Software engineering "Secure by Design"

Following the principle of security and privacy by design, the "Secure Software Engineering" workgroup thrives to support software developers in designing and implementing software systems that are known upfront to be secure with respect to certain attack vectors. Opposed to offensive approaches to software security, like ethical hacking, our group specializes on constructive techniques for software security. Our recipe to success is a unique novel combination of program synthesis and analysis techniques.

In our workgroup, we develop languages, mechanisms, processes and tools that allow software developers to clearly state security requirements and, if possible, synthesize partial implementations that achieve or help achieve these requirements. In cases where automated synthesis is impossible, and a programmer hence needs to implement security features by hand, we use automated program analyses to assist the programmer in deciding whether the implementation indeed fulfills the stated security requirements.

Vacancies in the workgroup

Post-doc employee (f/m/d)

Collaboration with doctoral students with regard to their doctorate | Further development of own research and teaching as well as that of the department with a teaching obligation of usually 4 SWS | Collaboration in the design and formulation of scientific funding applications | 3-year fixed-term contract | Pay grade 14 TV-L

To the job advert

Research assistant (f/m/d)

Collaboration in research and teaching (usually 4 SWS) in the field of Secure Software Engineering | Collaboration in externally funded research projects of the department | Organisation of courses of the department | Pay group 13 TV-L | 3 years fixed-term contract

To the job advert

„Software has been the Achilles heel of IT security for years. The vast majority of attacks actually exploit quite trivial vulnerabilities in application software. Companies that produce software need to systematically rethink their approach and develop this software securely from the ground up.”

Prof. Dr. Eric Bodden,
Head of the "Secure Software Engineering" workgroup at the Heinz Nixdorf Institute at Paderborn University from Paderborn

News from the workgroup


ERC Grant for Outstanding Research Awarded to Paderborn University Researcher

Read more

Scientists from our Secure Software Engineering group present at TACAS 2024

Read more

Scientists from our "Secure Software Engineering" workgroup at the ICSE in Lisbon

Read more

We congratulate Andreas Dann on his doctorate

Read more

Secure Software Engineering specialist group continues to grow

Read more

Eric Bodden is part of the DFG review board for software engineering

Read more

Paderborn University scientists are new acatech members

Read more

Fachgruppe Secure Software Engineering wächst weiter

Read more

markt & wirtschaft westfalen im Interview mit Eric Bodden

Read more

Kanadische Informatik-Professorin forscht dank Humboldt-Stipendium am Heinz Nixdorf Institut der Universität Paderborn

Read more
More news

Team, publications, bachelor/master theses


Bachelor's and Master's theses

Research, teaching, projects


We research, develop and evaluate methods and tools to design secure software systems from the ground up. In many software development processes currently in use, the security of software systems is unfortunately still treated as secondary. As a result, security aspects are often considered too late.

Research topics


We are intensively involved in the teaching and training of students and young academics such as doctoral candidates, post-doctoral candidates and junior professors with the aim of providing them with the skills they need to shape the future.



We can provide companies with significant impetus for innovation and for maintaining their competitiveness. There are many approaches to this. They range from the placement of graduates through collaborative projects to contract developments, which we generally carry out via our spin-offs.

Project overview

„Even as a child, I was interested in everything that had to do with technology. During my computer science studies, I specialised in security, because software is used everywhere, but is also full of security vulnerabilities. For the past 20 years, water polo has given me a break from my desk.”

Martin Mory,
Scientists from the "Secure Software Engineering" workgroup at the Heinz Nixdorf Institute at Paderborn University from Paderborn

3 questions for Eric Bodden

A spell checker for developers? - Eric Bodden in conversation

Eric Bodden explains his department in 1 minute.