@inproceedings{20529, author = {{Nachtigall, Marcus and Nguyen Quang Do, Lisa and Bodden, Eric}}, booktitle = {{1st International Workshop on Explainable Software (EXPLAIN) at ASE}}, title = {{{Explaining Static Analysis -- A Perspective}}}, year = {{2019}}, } @inproceedings{20531, author = {{Luo, Linghui and Bodden, Eric and Späth, Johannes}}, booktitle = {{IEEE/ACM International Conference on Automated Software Engineering (ASE 2019)}}, title = {{{A Qualitative Analysis of Android Taint-Analysis Results}}}, year = {{2019}}, } @inproceedings{20532, author = {{Piskachev, Goran and Nguyen Quang Do, Lisa and Johnson, Oshando and Bodden, Eric}}, booktitle = {{IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track}}, title = {{{SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods}}}, year = {{2019}}, } @article{20533, author = {{Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}}, issn = {{2326-3881}}, journal = {{IEEE Transactions on Software Engineering}}, keywords = {{Java, Encryption, Static analysis, Tools, Ciphers, Semantics, cryptography, domain-specific language, static analysis}}, pages = {{1--1}}, title = {{{CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}}}, doi = {{10.1109/TSE.2019.2948910}}, year = {{2019}}, } @inproceedings{20534, author = {{Piskachev, Goran and Nguyen Quang Do, Lisa and Bodden, Eric}}, booktitle = {{ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA)}}, title = {{{Codebase-Adaptive Detection of Security-Relevant Methods}}}, year = {{2019}}, } @inproceedings{20535, author = {{Luo, Linghui and Dolby, Julian and Bodden, Eric}}, booktitle = {{European Conference on Object-Oriented Programming (ECOOP)}}, title = {{{MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors}}}, year = {{2019}}, } @phdthesis{20536, author = {{Späth, Johannes}}, publisher = {{Universität Paderborn}}, title = {{{Synchronized Pushdown Systems for Pointer and Data-Flow Analysis}}}, year = {{2019}}, } @techreport{20537, author = {{Piskachev, Goran and Nguyen, Lisa and Bodden, Eric}}, title = {{{Codebase-Adaptive Detection of Security-Relevant Methods}}}, year = {{2019}}, } @inproceedings{20538, author = {{Albert Gorski Iii, Sigmund and Andow, Benjamin and Nadkarni, Adwait and Manandhar, Sunil and Enck, William and Bodden, Eric and Bartel, Alexandre}}, booktitle = {{ACM Conference on Data and Application Security and Privacy (CODASPY 2019)}}, keywords = {{ITSECWEBSITE, CROSSING}}, title = {{{ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware}}}, year = {{2019}}, } @article{20539, author = {{Späth, Johannes and Ali, Karim and Bodden, Eric}}, issn = {{2475-1421}}, journal = {{Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages}}, keywords = {{ATTRACT, ITSECWEBSITE, CROSSING}}, number = {{POPL}}, pages = {{48:1--48:29}}, publisher = {{ACM}}, title = {{{Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems}}}, doi = {{10.1145/3290361}}, volume = {{3}}, year = {{2019}}, } @inproceedings{20759, author = {{Gerking, Christopher and Schubert, David}}, booktitle = {{International Conference on Software Architecture (ICSA 2019)}}, title = {{{Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures}}}, year = {{2019}}, } @inproceedings{23378, author = {{Piskachev, Goran and Do, Lisa Nguyen Quang and Bodden, Eric}}, booktitle = {{Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis}}, title = {{{Codebase-adaptive detection of security-relevant methods}}}, doi = {{10.1145/3293882.3330556}}, year = {{2019}}, } @misc{7628, author = {{Selbach, Nils}}, publisher = {{Universität Paderborn}}, title = {{{Modeling Crypto API usages in OpenSSL's EVP library}}}, year = {{2019}}, } @article{14896, author = {{Dann, Andreas and Hermann, Ben and Bodden, Eric}}, issn = {{0098-5589}}, journal = {{IEEE Transactions on Software Engineering}}, pages = {{1--1}}, title = {{{ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules}}}, doi = {{10.1109/tse.2019.2931331}}, year = {{2019}}, } @inproceedings{14897, author = {{Dann, Andreas and Hermann, Ben and Bodden, Eric}}, booktitle = {{Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019}}, isbn = {{9781450367202}}, title = {{{SootDiff: bytecode comparison across different Java compilers}}}, doi = {{10.1145/3315568.3329966}}, year = {{2019}}, } @inproceedings{14899, author = {{Kruger, Stefan and Hermann, Ben}}, booktitle = {{2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE)}}, isbn = {{9781728122458}}, title = {{{Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts}}}, doi = {{10.1109/ge.2019.00012}}, year = {{2019}}, } @inproceedings{7626, author = {{Schubert, Philipp and Hermann, Ben and Bodden, Eric}}, booktitle = {{Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019)}}, location = {{Prague, Czech Republic}}, pages = {{393--410}}, title = {{{PhASAR: An Inter-Procedural Static Analysis Framework for C/C++}}}, doi = {{10.1007/978-3-030-17465-1_22}}, volume = {{II}}, year = {{2019}}, } @inproceedings{14898, author = {{Schubert, Philipp and Leer, Richard and Hermann, Ben and Bodden, Eric}}, booktitle = {{Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019}}, isbn = {{9781450367202}}, title = {{{Know your analysis: how instrumentation aids understanding static analysis}}}, doi = {{10.1145/3315568.3329965}}, year = {{2019}}, } @unpublished{2711, abstract = {{In recent years, researchers have developed a number of tools to conduct taint analysis of Android applications. While all the respective papers aim at providing a thorough empirical evaluation, comparability is hindered by varying or unclear evaluation targets. Sometimes, the apps used for evaluation are not precisely described. In other cases, authors use an established benchmark but cover it only partially. In yet other cases, the evaluations differ in terms of the data leaks searched for, or lack a ground truth to compare against. All those limitations make it impossible to truly compare the tools based on those published evaluations. We thus present ReproDroid, a framework allowing the accurate comparison of Android taint analysis tools. ReproDroid supports researchers in inferring the ground truth for data leaks in apps, in automatically applying tools to benchmarks, and in evaluating the obtained results. We use ReproDroid to comparatively evaluate on equal grounds the six prominent taint analysis tools Amandroid, DIALDroid, DidFail, DroidSafe, FlowDroid and IccTA. The results are largely positive although four tools violate some promises concerning features and accuracy. Finally, we contribute to the area of unbiased benchmarking with a new and improved version of the open test suite DroidBench.}}, author = {{Pauck, Felix and Bodden, Eric and Wehrheim, Heike}}, booktitle = {{arXiv:1804.02903}}, title = {{{Do Android Taint Analysis Tools Keep their Promises?}}}, year = {{2018}}, } @inproceedings{20530, author = {{Bodden, Eric and Nguyen Quang Do, Lisa}}, booktitle = {{Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany.