---
_id: '26406'
author:
- first_name: Philipp
full_name: Schubert, Philipp
id: '60543'
last_name: Schubert
orcid: 0000-0002-8674-1859
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Richard
full_name: Leer, Richard
last_name: Leer
citation:
ama: 'Schubert P, Hermann B, Bodden E, Leer R. Into the Woods: Experiences from
Building a Dataflow Analysis Framework for C/C++. In: SCAM ’21: IEEE International
Working Conference on Source Code Analysis and Manipulation (Engineering Track).
; 2021.'
apa: 'Schubert, P., Hermann, B., Bodden, E., & Leer, R. (2021). Into the Woods:
Experiences from Building a Dataflow Analysis Framework for C/C++. SCAM ’21:
IEEE International Working Conference on Source Code Analysis and Manipulation
(Engineering Track).'
bibtex: '@inproceedings{Schubert_Hermann_Bodden_Leer_2021, title={Into the Woods:
Experiences from Building a Dataflow Analysis Framework for C/C++}, booktitle={SCAM
’21: IEEE International Working Conference on Source Code Analysis and Manipulation
(Engineering Track)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric
and Leer, Richard}, year={2021} }'
chicago: 'Schubert, Philipp, Ben Hermann, Eric Bodden, and Richard Leer. “Into the
Woods: Experiences from Building a Dataflow Analysis Framework for C/C++.” In
SCAM ’21: IEEE International Working Conference on Source Code Analysis and
Manipulation (Engineering Track), 2021.'
ieee: 'P. Schubert, B. Hermann, E. Bodden, and R. Leer, “Into the Woods: Experiences
from Building a Dataflow Analysis Framework for C/C++,” 2021.'
mla: 'Schubert, Philipp, et al. “Into the Woods: Experiences from Building a Dataflow
Analysis Framework for C/C++.” SCAM ’21: IEEE International Working Conference
on Source Code Analysis and Manipulation (Engineering Track), 2021.'
short: 'P. Schubert, B. Hermann, E. Bodden, R. Leer, in: SCAM ’21: IEEE International
Working Conference on Source Code Analysis and Manipulation (Engineering Track),
2021.'
date_created: 2021-10-18T12:52:12Z
date_updated: 2023-06-15T08:39:55Z
department:
- _id: '76'
language:
- iso: eng
project:
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
- _id: '12'
name: 'SFB 901 - B4: SFB 901 - Subproject B4'
- _id: '1'
grant_number: '160364472'
name: 'SFB 901: SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen
in dynamischen Märkten '
publication: 'SCAM ''21: IEEE International Working Conference on Source Code Analysis
and Manipulation (Engineering Track)'
status: public
title: 'Into the Woods: Experiences from Building a Dataflow Analysis Framework for
C/C++'
type: conference
user_id: '15249'
year: '2021'
...
---
_id: '26405'
author:
- first_name: Philipp
full_name: Schubert, Philipp
id: '60543'
last_name: Schubert
orcid: 0000-0002-8674-1859
- first_name: Florian
full_name: Sattler, Florian
last_name: Sattler
- first_name: Fabian
full_name: Schiebel, Fabian
last_name: Schiebel
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Schubert P, Sattler F, Schiebel F, Hermann B, Bodden E. Modeling the Effects
of Global Variables in Data-Flow Analysis for C/C++. In: 2021 IEEE 21st International
Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.'
apa: Schubert, P., Sattler, F., Schiebel, F., Hermann, B., & Bodden, E. (2021).
Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++. 2021
IEEE 21st International Working Conference on Source Code Analysis and Manipulation
(SCAM).
bibtex: '@inproceedings{Schubert_Sattler_Schiebel_Hermann_Bodden_2021, title={Modeling
the Effects of Global Variables in Data-Flow Analysis for C/C++}, booktitle={2021
IEEE 21st International Working Conference on Source Code Analysis and Manipulation
(SCAM)}, author={Schubert, Philipp and Sattler, Florian and Schiebel, Fabian and
Hermann, Ben and Bodden, Eric}, year={2021} }'
chicago: Schubert, Philipp, Florian Sattler, Fabian Schiebel, Ben Hermann, and Eric
Bodden. “Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++.”
In 2021 IEEE 21st International Working Conference on Source Code Analysis
and Manipulation (SCAM), 2021.
ieee: P. Schubert, F. Sattler, F. Schiebel, B. Hermann, and E. Bodden, “Modeling
the Effects of Global Variables in Data-Flow Analysis for C/C++,” 2021.
mla: Schubert, Philipp, et al. “Modeling the Effects of Global Variables in Data-Flow
Analysis for C/C++.” 2021 IEEE 21st International Working Conference on Source
Code Analysis and Manipulation (SCAM), 2021.
short: 'P. Schubert, F. Sattler, F. Schiebel, B. Hermann, E. Bodden, in: 2021 IEEE
21st International Working Conference on Source Code Analysis and Manipulation
(SCAM), 2021.'
date_created: 2021-10-18T12:50:35Z
date_updated: 2023-06-15T08:57:24Z
department:
- _id: '76'
language:
- iso: eng
project:
- _id: '12'
name: 'SFB 901 - B4: SFB 901 - Subproject B4'
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
- _id: '1'
grant_number: '160364472'
name: 'SFB 901: SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen
in dynamischen Märkten '
publication: 2021 IEEE 21st International Working Conference on Source Code Analysis
and Manipulation (SCAM)
status: public
title: Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++
type: conference
user_id: '15249'
year: '2021'
...
