Security for Changing Software and Systems
Software is increasingly long-living and subject to continuing evolution. At the same time, software gets increasingly security-critical, since an increasing amount of sensitive data is processed in software in all kinds of systems. This poses the challenge how to ensure that software satisfies critical security requirements not only at the point of initial delivery to the customer, but continues to do so throughout its life-time even in the presence of evolution. This talk presents results which address this challenge in the context of model-centric security verification. It includes an approach for evolution-aware security verification which avoids a complete re-verification that would otherwise be necessary. It is supported by automated verification tools for specification models and software (using techniques such as static analysis and runtime verification).
About Jan Jürjens:
Jan Jürjens is Professor for Software Engineering at Technical University Dortmund (Germany), Scientific Coordinator „Enterprise Engineering“ at Fraunhofer Institute for Software and Systems Engineering ISST (Dortmund), and Senior Member of Robinson College (Univ. Cambridge, UK). He has been Scientific Director of an Integrated Project financed by the EU and PI of various projects (with collective budget of over 5 million EUR), often in cooperation with industry (e.g. Microsoft Research (Cambridge)). Previous positions include a Royal Society Industrial Fellowship at Microsoft Research Cambridge, a non-stipendiary Research Fellowship at Robinson College (Univ. Cambridge) and a Postdoc position at TU München. Jan holds a Doctor of Philosophy in Computing from University of Oxford and is author of „Secure Systems Development with UML“ (Springer, 2005; Chinese translation 2009) and other publications mostly on software engineering and IT security, totalling over 3000 citations.