}}, isbn = {{978-3-88579-673-2}}, pages = {{205--208}}, title = {{{Explainable Static Analysis}}}, year = {{2018}}, } @article{20543, author = {{Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}}, issn = {{2326-3881}}, journal = {{IEEE Transactions on Software Engineering}}, keywords = {{Debugging, Static analysis, Tools, Computer bugs, Standards, Writing, Encoding, Testing and Debugging, Program analysis, Development tools, Integrated environments, Graphical environments, Usability testing}}, pages = {{1--1}}, title = {{{Debugging Static Analysis}}}, doi = {{10.1109/TSE.2018.2868349}}, year = {{2018}}, } @proceedings{20544, editor = {{Tichy, Matthias and Bodden, Eric and Kuhrmann, Marco and Wagner, Stefan and Steghöfer, Jan-Philipp}}, isbn = {{978-3-88579-673-2}}, publisher = {{Gesellschaft für Informatik}}, title = {{{Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany}}}, volume = {{{P-279}}}, year = {{2018}}, } @proceedings{20545, editor = {{Tip, Frank and Bodden, Eric}}, publisher = {{ACM}}, title = {{{Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018}}}, year = {{2018}}, } @inproceedings{20546, author = {{Gerking, Christopher and Schubert, David and Bodden, Eric}}, booktitle = {{Engineering Secure Software and Systems}}, editor = {{Payer, Mathias and Rashid, Awais and Such, Jose M.}}, pages = {{27--43}}, publisher = {{Springer International Publishing}}, title = {{{Model Checking the Information Flow Security of Real-Time Systems}}}, year = {{2018}}, } @inproceedings{20547, author = {{Nguyen Quang Do, Lisa and Bodden, Eric}}, booktitle = {{Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}}, isbn = {{978-1-4503-5573-5}}, keywords = {{Gamification, Integrated Environments, Program analysis}}, pages = {{714--718}}, publisher = {{ACM}}, title = {{{Gamifying Static Analysis}}}, doi = {{10.1145/3236024.3264830}}, year = {{2018}}, } @inproceedings{20548, author = {{Bodden, Eric}}, booktitle = {{ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018)}}, isbn = {{978-1-4503-5939-9}}, keywords = {{ATTRACT, ITSECWEBSITE}}, pages = {{85--93}}, publisher = {{ACM}}, title = {{{The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them)}}}, doi = {{10.1145/3236454.3236500}}, year = {{2018}}, } @inproceedings{20549, author = {{Geismann, Johannes and Gerking, Christopher and Bodden, Eric}}, booktitle = {{International Conference on Software and System Processes (ICSSP)}}, keywords = {{ITSECWEBSITE}}, title = {{{Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes}}}, year = {{2018}}, } @inproceedings{20550, author = {{Bodden, Eric}}, booktitle = {{Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results}}, isbn = {{978-1-4503-5662-6}}, keywords = {{ATTRACT, ITSECWEBSITE}}, pages = {{45--48}}, publisher = {{ACM}}, title = {{{Self-adaptive Static Analysis}}}, doi = {{10.1145/3183399.3183401}}, year = {{2018}}, } @inproceedings{20551, author = {{Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}}, booktitle = {{International Conference for Software Engineering (ICSE), Tool Demonstrations Track}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{VISUFLOW, a Debugging Environment for Static Analyses}}}, year = {{2018}}, } @phdthesis{20779, abstract = {{Der hohe Grad an Innovation in mechatronischen Systemen führt zu sogenannten Cyber-Physical Systems (CPS). Diese haben eine komplexe Funktionalität und Kommunikation. Wie sicherheitskritisch solche Systeme sind, wird durch sogenannte Sicherheits-Integritätslevel (SIL) kategorisiert, die durch Normen wie der ISO 26262 definiert werden. Ein bestimmter SIL beschreibt nicht nur die Höhe des Gefährdungsrisikos, sondern diktiert auch den erforderlichen Grad an Sorgfalt bei der Entwicklung des Systems. Ein hoher SIL erfordert die Anwendung von Safety-Maßnahmen mit einem hohen Sorgfaltsgrad in allen Phasen der Entwicklung und impliziert daher einen hohen Safety-Aufwand. SIL-Tailoring ist ein Mittel um den Safety-Aufwand zu reduzieren, indem man Subsystemen geringere SILs zuordnet, falls sie von kritischeren Subsystemen getrennt sind oder redundante Safety-Anforderungen erfüllen. Um den nötigen Safety-Aufwand zu planen, sollten Möglichkeiten für SIL-Tailoring so früh wie möglich identifiziert werden - d.h. bereits in der Anforderungsanalyse. Durch die Komplexität von CPS, ist es schwierig valide SIL-Tailorings zu finden. Die Validität von SIL-Tailorings muss durch Analyse von Fehlerpropagierungspfaden geprüft und durch Argumente im Safety Case begründet werden. Der Beitrag dieser Dissertation ist ein systematischer, tool-unterstützter SIL-Tailoring-Prozess, der im Safety Requirements Engineering angewendet wird. Der Prozess nutzt eine modell-basierte, formale Anforderungsspezifikation und stellt einen Katalog von Anforderungsmustern bereit. Basierend auf diesen Anforderungen werden Fehlerpropagierungsmodelle generiert und Subsystemen automatisch SILs zugeordnet. Das minimiert den Sicherheitsanalyseaufwand. Aus den generierten Ergebnissen wird automatisch ein Safety Case mit Argumenten für die SIL-Tailoring-Validität abgeleitet.}}, author = {{Fockel, Markus}}, publisher = {{Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn}}, title = {{{Safety Requirements Engineering for Early SIL Tailoring}}}, doi = {{10.17619/UNIPB/1-490}}, year = {{2018}}, } @inproceedings{20781, author = {{Gerking, Christopher and Schubert, David}}, booktitle = {{European Conference on Software Architecture (ECSA 2018)}}, number = {{11048}}, pages = {{147--155}}, publisher = {{Springer}}, title = {{{Towards Preserving Information Flow Security on Architectural Composition of Cyber-Physical Systems}}}, doi = {{10.1007/978-3-030-00761-4_10}}, year = {{2018}}, } @inproceedings{20784, author = {{Geismann, Johannes}}, booktitle = {{IEEE International Conference on Software Architecture Companion (ICSA-C 2018) }}, pages = {{41--42}}, publisher = {{IEEE}}, title = {{{Traceable Threat Modeling for Safety-critical Systems}}}, doi = {{10.1109/ICSA-C.2018.00017}}, year = {{2018}}, } @inproceedings{20785, abstract = {{Cyber-physical Systems are distributed, embedded systems that interact with their physical environment. Typically, these systems consist of several Electronic Control Units using multiple processing cores for the execution. Many systems are applied in safety-critical contexts and have to fulfill hard real-time requirements. The model-driven engineering paradigm enables system developers to consider all requirements in a systematical manner. In the software design phase, they prove the fulfillment of the requirements using model checking. When deploying the software to the executing platform, one important task is to ensure that the runtime scheduling does not violate the verified requirements by neglecting the model checking assumptions. Current model-driven approaches do not consider the problem of deriving feasible execution schedules for embedded multi-core platforms respecting hard real-time requirements. This paper extends the previous work on providing an approach for a semi-automatic synthesis of behavioral models into a deterministic real-time scheduling. We add an approach for the partitioning and mapping development tasks. This extended approach enables the utilization of parallel resources within a single ECU considering the verification assumptions by extending the open tool platform App4mc. We evaluate our approach using an example of a distributed automotive system with hard real-time requirements specified with the MechatronicUML method. }}, author = {{Geismann, Johannes and Höttger, Robert and Krawczyk, Lukas and Pohlmann, Uwe and Schmelter, David}}, booktitle = {{Model-Driven Engineering and Software Development}}, editor = {{Pires, Luís Ferreira and Hammoudi, Slimane and Selic, Bran}}, pages = {{72--93}}, publisher = {{Springer International Publishing}}, title = {{{Automated Synthesis of a Real-Time Scheduling for Cyber-Physical Multi-core Systems}}}, doi = {{10.1007/978-3-319-94764-8_4}}, volume = {{1}}, year = {{2018}}, } @phdthesis{20789, author = {{Pohlmann, Uwe}}, publisher = {{Universität Paderborn, Heinz Nixdorf Institut, Softwaretechnik}}, title = {{{A Model-driven Software Construction Approach for Cyber-physical Systems}}}, year = {{2018}}, } @inproceedings{4999, author = {{Pauck, Felix and Bodden, Eric and Wehrheim, Heike}}, booktitle = {{Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE 2018}}, isbn = {{9781450355735}}, publisher = {{ACM Press}}, title = {{{Do Android taint analysis tools keep their promises?