---
_id: '20507'
author:
- first_name: Johannes
full_name: Geismann, Johannes
id: '20063'
last_name: Geismann
orcid: https://orcid.org/0000-0003-2015-2047
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: Geismann J, Bodden E. A systematic literature review of model-driven security
engineering for cyber–physical systems. Journal of Systems and Software.
2020;169:110697. doi:https://doi.org/10.1016/j.jss.2020.110697
apa: Geismann, J., & Bodden, E. (2020). A systematic literature review of model-driven
security engineering for cyber–physical systems. Journal of Systems and Software,
169, 110697. https://doi.org/10.1016/j.jss.2020.110697
bibtex: '@article{Geismann_Bodden_2020, title={A systematic literature review of
model-driven security engineering for cyber–physical systems}, volume={169}, DOI={https://doi.org/10.1016/j.jss.2020.110697},
journal={Journal of Systems and Software}, author={Geismann, Johannes and Bodden,
Eric}, year={2020}, pages={110697} }'
chicago: 'Geismann, Johannes, and Eric Bodden. “A Systematic Literature Review of
Model-Driven Security Engineering for Cyber–Physical Systems.” Journal of Systems
and Software 169 (2020): 110697. https://doi.org/10.1016/j.jss.2020.110697.'
ieee: 'J. Geismann and E. Bodden, “A systematic literature review of model-driven
security engineering for cyber–physical systems,” Journal of Systems and Software,
vol. 169, p. 110697, 2020, doi: https://doi.org/10.1016/j.jss.2020.110697.'
mla: Geismann, Johannes, and Eric Bodden. “A Systematic Literature Review of Model-Driven
Security Engineering for Cyber–Physical Systems.” Journal of Systems and Software,
vol. 169, 2020, p. 110697, doi:https://doi.org/10.1016/j.jss.2020.110697.
short: J. Geismann, E. Bodden, Journal of Systems and Software 169 (2020) 110697.
date_created: 2020-11-26T08:32:56Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: https://doi.org/10.1016/j.jss.2020.110697
intvolume: ' 169'
language:
- iso: eng
page: '110697'
publication: Journal of Systems and Software
publication_identifier:
issn:
- 0164-1212
status: public
title: A systematic literature review of model-driven security engineering for cyber–physical
systems
type: journal_article
user_id: '5786'
volume: 169
year: '2020'
...
---
_id: '20508'
author:
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: Nguyen Quang Do L, Bodden E. Explaining Static Analysis with Rule Graphs. IEEE
Transactions on Software Engineering. Published online 2020.
apa: Nguyen Quang Do, L., & Bodden, E. (2020). Explaining Static Analysis with
Rule Graphs. IEEE Transactions on Software Engineering.
bibtex: '@article{Nguyen Quang Do_Bodden_2020, title={Explaining Static Analysis
with Rule Graphs}, journal={IEEE Transactions on Software Engineering}, author={Nguyen
Quang Do, Lisa and Bodden, Eric}, year={2020} }'
chicago: Nguyen Quang Do, Lisa, and Eric Bodden. “Explaining Static Analysis with
Rule Graphs.” IEEE Transactions on Software Engineering, 2020.
ieee: L. Nguyen Quang Do and E. Bodden, “Explaining Static Analysis with Rule Graphs,”
IEEE Transactions on Software Engineering, 2020.
mla: Nguyen Quang Do, Lisa, and Eric Bodden. “Explaining Static Analysis with Rule
Graphs.” IEEE Transactions on Software Engineering, 2020.
short: L. Nguyen Quang Do, E. Bodden, IEEE Transactions on Software Engineering
(2020).
date_created: 2020-11-26T08:38:33Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/tse20ruleGraphs.pdf
publication: IEEE Transactions on Software Engineering
status: public
title: Explaining Static Analysis with Rule Graphs
type: journal_article
user_id: '5786'
year: '2020'
...
