Software engineering "Secure by Design"
Following the principle of security and privacy by design, the "Secure Software Engineering" workgroup thrives to support software developers in designing and implementing software systems that are known upfront to be secure with respect to certain attack vectors. Opposed to offensive approaches to software security, like ethical hacking, our group specializes on constructive techniques for software security. Our recipe to success is a unique novel combination of program synthesis and analysis techniques.
In our workgroup, we develop languages, mechanisms, processes and tools that allow software developers to clearly state security requirements and, if possible, synthesize partial implementations that achieve or help achieve these requirements. In cases where automated synthesis is impossible, and a programmer hence needs to implement security features by hand, we use automated program analyses to assist the programmer in deciding whether the implementation indeed fulfills the stated security requirements.