}}}, doi = {{10.1145/3236024.3236029}}, year = {{2018}}, } @inproceedings{5203, author = {{Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}}, booktitle = {{European Conference on Object-Oriented Programming (ECOOP)}}, keywords = {{ITSECWEBSITE, CROSSING}}, pages = {{10:1--10:27}}, title = {{{CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}}}, year = {{2018}}, } @misc{1044, author = {{Leer, Richard}}, publisher = {{Universität Paderborn}}, title = {{{Measuring Performance of a Static Analysis Framework with an application to Immutability Analysis}}}, year = {{2018}}, } @misc{1045, author = {{Strüwer, Jan Niclas}}, publisher = {{Universität Paderborn}}, title = {{{Interactive Data Visualization for Exploded Supergraphs}}}, year = {{2018}}, } @inbook{20552, abstract = {{Das Zukunftsszenario der Industrie 4.0 ist gepr{\"a}gt durch einen massiven Anstieg der unternehmens{\"u}bergreifenden Vernetzung. Um einer Bedrohung durch unautorisierte Weitergabe oder Sabotage vertraulicher Daten entgegenzuwirken, muss der Informationssicherheit bereits im Entwurf der cyber-physischen Produktionssysteme ein hoher Stellenwert einger{\"a}umt werden. Dieses Paradigma wird als Security by Design bezeichnet. {\"U}ber den gesamten Entstehungsprozess hinweg muss nachverfolgt werden k{\"o}nnen, ob die Systeme spezifische Anforderungen an die Informationssicherheit erf{\"u}llen und damit die Eigenschaft der Industrial Security gew{\"a}hrleisten. Dieser Beitrag stellt einen Entwurfsansatz zur Nachverfolgung der Informationssicherheit vor, der durch Integration softwaretechnischer Methoden in das Systems Engineering eine Entwicklung nach dem Paradigma Security by Design erm{\"o}glicht.}}, author = {{Gerking, Christopher and Bodden, Eric and Schäfer, Wilhelm}}, booktitle = {{Handbuch Gestaltung digitaler und vernetzter Arbeitswelten}}, editor = {{Maier, Günter W. and Engels, Gregor and Steffen, Eckhard}}, isbn = {{978-3-662-52903-4}}, keywords = {{ITSECWEBSITE}}, pages = {{1--24}}, publisher = {{Springer Berlin Heidelberg}}, title = {{{Industrial Security by Design}}}, doi = {{10.1007/978-3-662-52903-4_8-1}}, year = {{2017}}, } @article{20553, abstract = {{Finding and fixing software vulnerabilities have become a major struggle for most software development companies. While generally without alternative, such fixing efforts are a major cost factor, which is why companies have a vital interest in focusing their secure software development activities such that they obtain an optimal return on this investment. We investigate, in this paper, quantitatively the major factors that impact the time it takes to fix a given security issue based on data collected automatically within SAP's secure development process, and we show how the issue fix time could be used to monitor the fixing process. We use three machine learning methods and evaluate their predictive power in predicting the time to fix issues. Interestingly, the models indicate that vulnerability type has less dominant impact on issue fix time than previously believed. The time it takes to fix an issue instead seems much more related to the component in which the potential vulnerability resides, the project related to the issue, the development groups that address the issue, and the closeness of the software release date. This indicates that the software structure, the fixing processes, and the development groups are the dominant factors that impact the time spent to address security issues. SAP can use the models to implement a continuous improvement of its secure software development process and to measure the impact of individual improvements. The development teams at SAP develop different types of software, adopt different internal development processes, use different programming languages and platforms, and are located in different cities and countries. Other organizations, may use the results---with precaution---and be learning organizations.}}, author = {{Ben Othmane, Lotfi and Chehrazi, Golriz and Bodden, Eric and Tsalovski, Petar and Brucker, Achim D.}}, issn = {{2364-1541}}, journal = {{Data Science and Engineering}}, number = {{2}}, pages = {{107--124}}, title = {{{Time for Addressing Software Security Issues: Prediction Models and Impacting Factors}}}, doi = {{https://doi.org/10.1007/s41019-016-0019-8}}, volume = {{2}}, year = {{2017}}, } @techreport{20554, author = {{Bodden, Eric}}, title = {{{Self-adaptive static analysis}}}, year = {{2017}}, } @techreport{20555, author = {{Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}}, keywords = {{ITSECWEBSITE}}, pages = {{arXiv:1710.00564}}, title = {{{CrySL: Validating Correct Usage of Cryptographic APIs}}}, year = {{2017}}, } @article{20557, author = {{Lillack, Max and Kästner, Christian and Bodden, Eric}}, issn = {{0098-5589}}, journal = {{IEEE Transactions on Software Engineering}}, keywords = {{Androids, Bluetooth, Humanoid robots, Java, Software, Tools, Configuration options, Static analysis, Variability mining}}, number = {{99}}, pages = {{1--1}}, title = {{{Tracking Load-time Configuration Options}}}, doi = {{10.1109/TSE.2017.2756048}}, volume = {{PP}}, year = {{2017}}, } @inproceedings{20558, author = {{Krüger, Stefan and Nadi, Sarah and Reif, Michael and Ali, Karim and Mezini, Mira and Bodden, Eric and Göpfert, Florian and Günther, Felix and Weinert, Christian and Demmler, Daniel and Kamath, Ram}}, booktitle = {{International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track}}, keywords = {{ITSECWEBSITE, CROSSING}}, title = {{{CogniCrypt: Supporting Developers in using Cryptography}}}, year = {{2017}}, } @inproceedings{20559, author = {{Do, Lisa Nguyen Quang and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}}, booktitle = {{Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis}}, isbn = {{978-1-4503-5076-1}}, keywords = {{Just-in-Time, Layered analysis, Static analysis}}, pages = {{307--317}}, publisher = {{ACM}}, title = {{{Just-in-time Static Analysis}}}, doi = {{10.1145/3092703.3092705}}, year = {{2017}}, } @inproceedings{20715, author = {{Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}}, booktitle = {{International Conference for Software Engineering (ICSE), Tool Demonstrations Track}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{Cheetah: Just-in-Time Taint Analysis for Android Apps}}}, year = {{2017}}, } @inproceedings{20792, author = {{Schivo, Stefano and Yildiz., Bugra M. and Ruijters, Enno and Gerking, Christopher and Kumar, Rajesh and Dziwok, Stefan and Rensink, Arend and Stoelinga, Mariëlle}}, booktitle = {{Dependable Software Engineering, 3rd International Symposium (SETTA 2017)}}, editor = {{Larsen, Kim G. and Sokolsky, Oleg and Wang, Ji}}, number = {{10606}}, pages = {{319--336}}, publisher = {{Springer}}, title = {{{How to Efficiently Build a Front-End Tool for UPPAAL: A Model-Driven Approach}}}, doi = {{10.1007/978-3-319-69483-2_19}}, year = {{2017}}, } @phdthesis{20794, abstract = {{Cyber-physische Systeme (CPSs) sind die nächste Generation von eingebetteten Systemen, die fortwährend ihre Zusammenarbeit koordinieren, um anspruchsvolle Funktionen zu erfüllen. Die Koordination zwischen ihnen kann in Software mittels asynchroner Nachrichtenkommunikation realisiert