---
_id: '20509'
author:
- first_name: Andreas
full_name: Fischer, Andreas
last_name: Fischer
- first_name: Jonas
full_name: Janneck, Jonas
last_name: Janneck
- first_name: Jörn
full_name: Kussmaul, Jörn
last_name: Kussmaul
- first_name: Nikolas
full_name: Krätzschmar, Nikolas
last_name: Krätzschmar
- first_name: Florian
full_name: Kerschbaum, Florian
last_name: Kerschbaum
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Fischer A, Janneck J, Kussmaul J, Krätzschmar N, Kerschbaum F, Bodden E. PASAPTO:
Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted
Data with Restricted Leakage. In: 2020 IEEE Computer Security Foundations Symposium
(CSF). ; 2020.'
apa: 'Fischer, A., Janneck, J., Kussmaul, J., Krätzschmar, N., Kerschbaum, F., &
Bodden, E. (2020). PASAPTO: Policy-aware Security and Performance Trade-off Analysis
- Computation on Encrypted Data with Restricted Leakage. 2020 IEEE Computer
Security Foundations Symposium (CSF).'
bibtex: '@inproceedings{Fischer_Janneck_Kussmaul_Krätzschmar_Kerschbaum_Bodden_2020,
title={PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation
on Encrypted Data with Restricted Leakage}, booktitle={2020 IEEE Computer Security
Foundations Symposium (CSF)}, author={Fischer, Andreas and Janneck, Jonas and
Kussmaul, Jörn and Krätzschmar, Nikolas and Kerschbaum, Florian and Bodden, Eric},
year={2020} }'
chicago: 'Fischer, Andreas, Jonas Janneck, Jörn Kussmaul, Nikolas Krätzschmar, Florian
Kerschbaum, and Eric Bodden. “PASAPTO: Policy-Aware Security and Performance Trade-off
Analysis - Computation on Encrypted Data with Restricted Leakage.” In 2020
IEEE Computer Security Foundations Symposium (CSF), 2020.'
ieee: 'A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, and E.
Bodden, “PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation
on Encrypted Data with Restricted Leakage,” 2020.'
mla: 'Fischer, Andreas, et al. “PASAPTO: Policy-Aware Security and Performance Trade-off
Analysis - Computation on Encrypted Data with Restricted Leakage.” 2020 IEEE
Computer Security Foundations Symposium (CSF), 2020.'
short: 'A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, E. Bodden,
in: 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.'
date_created: 2020-11-26T08:40:08Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/fjk+20pasapto.pdf
publication: 2020 IEEE Computer Security Foundations Symposium (CSF)
status: public
title: 'PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation
on Encrypted Data with Restricted Leakage'
type: conference
user_id: '5786'
year: '2020'
...
---
_id: '20510'
author:
- first_name: Manuel
full_name: Benz, Manuel
last_name: Benz
- first_name: Erik
full_name: Krogh Kristensen, Erik
last_name: Krogh Kristensen
- first_name: Linghui
full_name: Luo, Linghui
last_name: Luo
- first_name: Nataniel
full_name: P. Borges Jr., Nataniel
last_name: P. Borges Jr.
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Andreas
full_name: Zeller, Andreas
last_name: Zeller
citation:
ama: 'Benz M, Krogh Kristensen E, Luo L, P. Borges Jr. N, Bodden E, Zeller A. Heaps’n
Leaks: How Heap Snapshots Improve Android Taint Analysis. In: International
Conference for Software Engineering (ICSE). ; 2020.'
apa: 'Benz, M., Krogh Kristensen, E., Luo, L., P. Borges Jr., N., Bodden, E., &
Zeller, A. (2020). Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis.
International Conference for Software Engineering (ICSE).'
bibtex: '@inproceedings{Benz_Krogh Kristensen_Luo_P. Borges Jr._Bodden_Zeller_2020,
title={Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis}, booktitle={International
Conference for Software Engineering (ICSE)}, author={Benz, Manuel and Krogh Kristensen,
Erik and Luo, Linghui and P. Borges Jr., Nataniel and Bodden, Eric and Zeller,
Andreas}, year={2020} }'
chicago: 'Benz, Manuel, Erik Krogh Kristensen, Linghui Luo, Nataniel P. Borges Jr.,
Eric Bodden, and Andreas Zeller. “Heaps’n Leaks: How Heap Snapshots Improve Android
Taint Analysis.” In International Conference for Software Engineering (ICSE),
2020.'
ieee: 'M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, and A.
Zeller, “Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis,” 2020.'
mla: 'Benz, Manuel, et al. “Heaps’n Leaks: How Heap Snapshots Improve Android Taint
Analysis.” International Conference for Software Engineering (ICSE), 2020.'
short: 'M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, A. Zeller,
in: International Conference for Software Engineering (ICSE), 2020.'
date_created: 2020-11-26T08:47:56Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
publication: International Conference for Software Engineering (ICSE)
status: public
title: 'Heaps''n Leaks: How Heap Snapshots Improve Android Taint Analysis'
type: conference
user_id: '5786'
year: '2020'
...
