Research

Objectives

The main area of my current research addresses the integration of security concerns in systems and software engineering. In this aera, I particularly work on two problems: First, how to systematically capture and evaluate security goals of stakeholders and the resulting requirements on an IT system in the context of security requirements engineering. Second, how to specify security properties in a mathematically rigorous way and prove their realization in an implemented system. Addressing these problems, one needs to consider classical topics of software engineering and security, and integrate the methods and techniques of both communities into a consistent whole. A task that has received little attention in those communities in the past.

Distinguishing properties of my research on IT security are:

1. A method for engineering security requirements describes the systematic elicitation and refinement of security requirements from security goals and (dually) security consents, which describe requirements from the perspective of the stakeholders of the system. In this way, multilateral security requirements are found on the basis of the functional requirements of the system and the stakeholders' security interests.
2. In a civil multilateral setting, confidentiality requirements realistically need to allow for certain information flow to counter-stakeholders. Therefore, my work aims at investigating confidentiality properties based on the indistinguishability of critical information for an adversary, which allow stakeholders to express their concerns gradually.
3. Those confidentiality properties are probabilistic, and thus can take into account the stochastical properties of the system and its users. This is an advantage over possibilistic noninterference properties, which implicitly assume an optimal stochastical behavior of the system.
4. There are only few investigations of the correctness conditions for implementing security requirements. I have defined the concept of confidentiality preserving refinement that precisely captures the conditions under which an implemented system realizes the requirements expressed by probabilistic confidentiality properties. On the software engineering side, my research aims at developing methods and techniques supporting quality assurance of software intensive systems. Based on diagrammatic and mathematically-based models, I use verification techniques such as model checking and theorem proving to prove quality properties of software models. On the implementation side, I develop procedures to partially automate model based conformance testing. Making these techniques usable to support security concerns in software engineering is another focus of my research.

Projects

2006-2007, DAAD

Ermittlung, Spezifikation und Implementierung von Vertraulichkeitsanforderungen für medizinische Informationssysteme with Jens Jahnke, University of Victoria, Canada

Finished

2000-2003, BMBF

QUASAR - Integrierte Qualitätssicherung und Anforderungsanalyse zur Softwareentwicklung im Umfeld Fahrzeug with FhG FIRST und FhG IESE

DAAD, 2000-2002

Methodische Unterstützung der frühen Phasen der Softwareentwicklung with LORIA, Nancy and Universität Magdeburg

1995-1998, BMBF

ESPRESS - Ingenieurmäßige Entwicklung sicherheitskritischer eingebetteter Systeme with DaimlerChrysler AG, Robert Bosch GmbH, FhG ISST, GMD FIRST, TU Berlin