werden. Um die funktionale Korrektheit der Software zu gewährleisten, ist aufgrund der Kritikalität dieser Systeme eine formale Verifikation wie z.B. Model Checking notwendig. Die Eingabesprache eines Model Checkers unterstützt jedoch domänenspezifische Aspekte wie asynchrone Kommunikation nicht direkt, wodurch diese vom Softwareingenieur mittels zahlreicher Modellelemente spezifiziert werden müssen. Dies ist hochgradig komplex und somit fehleranfällig. Im Rahmen dieser Arbeit wird eine modellgetriebene Methode zur domänenspezifischen Spezifikation und vollautomatischen Verifikation der nachrichtenbasierten Koordination von CPSs präsentiert. Mit Hilfe dieser Methode kann der Softwareingenieur die Koordination kompakt modellieren und muss nicht länger verstehen, wie seine Spezifikation auf der Ebene des Model Checkers ausgedrückt wird. Insgesamt wird die Komplexität für den Softwareingenieur somit deutlich handhabbarer. Bezüglich der Spezifikation einer solchen Koordination definiert die Arbeit eine domänenspezifische Sprache namens Real-Time Coordination Protocols (RTCPs). Darüber hinaus wird eine domänenspezifische Sprache zur Spezifikation von Verifikationseigenschaften eingeführt und Entwurfsmuster für RTCPs präsentiert, um die Anzahl der Modellierungsfehler zu senken.}}, author = {{Dziwok, Stefan}}, publisher = {{Paderborn University}}, title = {{{Specification and Verification for Real-Time Coordination Protocols of Cyber-physical Systems}}}, year = {{2017}}, } @inproceedings{20797, author = {{Gerking, Christopher and Schubert, David and Budde, Ingo}}, booktitle = {{Theory and Practice of Model Transformation, 10th International Conference (ICMT 2017)}}, editor = {{Guerra, Esther and van den Brand, Mark}}, number = {{10374}}, pages = {{19--34}}, publisher = {{Springer}}, title = {{{Reducing the Verbosity of Imperative Model Refinements by using General-Purpose Language Facilities}}}, year = {{2017}}, } @inproceedings{20804, abstract = {{Modern Cyber-physical Systems are executed in physical environments and distributed over several Electronic Control Units using multiple cores for execution. These systems perform safety-critical tasks and, therefore, have to fulfill hard real-time requirements. To face these requirements systematically, system engineers de- velop these systems model-driven and prove the fulfillment of these requirements via model checking. It is important to ensure that the runtime scheduling does not violate the verified requirements by neglecting the model checking assumptions. Currently, there is a gap in the process for model-driven approaches to derive a feasible runtime scheduling that respects these assumptions. In this paper, we present an approach for a semi- automatic synthesis of behavioral models into a deterministic scheduling that respects real-time requirements at runtime. We evaluate our approach using an example of a distributed automotive system with hard real-time requirements specified with the MechatronicUML method.}}, author = {{Geismann, Johannes and Pohlmann, Uwe and Schmelter, David}}, booktitle = {{Proceedings of the 5th International Conference on Model-Driven Engineering and Software Development}}, title = {{{Towards an Automated Synthesis of a Real-time Scheduling for Cyber-physical Multi-core Systems}}}, year = {{2017}}, } @phdthesis{20805, author = {{Becker, Matthias}}, publisher = {{Universität Paderborn, Heinz Nixdorf Institut, Softwaretechnik}}, title = {{{Engineering Self-Adaptive Systems with Simulation-Based Performance Prediction}}}, year = {{2017}}, } @inproceedings{5204, author = {{Späth, Johannes and Ali, Karim and Bodden, Eric}}, booktitle = {{2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH)}}, keywords = {{ATTRACT, ITSECWEBSITE, CROSSING}}, publisher = {{ACM Press}}, title = {{{IDEal: Efficient and Precise Alias-aware Dataflow Analysis}}}, year = {{2017}}, } @article{5209, author = {{Fischer, Andreas and Fuhry, Benny and Kerschbaum, Florian and Bodden, Eric}}, journal = {{CoRR}}, title = {{{Computation on Encrypted Data using Data Flow Authentication}}}, volume = {{abs/1710.00390}}, year = {{2017}}, } @phdthesis{102, author = {{Becker, Matthias}}, publisher = {{Universität Paderborn}}, title = {{{Engineering Self-Adaptive Systems with Simulation-Based Performence Prediction}}}, doi = {{10.17619/UNIPB/1-133}}, year = {{2017}}, } @phdthesis{195, author = {{Platenius, Marie Christin}}, publisher = {{Universität Paderborn}}, title = {{{Fuzzy Matching of Comprehensive Service Specifications}}}, year = {{2016}}, } @techreport{198, author = {{Jazayeri, Bahar and Platenius, Marie Christin and Engels, Gregor and Kundisch, Dennis}}, publisher = {{Universität Paderborn}}, title = {{{Features of IT Service Markets: A Systematic Literature Review (Supplementary Material)}}}, year = {{2016}}, } @inproceedings{199, abstract = {{The provision of IT solutions over electronic marketplaces became prominent in recent years. We call such marketplaces IT service markets. IT service markets have some core architectural building blocks that impact the quality attributes of these markets. However, these building blocks and their impacts are not well-known. Thus, design choices for IT service markets have been made ad-hoc until now. Furthermore, only single aspects of such markets have been investigated until now, but a comprehensive view is missing.In this paper, we identify common features and their interrelations on the basis of a systematic literature review of 60 publications using grounded theory.This knowledge provides an empirical evidence on the interdisciplinary design choices of IT service markets and it serves as a basis to support market providers and developers to integrate market features. Thereby, we make a first step towards the creation of a reference model for IT service markets that provides a holistic integrated view that can be used to create and maintain successful markets in the future.}}, author = {{Jazayeri, Bahar and Platenius, Marie and Engels, Gregor and Kundisch, Dennis}}, booktitle = {{Proceedings of the 14th International Conference on Service Oriented Computing (ICSOC)}}, pages = {{301--316}}, publisher = {{Springer}}, title = {{{Features of IT Service Markets: A Systematic Literature Review}}}, doi = {{10.1007/978-3-319-46295-0_19}}, volume = {{9936}}, year = {{2016}}, } @inproceedings{20556, author = {{Bodden, Eric and I Pun, Ka and Steffen, Martin and Stolz, Volker and Wickert, Anna-Katharina}}, booktitle = {{Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}}}, pages = {{431--445}}, title = {{{Information Flow Analysis for Go}}}, doi = {{10.1007/978-3-319-47166-2_30}}, year = {{2016}}, } @inproceedings{20716, author = {{Bodden, Eric and Eichberg, Michael and I Pun, Ka and Steffen, Martin and Stolz, Volker and Wickert, Anna-Katharina}}, booktitle = {{Nordic Workshop on Programming Theory (NWPT'16)}}, title = {{{Don't let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go}}}, year = {{2016}}, } @techreport{20717, author = {{Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{Just-in-Time Static Analysis}}}, doi = {{http://dx.doi.org/10.7939/DVN/10859}}, year = {{2016}}, } @article{20718, author = {{Rasthofer, Siegfried and Arzt, Steven and Bodden, Eric and Miltenberger, Marc}}, journal = {{Datenschutz und Datensicherheit}}, keywords = {{ATTRACT, ITSECWEBSITE}}, pages = {{718--722}}, title = {{{Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen}}}, doi = {{https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536}}, year = {{2016}}, } @inproceedings{20719, author = {{Holzinger, Philipp and Triller, Stefan and Bartel, Alexandre and Bodden, Eric}}, booktitle = {{Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}}, isbn = {{978-1-4503-4139-4}}, keywords = {{ATTRACT, access control, exploits, java security, security analysis, ITSECWEBSITE}}, pages = {{779--790}}, title = {{{An In-Depth Study of More Than Ten Years of Java Exploitation}}}, doi = {{http://doi.acm.org/10.1145/2976749.2978361}}, year = {{2016}}, } @inproceedings{20720, author = {{Follner, Andreas and Bartel, Alexandre and Peng, Hui and Chang, Yu-Chen and Ispoglou, Kyriakos and Payer, Mathias and Bodden, Eric}}, booktitle = {{International Workshop on Security and Trust Management (STM)}}, pages = {{212--228}}, title = {{{PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution}}}, year = {{2016}}, } @inproceedings{20721, author = {{Nguyen Quang Do, Lisa and Eichberg, Michael and Bodden, Eric}}, booktitle = {{Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}}, keywords = {{ATTRACT}}, pages = {{13--17}}, title = {{{Toward an Automated Benchmark Management System}}}, year = {{2016}}, } @inproceedings{20722, author = {{Arzt, Steven and Kussmaul, Tobias and Bodden, Eric}}, booktitle = {{Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}}, pages = {{1--6}}, title = {{{Towards Cross-Platform Cross-Language Analysis with Soot}}}, year = {{2016}}, } @article{20724, author = {{Follner, Andreas and Bodden, Eric}}, issn = {{2214-2126}}, journal = {{Journal of Information Security and Applications }}, pages = {{16--26}}, title = {{{ROPocop — Dynamic mitigation of code-reuse attacks}}}, doi = {{http://dx.doi.org/10.1016/j.jisa.2016.01.002}}, volume = {{29}}, year = {{2016}}, } @inproceedings{20725, author = {{Follner, Andreas and Bartel, Alexandre and Bodden, Eric}}, booktitle = {{International Symposium on Engineering Secure Software and Systems (ESSoS)}}, title = {{{Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality}}}, year = {{2016}}, } @inproceedings{20726, author = {{Falzon, Kevin and Bodden, Eric}}, booktitle = {{Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings}}, editor = {{Piessens, Frank and Vigan'o, Luca}}, isbn = {{978-3-662-49635-0}}, pages = {{116--138}}, publisher = {{Springer Berlin Heidelberg}}, title = {{{Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels}}}, doi = {{10.1007/978-3-662-49635-0_7}}, year = {{2016}}, } @inproceedings{20727, author = {{Rasthofer, Siegfried and Arzt, Steven and Miltenberger, Marc and Bodden, Eric}}, booktitle = {{Network and Distributed System Security Symposium (NDSS)}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques}}}, year = {{2016}}, } @inproceedings{20728, author = {{Nadi, Sarah and Krüger, Stefan and Mezini, Mira and Bodden, Eric}}, booktitle = {{International Conference for Software Engineering (ICSE)}}, keywords = {{CROSSING, ITSECWEBSITE}}, pages = {{935--946}}, title = {{{Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs?}}}, year = {{2016}}, } @inproceedings{20729, author = {{Arzt, Steven and Bodden, Eric}}, booktitle = {{International Conference for Software Engineering (ICSE)}}, keywords = {{ITSECWEBSITE}}, title = {{{StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework}}}, year = {{2016}}, } @inproceedings{20730, author = {{Eling, N. and Rasthofer, S. and Kolhagen, M. and Bodden, Eric and Buxmann, P.}}, booktitle = {{2016 49th Hawaii International Conference on System Sciences (HICSS)}}, issn = {{1530-1605}}, pages = {{3666--3675}}, title = {{{Investigating Users' Reaction to Fine-Grained Data Requests: A Market Experiment}}}, doi = {{10.1109/HICSS.2016.458}}, year = {{2016}}, } @techreport{20822, abstract = {{Several examples of mechatronic systems can be found nowadays in modern cars, production systems, and medical technology. Day by day, the number of innovative functionalities in such mechatronic systems is increasing. These functionalities are realized with complex software. Such software exhibits hard real-time, safety requirements. The adherence to these requirements must be thoroughly analyzed and verified. Moreover, to obtain a significant increment in the reliability, performance, and efficiency of such software, it needs to maintain the self-adaptation of its properties. In order to develop such systems with a high quality and within a short time, we need a systematic and consistent design method. For this purpose, the software engineering group at the University of Paderborn and the Fraunhofer IEM in Paderborn propose the MechatronicUML method. This method provides a comprehensive model-driven process support, that starts from requirements and reaches the executable software after passing through several design and analysis steps. This process improves the comprehension during development and makes complex systems manageable. MechatronicUML emphasizes mainly on: (1) modeling and (formal) verification of reconfigurable software architectures, (2) the coordination among system components in such architectures, and (3) the integration of discrete software events with the continuous behavior of control devices.}}, author = {{Dziwok, Stefan and Pohlmann, Uwe and Piskachev, Goran and Schubert, David and Thiele, Sebastian and Gerking, Christopher}}, title = {{{The MechatronicUML Design Method: Process and Language for Platform-Independent Modeling}}}, year = {{2016}}, } @techreport{20823, abstract = {{In this technical report, we present the MechatronicUML requirements engineering method. The method encompasses a process and a scenario-based modeling language for the documentation and analysis of requirements on the message-based interaction behavior of software-intensive systems. The modeling language uses a scenario notation based on Modal Sequence Diagrams (MSDs), which borrows concepts of UML Interactions as well as of Live Sequence Charts. Furthermore, we introduce the so-called Emergency Braking & Evasion System (EBEAS) as a running example, which is based on current and upcoming real-world driver assistance systems. }}, author = {{Holtmann, Jörg and Fockel, Markus and Koch, Thorsten and Schmelter, David and Brenner, Christian and Bernijazov, Ruslan and Sander, Marcel}}, title = {{{The MechatronicUML Requirements Engineering Method: Process and Language}}}, doi = {{10.13140/RG.2.2.33223.29606}}, year = {{2016}}, } @inproceedings{20825, abstract = {{Das Systemmodell ist der Kern des Model-Based Systems Engineering (MBSE). Während jedoch im Systems Engineering dem Zusammenspiel von Produkt und Projekt ein hoher Stellenwert beigemessen wird, liegt der Fokus im MBSE noch sehr stark auf technischen Prozessen. Im Hinblick auf die Idee des Systemmodells als zentrale Datenquelle sollten auch Stakeholder jenseits der direkten Entwicklungsaktivitäten das Systemmodell entsprechend nutzen können und davon profitieren. Dazu wird ein Demonstrator vorgestellt, welcher die Anwendung einer Komplexitätsanalyse auf Basis des Systemmodells mechatronischer Systeme stellvertretend für Methoden in Sinne der technischen Managementprozesse der ISO/IEC 15288 aufzeigt. Grundlage des Demonstrators bildet das Systemmodell eines Pedelecs. Die darin modellierten Strukturen dienen als Input für die Komplexitätsanalyse. Über die automatisierte Anwendung der Komplexitätsanalyse ergibt sich als Output ein Portfolio, das die Komplexität der funktionserfüllenden Komponenten mit der Bewertung der Funktionalität in Beziehung setzt und somit eine Beurteilung und entsprechende Handlungsempfehlungen der Komponenten ermöglicht.