---
_id: '20511'
author:
- first_name: Andreas
full_name: Fischer, Andreas
last_name: Fischer
- first_name: Benny
full_name: Fuhry, Benny
last_name: Fuhry
- first_name: Florian
full_name: Kerschbaum, Florian
last_name: Kerschbaum
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data
using Dataflow Authentication. In: Privacy Enhancing Technologies Symposium
(PETS/PoPETS). ; 2020.'
apa: Fischer, A., Fuhry, B., Kerschbaum, F., & Bodden, E. (2020). Computation
on Encrypted Data using Dataflow Authentication. Privacy Enhancing Technologies
Symposium (PETS/PoPETS).
bibtex: '@inproceedings{Fischer_Fuhry_Kerschbaum_Bodden_2020, title={Computation
on Encrypted Data using Dataflow Authentication}, booktitle={Privacy Enhancing
Technologies Symposium (PETS/PoPETS)}, author={Fischer, Andreas and Fuhry, Benny
and Kerschbaum, Florian and Bodden, Eric}, year={2020} }'
chicago: Fischer, Andreas, Benny Fuhry, Florian Kerschbaum, and Eric Bodden. “Computation
on Encrypted Data Using Dataflow Authentication.” In Privacy Enhancing Technologies
Symposium (PETS/PoPETS), 2020.
ieee: A. Fischer, B. Fuhry, F. Kerschbaum, and E. Bodden, “Computation on Encrypted
Data using Dataflow Authentication,” 2020.
mla: Fischer, Andreas, et al. “Computation on Encrypted Data Using Dataflow Authentication.”
Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020.
short: 'A. Fischer, B. Fuhry, F. Kerschbaum, E. Bodden, in: Privacy Enhancing Technologies
Symposium (PETS/PoPETS), 2020.'
date_created: 2020-11-26T08:50:59Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/ffk+20computation.pdf
publication: Privacy Enhancing Technologies Symposium (PETS/PoPETS)
status: public
title: Computation on Encrypted Data using Dataflow Authentication
type: conference
user_id: '5786'
year: '2020'
...
---
_id: '20512'
author:
- first_name: Stefan
full_name: Krüger, Stefan
last_name: Krüger
- first_name: Karim
full_name: Ali, Karim
last_name: Ali
- first_name: Eric
full_name: Bodden, Eric
last_name: Bodden
citation:
ama: 'Krüger S, Ali K, Bodden E. CogniCrypt_GEN - Generating Code for the Secure
Usage of Crypto APIs. In: International Symposium on Code Generation and Optimization
(CGO). ; 2020:185-198.'
apa: Krüger, S., Ali, K., & Bodden, E. (2020). CogniCrypt_GEN - Generating Code
for the Secure Usage of Crypto APIs. International Symposium on Code Generation
and Optimization (CGO), 185–198.
bibtex: '@inproceedings{Krüger_Ali_Bodden_2020, title={CogniCrypt_GEN - Generating
Code for the Secure Usage of Crypto APIs}, booktitle={International Symposium
on Code Generation and Optimization (CGO)}, author={Krüger, Stefan and Ali, Karim
and Bodden, Eric}, year={2020}, pages={185–198} }'
chicago: Krüger, Stefan, Karim Ali, and Eric Bodden. “CogniCrypt_GEN - Generating
Code for the Secure Usage of Crypto APIs.” In International Symposium on Code
Generation and Optimization (CGO), 185–98, 2020.
ieee: S. Krüger, K. Ali, and E. Bodden, “CogniCrypt_GEN - Generating Code for the
Secure Usage of Crypto APIs,” in International Symposium on Code Generation
and Optimization (CGO), 2020, pp. 185–198.
mla: Krüger, Stefan, et al. “CogniCrypt_GEN - Generating Code for the Secure Usage
of Crypto APIs.” International Symposium on Code Generation and Optimization
(CGO), 2020, pp. 185–98.
short: 'S. Krüger, K. Ali, E. Bodden, in: International Symposium on Code Generation
and Optimization (CGO), 2020, pp. 185–198.'
date_created: 2020-11-26T08:51:01Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
page: 185-198
publication: International Symposium on Code Generation and Optimization (CGO)
related_material:
link:
- relation: confirmation
url: http://www.bodden.de/pubs/krueger20cognicryptgen.pdf
status: public
title: CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs
type: conference
user_id: '5786'
year: '2020'
...
---
_id: '20513'
abstract:
- lang: ger
text: "Frühere Studien haben empirisch offenbart, dass Fehlbenutzungen von kryptographischen
APIs in Softwareanwendungen weitverbreitet sind. Dies geschieht vor allem, weil
Software-Entwickler_innen aufgrund schlechten API-Designs und fehlenden Kryptographiewissens
Probleme bekommen, wenn sie versuchen kryptographische Features zu implementieren.
