29

    One step closer to modularizing security code

    Paper on Join Point Interfaces gets accepted at ACM TOSEM

    At EC SPRIDE we worry a lot about what the future of secure software engineering is going to look like, and we are trying to shape that future for the better by developing tools, methods and programming languages that support a secure software design and implementation. One thing we have noticed over the past years is that many current applications and frameworks suffer from the fact that their security-related code is scattered throughout the program, and tangled with other code that is not at all related to security. From all the talk about AOP, we know that scattering and tangling can have detrimental effects, but this is especially true when talking about security. The repeated news reports about zero-day vulnerabilities in the JDK, for example, are just one instance of that problem. go

  • 2012/12/21

    A recap on our research progress in 2012

    The year is coming to an end, and in fact some believe so may the world, so I thought I would give everyone a recap of what we have worked on and accomplished in 2012. What an exciting year this was! Through funding by EC SPRIDE and my new Emmy Noether Group RUNSECURE, my group grew from a single PhD student to five! This was obviously quite an exciting but also challenging shift for me, coordinating such a large and new group is not an easy task – but at the end of the year I have to say that I think I am getting the hang of it.

    Read up on our 2012 research progress here.

  • 2012/11/29

    Heros: a new tool for solving inter-procedural data-flow problems

    We are happy to announce the availability of Heros, our new inter-procedural data-flow solver. Heros is based on the well-known IFDS and IDE frameworks by Reps, Horwitz and Sagiv. go

  • 2012/11/17

    Call for Papers – 12th International Conference on Software Composition (SC 2013)

    June 17-21 2013, Budapest, Hungary

    http://sc2013.ec-spride.de/

    The International Conference on Software Composition (SC) is the leading venue that addresses challenges of how composition of software parts may be used to build and maintain large software systems. Software Composition 2013 will be the 12th edition in the series, and we invite researchers and practitioners to submit high-quality papers. Submissions that relate theory and practice of software composition are particularly welcome. Software Composition 2013 is co-located with the TOOLS 2013 Federated Conferences, taking place in Budapest between June 17th and 21st 2013. go

  • 2012/11/13

    New Tech Report on Analyzing Product Lines

    Novel approach speeds up analyses by several orders of magnitude

    We are happy to announce the availability of a new Tech Report on Transparent and Efficient Reuse of IFDS-based Static Program Analyses for Software Product Lines. This is joint work with Társis Tolêdo, Márcio Ribeiro, Claus Brabrand, Paulo Borba and Mira Mezini. In the paper, we show how an important class of program analyses designed for traditional programs can be transparently reused for software product lines. go

  • 2012/09/01

    Eric Bodden ist Program Chair für die International Conference on Software Composition (SC)

    Eric Bodden wird das Programmkomitee der 2013 International Conference on Software Composition zusammen mit Walter Binder von der University of Lugano leiten.

  • 2012/08/08

    Selbstverteidigung für Smartphones

    Interview mit Dr. Eric Bodden vom European Center for Security and Privacy for Design (EC SPRIDE)

  • 2012/08/01

    Welcome: Andreas Follner

    New research assistant in the Secure Software Engineering Group

    Andreas Follner started working as a Research Assistant in the Secure Software Engineering Group at EC-SPRIDE in July. He graduated from the Technikum Wien with a master’s degree in IT security and information management with his thesis concerning stack buffer overflow exploits on Windows x86. He previously earned his bachelor’s degree from the same institution in computer science, having written theses about security-relevant traffic monitoring in LANs as well as secure programming guidelines for C#. go

  • 2012/07/20

    Distinguished Paper Award at ISSTA goes to Dr. Eric Bodden et. al.

    Taming Reflection in Refactorings – Free tool for program transformation in Eclipse IDE

    Minneapolis/Darmstadt, July 19, 2012 – The paper RefaFlex: Safer Refactorings for Reflective Java Programs by Eric Bodden from TU Darmstadt and Andreas Thies from Fernuni Hagen have won an ACM SIGSOFT Distinguished Paper Award at the renowned International Symposium on Software Testing and Analysis (ISSTA)". go