}}, author = {{Greinert, Matthias and Tschirner, Christian and Holtmann, Jörg}}, booktitle = {{Tag des Systems Engineering 2016}}, pages = {{77--86}}, publisher = {{Gesellschaft f{\"u}r Systems Engineering e.V.}}, title = {{{Anwendung von Methoden der Produktentstehung auf Basis des Systemmodells mechatronischer Systeme}}}, doi = {{10.3139/9783446451414.008}}, year = {{2016}}, } @inproceedings{20830, author = {{Schubert, David and Heinzemann, Christian and Gerking, Christopher}}, booktitle = {{Proceedings of the 19th international ACM Sigsoft symposium on component-based software engineering}}, publisher = {{ACM}}, title = {{{Towards Safe Execution of Reconfigurations in Cyber-Physical Systems}}}, year = {{2016}}, } @techreport{221, author = {{Platenius, Marie Christin and Josifovska, Klementina and van Rooijen, Lorijn and Arifulina, Svetlana and Becker, Matthias and Engels, Gregor and Schäfer, Wilhelm}}, publisher = {{Universität Paderborn}}, title = {{{An Overview of Service Specification Language and Matching in On-The-Fly Computing (v0.3)}}}, year = {{2016}}, } @inproceedings{5205, author = {{Späth, Johannes and Nguyen Quang Do, Lisa and Ali, Karim and Bodden, Eric}}, booktitle = {{European Conference on Object-Oriented Programming (ECOOP)}}, keywords = {{ATTRACT, ITSECWEBSITE}}, title = {{{Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java}}}, year = {{2016}}, } @inproceedings{280, abstract = {{The Collaborative Research Centre "On-The-Fly Computing" works on foundations and principles for the vision of the Future Internet. It proposes the paradigm of On-The-Fly Computing, which tackles emerging worldwide service markets. In these markets, service providers trade software, platform, and infrastructure as a service. Service requesters state requirements on services. To satisfy these requirements, the new role of brokers, who are (human) actors building service compositions on the fly, is introduced. Brokers have to specify service compositions formally and comprehensively using a domain-specific language (DSL), and to use service matching for the discovery of the constituent services available in the market. The broker's choice of the DSL and matching approaches influences her success of building compositions as distinctive properties of different service markets play a significant role. In this paper, we propose a new approach of engineering a situation-specific DSL by customizing a comprehensive, modular DSL and its matching for given service market properties. This enables the broker to create market-specific composition specifications and to perform market-specific service matching. As a result, the broker builds service compositions satisfying the requester's requirements more accurately. We evaluated the presented concepts using case studies in service markets for tourism and university management.}}, author = {{Arifulina, Svetlana and Platenius, Marie Christin and Mohr, Felix and Engels, Gregor and Schäfer, Wilhelm}}, booktitle = {{Proceedings of the IEEE 11th World Congress on Services (SERVICES), Visionary Track: Service Composition for the Future Internet}}, pages = {{333----340}}, title = {{{Market-Specific Service Compositions: Specification and Matching}}}, doi = {{10.1109/SERVICES.2015.58}}, year = {{2015}}, } @inproceedings{313, abstract = {{Nowadays, many service providers offer software components in the form of Software as a Service. Requesters that want to discover those services in order to use or to integrate them, need to find out which service satisfies their requirements best. For this purpose, service matching approaches determine how well the specifications of provided services satisfy their requirements (including structural, behavioral, and non-functional requirements). In this paper, we describe the tool-suite MatchBox that allows the integration of existing service matchers and their combination as part of flexibly configurable matching processes. Taking requirements and service specifications as an input, MatchBox is able to execute such matching processes and deliver rich matching results. In contrast to related tools, MatchBox allows users to take into account many different kinds of requirements, while it also provides the flexibility to control the matching process in many different ways. }}, author = {{Börding, Paul and Bruns, Melanie and Platenius, Marie Christin}}, booktitle = {{10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE'15)}}, pages = {{974----977}}, title = {{{Comprehensive Service Matching with MatchBox}}}, doi = {{10.1145/2786805.2803181}}, year = {{2015}}, } @inproceedings{279, abstract = {{Service discovery in global software markets is performed by brokers who act as intermediaries between service consumers and service providers.In order to discover services, brokers apply service matching for determining whether the specification of a provided service satisfies the consumer's requirements.Brokers can already choose between a lot of different service matching approaches considering different service properties (structural, behavioral, and non-functional properties).Different matching approaches can be combined into configurable matching processes leading to a high matching quality (e.g., accurate matching results). However, this combination and configuration is a manual procedure and has to be repeated for different consumers' or market requirements regarding matching quality. In this paper, we propose our framework MatchBox, which supports a broker in reusing existing matching approaches and combining them in a model-driven way based on a reconfigurable model of the matching process.Using this reconfigurable model, MatchBox takes care of control and data flow between matching approaches and executes the modeled processes automatically.As a case study, we integrated eleven matchers into MatchBox to demonstrate that it remains flexibility and reduces effort for a broker at the same time.}}, author = {{Platenius, Marie Christin and Arifulina, Svetlana and Schäfer, Wilhelm}}, booktitle = {{Proceedings of the 18th International ACM Sigsoft Symposium on Component-Based Software Engineering (CBSE'15)}}, pages = {{75--84}}, title = {{{MatchBox: A Framework for Dynamic Configuration of Service Matching Processes}}}, doi = {{10.1145/2737166.2737174}}, year = {{2015}}, } @techreport{20977, author = {{Schäfer, Wilhelm and Dziwok, Stefan and Pohlmann, Uwe and Bobolz, Jan and Czech, Mike and Dann, Andreas Peter and Geismann, Johannes and Hüwe, Marcus and Krieger, Arthur and Piskachev, Goran and Schubert, David and Wohlrab, Rebekka}}, title = {{{Seminar Theses of the Project Group Cybertron}}}, year = {{2015}}, } @inproceedings{20979, author = {{Stockmann, Lars}}, booktitle = {{Proceedings of the Doctoral Symposium of the ACM/IEEE 18th International Conference on Model Driven Engineering Languages and Systems}}, editor = {{Chechik, Marsha and Kolovos, Dimitris}}, title = {{{Debugging Models in the Context of Automotive Software Development}}}, year = {{2015}}, } @techreport{20832, author = {{Schäfer, Wilhelm and Dziwok, Stefan and Pohlmann, Uwe and Bobolz, Jan and Czech, Mike and Dann, Andreas Peter and Geismann, Johannes and Hüwe, Marcus and Krieger, Arthur and Piskachev, Goran and Schubert, David and Wohlrab, Rebekka}}, title = {{{Seminar Theses of the Project Group Cybertron}}}, year = {{2015}}, } @misc{20833, author = {{Geismann, Johannes}}, publisher = {{Universität Paderborn, Heinz Nixdorf Institut, Softwaretechnik}}, title = {{{Multi-Core Execution of Safety-Critical Component-Based Software}}}, year = {{2015}}, } @inproceedings{20902, abstract = {{Die Komplexität moderner Fahrzeuge steigt aufgrund der zunehmenden Anzahl von Funktionen, die durch elektronische Systeme umgesetzt werden. Insbesondere nehmen die Abhängigkeiten zwischen den an der Entwicklung beteiligten Fachdisziplinen und der Softwareanteil massiv zu. Wir haben einen für die Automobilindustrie angepassten, zum Reifegradmodell Automotive SPICE konformen Prozess für die Entwicklung von Steuergeräten konzipiert, der ein fachdisziplinübergreifendes Systems Engineering und einen systematischen Übergang in die Softwareentwicklung unterstützt. Im Kontext dieses Entwicklungsprozess beschreiben wir in diesem Beitrag den Übergang vom UML-basierten Softwareentwurf zum in der Automobilindustrie etablierten AUTOSAR-Standard mit Hilfe einer automatischen Modelltransformation. So werden fehleranfällige und zeitaufwändige manuelle Tätigkeiten reduziert. Wir haben die Generierung von AUTOSAR-Modellen gemeinsam mit dem international tätigen Automobilzulieferer Hella KGaA Hueck & Co. in seriennahen Entwicklungsprojekten praktisch erprobt und Zeit- und Kostenersparnisse festgestellt.