Die Literatur liefert mehrere Ansätze und Vorschläge diese Probleme zu lösen,
aber alle scheitern schlussendlich auf die eine oder andere Weise daran die Anforderungen
der Entwickler_innenzu erfüllen. Das Resultat ist eine insgesamt lückenhafte Landschaft
verschiedener nur wenigkomplementärer Ansätze.In dieser Arbeit adressieren wir
das Problem kryptographischer Fehlbenutzungen systematischer durch CogniCrypt.
CogniCrypt integriert verschiedene Arten von Tool Supportin einen gemeinsamen
Ansatz, der Entwickler_innen davon befreit wissen zu müssen, wie diese APIs benutzt
werden müssen. Zentral für unseren Ansatz ist CrySL, eine Beschreibungssprache,die
die kognitive Lücke zwischen Kryptographie-Expert_innen und Software-Entwickler_innenüberbrückt.
CrySL ermöglicht es Kryptographie-Expert_innen zu spezifizeren, wie die APIs,die
sie bereitstellen, richtig benutzt werden. Wir haben einen Compiler für CrySL
implementiert, der es erlaubt auf CrySL-Spezifikationen aufbauenden Tool Support
zu entwickeln. Wir haben weiterhin die statische Analyse CogniCrypt_SAST und den
Code-Generator CogniCrypt_GEN entwickelt. Schlussendlich haben wir CogniCrypt
prototypisch implementiert und diesen Prototyp in einem kontrollierten Experiment
evaluiert.\r\n"
author:
- first_name: Stefan
full_name: Krüger, Stefan
last_name: Krüger
citation:
ama: Krüger S. CogniCrypt -- The Secure Integration of Cryptographic Software.
Universitaetsbibliothek Paderborn; 2020.
apa: Krüger, S. (2020). CogniCrypt -- The Secure Integration of Cryptographic
Software. Universitaetsbibliothek Paderborn.
bibtex: '@book{Krüger_2020, title={CogniCrypt -- The Secure Integration of Cryptographic
Software}, publisher={Universitaetsbibliothek Paderborn}, author={Krüger, Stefan},
year={2020} }'
chicago: Krüger, Stefan. CogniCrypt -- The Secure Integration of Cryptographic
Software. Universitaetsbibliothek Paderborn, 2020.
ieee: S. Krüger, CogniCrypt -- The Secure Integration of Cryptographic Software.
Universitaetsbibliothek Paderborn, 2020.
mla: Krüger, Stefan. CogniCrypt -- The Secure Integration of Cryptographic Software.
Universitaetsbibliothek Paderborn, 2020.
short: S. Krüger, CogniCrypt -- The Secure Integration of Cryptographic Software,
Universitaetsbibliothek Paderborn, 2020.
date_created: 2020-11-26T09:02:19Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: https://digital.ub.uni-paderborn.de/hs/document/preview/3500836
publisher: Universitaetsbibliothek Paderborn
status: public
supervisor:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
title: CogniCrypt -- The Secure Integration of Cryptographic Software
type: dissertation
user_id: '5786'
year: '2020'
...
---
_id: '20518'
author:
- first_name: Thorsten
full_name: Koch, Thorsten
id: '13616'
last_name: Koch
- first_name: Stefan
full_name: Dziwok, Stefan
id: '3901'
last_name: Dziwok
orcid: http://orcid.org/0000-0002-8679-6673
- first_name: Jörg
full_name: Holtmann, Jörg
id: '3875'
last_name: Holtmann
orcid: 0000-0001-6141-4571
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Koch T, Dziwok S, Holtmann J, Bodden E. Scenario-based Specification of Security
Protocols and Transformation to Security Model Checkers. In: ACM/IEEE 23rd
International Conference on Model Driven Engineering Languages and Systems (MODELS
’20). ACM; 2020. doi:10.1145/3365438.3410946'
apa: Koch, T., Dziwok, S., Holtmann, J., & Bodden, E. (2020). Scenario-based
Specification of Security Protocols and Transformation to Security Model Checkers.
ACM/IEEE 23rd International Conference on Model Driven Engineering Languages
and Systems (MODELS ’20). https://doi.org/10.1145/3365438.3410946
bibtex: '@inproceedings{Koch_Dziwok_Holtmann_Bodden_2020, title={Scenario-based
Specification of Security Protocols and Transformation to Security Model Checkers},
DOI={10.1145/3365438.3410946},
booktitle={ACM/IEEE 23rd International Conference on Model Driven Engineering
Languages and Systems (MODELS ’20)}, publisher={ACM}, author={Koch, Thorsten and
Dziwok, Stefan and Holtmann, Jörg and Bodden, Eric}, year={2020} }'
chicago: Koch, Thorsten, Stefan Dziwok, Jörg Holtmann, and Eric Bodden. “Scenario-Based
Specification of Security Protocols and Transformation to Security Model Checkers.”
In ACM/IEEE 23rd International Conference on Model Driven Engineering Languages
and Systems (MODELS ’20). ACM, 2020. https://doi.org/10.1145/3365438.3410946.
ieee: 'T. Koch, S. Dziwok, J. Holtmann, and E. Bodden, “Scenario-based Specification
of Security Protocols and Transformation to Security Model Checkers,” 2020, doi:
10.1145/3365438.3410946.'
mla: Koch, Thorsten, et al. “Scenario-Based Specification of Security Protocols
and Transformation to Security Model Checkers.” ACM/IEEE 23rd International
Conference on Model Driven Engineering Languages and Systems (MODELS ’20),
ACM, 2020, doi:10.1145/3365438.3410946.
short: 'T. Koch, S. Dziwok, J. Holtmann, E. Bodden, in: ACM/IEEE 23rd International
Conference on Model Driven Engineering Languages and Systems (MODELS ’20), ACM,
2020.'
date_created: 2020-11-26T10:19:54Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
- _id: '241'
- _id: '662'
doi: 10.1145/3365438.3410946
language:
- iso: eng
publication: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages
and Systems (MODELS ’20)
publisher: ACM
status: public
title: Scenario-based Specification of Security Protocols and Transformation to Security
Model Checkers
type: conference
user_id: '5786'
year: '2020'
...
---
_id: '20521'
author:
- first_name: Christopher
full_name: Gerking, Christopher
last_name: Gerking
citation:
ama: Gerking C. Model-Driven Information Flow Security Engineering for Cyber-Physical
Systems. Paderborn University; 2020. doi:10.17619/UNIPB/1-1033
apa: Gerking, C. (2020). Model-Driven Information Flow Security Engineering for
Cyber-Physical Systems. Paderborn University. https://doi.org/10.17619/UNIPB/1-1033
bibtex: '@book{Gerking_2020, title={Model-Driven Information Flow Security Engineering
for Cyber-Physical Systems}, DOI={10.17619/UNIPB/1-1033},
publisher={Paderborn University}, author={Gerking, Christopher}, year={2020} }'
chicago: Gerking, Christopher. Model-Driven Information Flow Security Engineering
for Cyber-Physical Systems. Paderborn University, 2020. https://doi.org/10.17619/UNIPB/1-1033.
ieee: C. Gerking, Model-Driven Information Flow Security Engineering for Cyber-Physical
Systems. Paderborn University, 2020.
mla: Gerking, Christopher. Model-Driven Information Flow Security Engineering
for Cyber-Physical Systems. Paderborn University, 2020, doi:10.17619/UNIPB/1-1033.
short: C. Gerking, Model-Driven Information Flow Security Engineering for Cyber-Physical
Systems, Paderborn University, 2020.
date_created: 2020-11-26T10:37:17Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.17619/UNIPB/1-1033
language:
- iso: eng
publisher: Paderborn University
status: public
supervisor:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
title: Model-Driven Information Flow Security Engineering for Cyber-Physical Systems
type: dissertation
user_id: '5786'
year: '2020'
...
---
_id: '20712'
author:
- first_name: Philipp
full_name: Schubert, Philipp
id: '60543'
last_name: Schubert
orcid: 0000-0002-8674-1859
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
citation:
ama: Schubert P, Bodden E, Hermann B. Accelerating Static Call-Graph, Points-to
and Data-Flow Analysis Through Persisted Summaries.; 2020.
apa: Schubert, P., Bodden, E., & Hermann, B. (2020). Accelerating Static
Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries.
bibtex: '@book{Schubert_Bodden_Hermann_2020, title={Accelerating Static Call-Graph,
Points-to and Data-Flow Analysis Through Persisted Summaries}, author={Schubert,
Philipp and Bodden, Eric and Hermann, Ben}, year={2020} }'
chicago: Schubert, Philipp, Eric Bodden, and Ben Hermann. Accelerating Static
Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries,
2020.
ieee: P. Schubert, E. Bodden, and B. Hermann, Accelerating Static Call-Graph,
Points-to and Data-Flow Analysis Through Persisted Summaries. 2020.
mla: Schubert, Philipp, et al. Accelerating Static Call-Graph, Points-to and
Data-Flow Analysis Through Persisted Summaries. 2020.
short: P. Schubert, E. Bodden, B. Hermann, Accelerating Static Call-Graph, Points-to
and Data-Flow Analysis Through Persisted Summaries, 2020.
date_created: 2020-12-14T07:44:11Z
date_updated: 2022-01-06T06:54:34Z
ddc:
- '000'
department:
- _id: '76'
file:
- access_level: closed
content_type: application/pdf
creator: pdschbrt
date_created: 2020-12-14T07:39:07Z
date_updated: 2020-12-14T07:39:07Z
file_id: '20713'
file_name: main.pdf
file_size: 683576
relation: main_file
success: 1
file_date_updated: 2020-12-14T07:39:07Z
has_accepted_license: '1'
language:
- iso: eng
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
status: public
title: Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted
Summaries
type: report
user_id: '477'
year: '2020'
...