}}, author = {{Meyer, Jan and Holtmann, Jörg and Koch, Thorsten and Meyer, Matthias}}, booktitle = {{10. Paderborner Workshop Entwurf mechatronischer Systeme}}, editor = {{Gausemeier, Jürgen and Dumitrescu, Roman and Rammig, Franz-Josef and Schäfer, Wilhelm and Trächtler, Ansgar}}, pages = {{159–172}}, publisher = {{Heinz Nixdorf Institut}}, title = {{{Generierung von AUTOSAR-Modellen aus UML-Spezifikationen}}}, volume = {{343}}, year = {{2015}}, } @inproceedings{5207, author = {{Li, Li and Bartel, Alexandre and Bissyande, Tegawende F. and Klein, Jacques and Le Traon, Yves and Arzt, Steven and Rasthofer, Siegfried and Bodden, Eric and Octeau, Damien and McDaniel, Patrick}}, booktitle = {{2015 International Conference on Software Engineering (ICSE)}}, isbn = {{978-1-4799-1934-5}}, keywords = {{CROSSING, ATTRACT, ITSECWEBSITE}}, pages = {{280--291}}, title = {{{IccTA: Detecting Inter-Component Privacy Leaks in Android Apps}}}, year = {{2015}}, } @inproceedings{346, abstract = {{One future goal of service-oriented computing is to realize global markets of composed services. On such markets, service providers offer services that can be flexibly combined with each other. However, most often, market participants are not able to individually estimate the quality of traded services in advance. As a consequence, even potentially profitable transactions between customers and providers might not take place. In the worst case, this can induce a market failure. To overcome this problem, we propose the incorporation of reputation information as an indicator for expected service quality. We address On-The-Fly Computing as a representative environment of markets of composed services. In this environment, customers provide feedback on transactions. We present a conceptual design of a reputation system which collects and processes user feedback, and provides it to participants in the market. Our contribution includes the identification of requirements for such a reputation system from a technical and an economic perspective. Based on these requirements, we propose a flexible solution that facilitates the incorporation of reputation information into markets of composed services while simultaneously preserving privacy of customers who provide feedback. The requirements we formulate in this paper have just been partially met in literature. An integrated approach, however, has not been addressed yet.}}, author = {{Brangewitz, Sonja and Jungmann, Alexander and Petrlic, Ronald and Platenius, Marie Christin}}, booktitle = {{Proceedings of the 6th International Conferences on Advanced Service Computing (SERVICE COMPUTATION)}}, pages = {{49--57}}, title = {{{Towards a Flexible and Privacy-Preserving Reputation System for Markets of Composed Services}}}, year = {{2014}}, } @inproceedings{364, abstract = {{Today, software components are traded on markets in form of services. These services can also be service compositions consisting of several services. If a software architect wants to provide such a service composition in the market for trade, she needs to perform several tasks: she needs to model the composition, to discover existing services to be part of that composition, and to analyze the composition's functional correctness as well as its quality, e.g., performance. Up to now, the architect needed to find and use different tools for these tasks. Typically, these tools are not interoperable with each other. We provide the tool SeSAME that supports a software architect in all of these tasks. SeSAME is an integrated Eclipse-based tool-suite providing a comprehensive service specification language to model service compositions and existing services. Furthermore, it includes modules for service matching, functional analysis, and non-functional analysis. SeSAME is the first tool that integrates all these tasks into one tool-suite and, thereby, provides holistic support for trading software services. Thus, it contributes to a software provider's market success.}}, author = {{Arifulina, Svetlana and Becker, Matthias and Platenius, Marie Christin and Walther, Sven}}, booktitle = {{Proceedings of the 29th IEEE/ACM International Conference on Automated Software Engineering (ASE 2014)}}, pages = {{839--842}}, title = {{{SeSAME: Modeling and Analyzing High-Quality Service Compositions}}}, doi = {{10.1145/2642937.2648621}}, year = {{2014}}, } @inproceedings{366, abstract = {{On-The-Fly (OTF) Computing constitutes an approach towards highly dynamic and individualized software markets. Based on service-oriented computing, OTF Computing is about realizing global markets of services that can be flexibly combined. We report on our current research activities, the security and privacy implications thereof, and our approaches to tackle the challenges. Furthermore, we discuss how the security and privacy challenges are addressed in research projects similar to OTF Computing.}}, author = {{Petrlic, Ronald and Jungmann, Alexander and Platenius, Marie Christin and Schäfer, Wilhelm and Sorge, Christoph}}, booktitle = {{Tagungsband der 4. Konferenz Software-Technologien und -Prozesse (STeP 2014)}}, pages = {{131--142}}, title = {{{Security and Privacy Challenges in On-The-Fly Computing}}}, year = {{2014}}, } @inproceedings{20983, abstract = {{In many areas, such as automotive, healthcare, or production, we find software-intensive systems with complex real-time requirements. To efficiently ensure the quality of these systems, engineers require automated tools for the validation of the requirements throughout the development. This, however, requires that the requirements are specified in an analyzable way. We propose modeling the specification using Modal Sequence Diagrams (MSDs), which express what a system may, must, or must not do in certain situations. MSDs can be executed via the play-out algorithm to investigate the behavior emerging from the interplay of multiple scenarios; we can also test if traces of the final product satisfy all scenarios. In this paper, we present the first tool supporting the play-out of MSDs with real-time constraints. As a case study, we modeled the requirements on gear shifts in an upcoming standard on vehicle testing and use our tool to validate externally generated gear shift sequences.