---
_id: '20891'
abstract:
- lang: eng
text: "Today, software systems are rarely developed monolithically, but may be composed
of numerous individually developed features. Their modularization facilitates
independent development and verification. While feature-based strategies to verify
features in isolation have existed for years, they cannot address interactions
between features. The problem with feature interactions is that they are typically
unknown and may involve any subset of the features. Contrary, a family-based verification
strategy captures feature interactions, but does not scale well when features
evolve frequently. To the best of our knowledge, there currently exists no approach
with focus on evolving features that combines both strategies and aims at eliminating
their respective drawbacks. To fill this gap, we introduce Fefalution, a feature-family-based
verification approach based on abstract contracts to verify evolving features
and their interactions. Fefalution builds partial proofs for each evolving feature
and then reuses the resulting partial proofs in verifying feature interactions,
yielding a full verification of the complete software system. Moreover, to investigate
whether a combination of both strategies is fruitful, we present the first empirical
study for the verification of evolving features implemented by means of feature-oriented
programming and by comparing Fefalution with another five family-based approaches
varying in a set of optimizations. Our results indicate that partial proofs based
on abstract contracts exhibit huge reuse potential, but also come with a substantial
overhead for smaller evolution scenarios.\r\n"
author:
- first_name: Alexander
full_name: Knüppel, Alexander
last_name: Knüppel
- first_name: Stefan
full_name: Krüger, Stefan
last_name: Krüger
- first_name: Thomas
full_name: Thüm, Thomas
last_name: Thüm
- first_name: Richard
full_name: Bubel, Richard
last_name: Bubel
- first_name: Sebastian
full_name: Krieter, Sebastian
last_name: Krieter
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Ina
full_name: Schaefer, Ina
last_name: Schaefer
citation:
ama: 'Knüppel A, Krüger S, Thüm T, et al. Using Abstract Contracts for Verifying
Evolving Features and Their Interactions. In: Lecture Notes in Computer Science.
; 2020. doi:10.1007/978-3-030-64354-6_5'
apa: Knüppel, A., Krüger, S., Thüm, T., Bubel, R., Krieter, S., Bodden, E., &
Schaefer, I. (2020). Using Abstract Contracts for Verifying Evolving Features
and Their Interactions. In Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-030-64354-6_5
bibtex: '@inbook{Knüppel_Krüger_Thüm_Bubel_Krieter_Bodden_Schaefer_2020, place={Cham},
title={Using Abstract Contracts for Verifying Evolving Features and Their Interactions},
DOI={10.1007/978-3-030-64354-6_5},
booktitle={Lecture Notes in Computer Science}, author={Knüppel, Alexander and
Krüger, Stefan and Thüm, Thomas and Bubel, Richard and Krieter, Sebastian and
Bodden, Eric and Schaefer, Ina}, year={2020} }'
chicago: Knüppel, Alexander, Stefan Krüger, Thomas Thüm, Richard Bubel, Sebastian
Krieter, Eric Bodden, and Ina Schaefer. “Using Abstract Contracts for Verifying
Evolving Features and Their Interactions.” In Lecture Notes in Computer Science.
Cham, 2020. https://doi.org/10.1007/978-3-030-64354-6_5.
ieee: A. Knüppel et al., “Using Abstract Contracts for Verifying Evolving
Features and Their Interactions,” in Lecture Notes in Computer Science,
Cham, 2020.
mla: Knüppel, Alexander, et al. “Using Abstract Contracts for Verifying Evolving
Features and Their Interactions.” Lecture Notes in Computer Science, 2020,
doi:10.1007/978-3-030-64354-6_5.
short: 'A. Knüppel, S. Krüger, T. Thüm, R. Bubel, S. Krieter, E. Bodden, I. Schaefer,
in: Lecture Notes in Computer Science, Cham, 2020.'
date_created: 2021-01-11T09:15:41Z
date_updated: 2022-01-06T06:54:41Z
department:
- _id: '76'
doi: 10.1007/978-3-030-64354-6_5
language:
- iso: eng
place: Cham
publication: Lecture Notes in Computer Science
publication_identifier:
isbn:
- '9783030643539'
- '9783030643546'
issn:
- 0302-9743
- 1611-3349
publication_status: published
status: public
title: Using Abstract Contracts for Verifying Evolving Features and Their Interactions
type: book_chapter
user_id: '5786'
year: '2020'
...
---
_id: '23376'
author:
- first_name: Goran
full_name: Piskachev, Goran
last_name: Piskachev
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Oshando
full_name: Johnson, Oshando
last_name: Johnson
- first_name: Eric
full_name: Bodden, Eric
last_name: Bodden
citation:
ama: 'Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated
Detection of Code-Specific, Security-Relevant Methods. In: 2019 34th IEEE/ACM
International Conference on Automated Software Engineering (ASE). ; 2020.
doi:10.1109/ase.2019.00110'
apa: 'Piskachev, G., Nguyen Quang Do, L., Johnson, O., & Bodden, E. (2020).