}}, author = {{Brenner, Christian and Greenyer, Joel and Holtmann, Jörg and Liebel, Grischa and Stieglbauer, Gerald and Tichy, Matthias}}, booktitle = {{Proceedings of the 13th International Workshop on Graph Transformation and Visual Modeling Techniques (GT-VMT 2014)}}, title = {{{ScenarioTools Real-Time Play-Out for Test Sequence Validation in an Automotive Case Study}}}, year = {{2014}}, } @inproceedings{20905, author = {{Pohlmann, Uwe and Holtmann, Jörg and Meyer, Matthias and Gerking, Christopher}}, booktitle = {{Proceedings of the 40th Euromicro Conference on Software Engineering and Advanced Applications (SEAA)}}, publisher = {{IEEE Xplore}}, title = {{{Generating Modelica Models from Software Specifications for the Simulation of Cyber-physical Systems}}}, year = {{2014}}, } @inproceedings{20907, author = {{Becker, Steffen and Dziwok, Stefan and Gerking, Christopher and Heinzemann, Christian and Schäfer, Wilhelm and Meyer, Matthias and Pohlmann, Uwe}}, booktitle = {{Proceedings of the 36th International Conference on Software Engineering (Posters)}}, publisher = {{ACM, New York, NY, USA}}, title = {{{The MechatronicUML Method: Model-Driven Software Engineering of Self-Adaptive Mechatronic Systems}}}, year = {{2014}}, } @inproceedings{20908, author = {{Pohlmann, Uwe and Dziwok, Stefan and Meyer, Matthias and Tichy, Matthias and Thiele, Sebastian}}, booktitle = {{Proceedings of the 7th International ICST Conference on Simulation Tools and Techniques}}, title = {{{A Modelica Coordination Pattern Library for Cyber-Physical Systems}}}, year = {{2014}}, } @techreport{20909, author = {{Becker, Steffen and Dziwok, Stefan and Gerking, Christopher and Schäfer, Wilhelm and Heinzemann, Christian and Thiele, Sebastian and Meyer, Matthias and Priesterjahn, Claudia and Pohlmann, Uwe and Tichy, Matthias}}, title = {{{The MechatronicUML Design Method - Process and Language for Platform-Independent Modeling}}}, year = {{2014}}, } @inproceedings{20910, author = {{Pohlmann, Uwe and Meyer, Matthias and Dann, Andreas Peter and Brink, Christopher}}, booktitle = {{Proceedings of the 2Nd Workshop on View-Based, Aspect-Oriented and Orthographic Software Modelling}}, pages = {{23:23--23:30}}, publisher = {{ACM, New York, NY, USA}}, title = {{{Viewpoints and Views in Hardware Platform Modeling for Safe Deployment}}}, year = {{2014}}, } @inproceedings{449, abstract = {{Cloud computing resulted in a continuously growing number of provided software services to be used by consumers. Brokers discover services that fit best to consumers' requirements by matching Qualityof-Service (QoS) properties. In order to negotiate Service-Level Agreements (SLAs), a provider has to determine the provided QoS based on QoS analyses. However, the risk for the provider to violate the SLA is high as the service's actual quality can deviate from the specified QoS due to uncertainties that occur during the provider's quality analysis. In this paper, we discuss current software engineering paradigms like cloud computing and service-oriented computing with respect to the amount of uncertainty they induce into service matching and SLA negotiations. As a result, we explain, why cloud computing reduces such uncertainties.}}, author = {{Becker, Matthias and Platenius, Marie Christin and Becker, Steffen}}, booktitle = {{Proceedings of the 2nd International Workshop on Cloud Service Brokerage (CSB)}}, pages = {{153--159}}, title = {{{Cloud Computing Reduces Uncertainties in Quality-of-Service Matching!}}}, doi = {{10.1007/978-3-319-14886-1_15}}, year = {{2014}}, } @inproceedings{401, abstract = {{Service matching approaches determine to what extent a provided service matches a requester's requirements. This process is based on service specifications describing functional (e.g., signatures) as well as non-functional properties (e.g., privacy policies). However, we cannot expect service specifications to be complete as providers do not want to share all details of their services' implementation. Moreover, creating complete specifications requires much effort. In this paper, we propose a novel service matching approach taking into account a service's signatures and privacy policies. In particular, our approach applies fuzzy matching techniques that are able to deal with incomplete service specifications. As a benefit, decision-making based on matching results is improved and service matching becomes better applicable in practice.}}, author = {{Platenius, Marie Christin and Arifulina, Svetlana and Petrlic, Ronald and Schäfer, Wilhelm}}, booktitle = {{Proceedings of the 4th International Workshop on Adaptive Services for the Future Internet}}, pages = {{6--17}}, title = {{{Matching of Incomplete Service Specifications Exemplified by Privacy Policy Matching}}}, doi = {{10.1007/978-3-319-14886-1_2}}, year = {{2014}}, } @inproceedings{402, abstract = {{Various approaches in service engineering are based on servicemarkets where brokers use service matching in order to performservice discovery. For matching, a broker translates the specifications ofproviders' services and requesters' requirements into her own specificationlanguage, in order to check their compliance using a matcher. Thebroker's success depends on the configuration of her language and itsmatcher because they in uence important properties like the effort forproviders and requesters to create suitable specifications as well as accuracyand runtime of matching. However, neither existing service specification languages, nor existing matching approaches are optimized insuch way. Our approach automatically provides brokers with an optimalconfiguration of a language and its matcher to improve her success ina given market with respect to her strategy. The approach is based onformalized configuration properties and a predefined set of configurationrules.}}, author = {{Arifulina, Svetlana and Platenius, Marie Christin and Gerth, Christian and Becker, Steffen and Engels, Gregor and Schäfer, Wilhelm}}, booktitle = {{Proceedings of the 12th International Conference on Service Oriented Computing (ICSOC 2014)}}, editor = {{Franch, Xavier and Ghose, AdityaK. and Lewis, GraceA. and Bhiri, Sami}}, pages = {{543--550}}, title = {{{Market-optimized Service Specification and Matching}}}, doi = {{10.1007/978-3-662-45391-9_47}}, year = {{2014}}, } @inproceedings{409, abstract = {{Service markets provide software components in the formof services. In order to enable a service discovery that satisfies servicerequesters and providers best, markets need automatic service matching:approaches for comparing whether a provided service satisfies a servicerequest. Current markets, e.g., app markets, are limited to basic keywordbasedsearch although many better suitable matching approaches aredescribed in literature. However, necessary architectural decisions forthe integration of matchers have a huge impact on quality propertieslike performance or security.Architectural decisions wrt. servicematchers have rarely been discussed,yet, and systematic approaches for their integration into service marketsare missing. In this paper, we present a systematic integration approachincluding the definition of requirements and a discussion on architecturaltactics. As a benefit, the decision-making process of integrating servicematchers is supported and the overall market success can be improved.}}, author = {{Platenius, Marie Christin and Becker, Steffen and Schäfer, Wilhelm}}, booktitle = {{Proceedings of the 8th European Conference on Software Architecture (ECSA 2014)}}, editor = {{Avgeriou, Paris and Zdun, Uwe}}, pages = {{210--217}}, title = {{{Integrating Service Matchers into a Service Market Architecture}}}, doi = {{10.1007/978-3-319-09970-5_19}}, year = {{2014}}, }