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.
2019 34th IEEE/ACM International Conference on Automated Software Engineering
(ASE). https://doi.org/10.1109/ase.2019.00110'
bibtex: '@inproceedings{Piskachev_Nguyen Quang Do_Johnson_Bodden_2020, title={SWAN_ASSIST:
Semi-Automated Detection of Code-Specific, Security-Relevant Methods}, DOI={10.1109/ase.2019.00110}, booktitle={2019
34th IEEE/ACM International Conference on Automated Software Engineering (ASE)},
author={Piskachev, Goran and Nguyen Quang Do, Lisa and Johnson, Oshando and Bodden,
Eric}, year={2020} }'
chicago: 'Piskachev, Goran, Lisa Nguyen Quang Do, Oshando Johnson, and Eric Bodden.
“SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.”
In 2019 34th IEEE/ACM International Conference on Automated Software Engineering
(ASE), 2020. https://doi.org/10.1109/ase.2019.00110.'
ieee: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, and E. Bodden, “SWAN_ASSIST:
Semi-Automated Detection of Code-Specific, Security-Relevant Methods,” 2020, doi:
10.1109/ase.2019.00110.'
mla: 'Piskachev, Goran, et al. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific,
Security-Relevant Methods.” 2019 34th IEEE/ACM International Conference on
Automated Software Engineering (ASE), 2020, doi:10.1109/ase.2019.00110.'
short: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: 2019 34th IEEE/ACM
International Conference on Automated Software Engineering (ASE), 2020.'
date_created: 2021-08-09T12:03:30Z
date_updated: 2022-01-06T06:55:50Z
department:
- _id: '241'
- _id: '662'
- _id: '76'
doi: 10.1109/ase.2019.00110
language:
- iso: eng
publication: 2019 34th IEEE/ACM International Conference on Automated Software Engineering
(ASE)
publication_status: published
status: public
title: 'SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant
Methods'
type: conference
user_id: '5786'
year: '2020'
...
---
_id: '23377'
author:
- first_name: Goran
full_name: Piskachev, Goran
last_name: Piskachev
- first_name: Tobias
full_name: Petrasch, Tobias
last_name: Petrasch
- first_name: Johannes
full_name: Späth, Johannes
last_name: Späth
- first_name: Eric
full_name: Bodden, Eric
last_name: Bodden
citation:
ama: 'Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-State Analysis
for Access-Control Vulnerabilities. In: Lecture Notes in Computer Science.
; 2020. doi:10.1007/978-3-030-54997-8_34'
apa: 'Piskachev, G., Petrasch, T., Späth, J., & Bodden, E. (2020). AuthCheck:
Program-State Analysis for Access-Control Vulnerabilities. In Lecture Notes
in Computer Science. https://doi.org/10.1007/978-3-030-54997-8_34'
bibtex: '@inbook{Piskachev_Petrasch_Späth_Bodden_2020, place={Cham}, title={AuthCheck:
Program-State Analysis for Access-Control Vulnerabilities}, DOI={10.1007/978-3-030-54997-8_34},
booktitle={Lecture Notes in Computer Science}, author={Piskachev, Goran and Petrasch,
Tobias and Späth, Johannes and Bodden, Eric}, year={2020} }'
chicago: 'Piskachev, Goran, Tobias Petrasch, Johannes Späth, and Eric Bodden. “AuthCheck:
Program-State Analysis for Access-Control Vulnerabilities.” In Lecture Notes
in Computer Science. Cham, 2020. https://doi.org/10.1007/978-3-030-54997-8_34.'
ieee: 'G. Piskachev, T. Petrasch, J. Späth, and E. Bodden, “AuthCheck: Program-State
Analysis for Access-Control Vulnerabilities,” in Lecture Notes in Computer
Science, Cham, 2020.'
mla: 'Piskachev, Goran, et al. “AuthCheck: Program-State Analysis for Access-Control
Vulnerabilities.” Lecture Notes in Computer Science, 2020, doi:10.1007/978-3-030-54997-8_34.'
short: 'G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: Lecture Notes in Computer
Science, Cham, 2020.'
date_created: 2021-08-09T12:05:09Z
date_updated: 2022-01-06T06:55:50Z
department:
- _id: '241'
- _id: '662'
- _id: '76'
doi: 10.1007/978-3-030-54997-8_34
language:
- iso: eng
place: Cham
publication: Lecture Notes in Computer Science
publication_identifier:
issn:
- 0302-9743
- 1611-3349
publication_status: published
status: public
title: 'AuthCheck: Program-State Analysis for Access-Control Vulnerabilities'
type: book_chapter
user_id: '5786'
year: '2020'
...
---
_id: '20522'
author:
- first_name: Philipp
full_name: Holzinger, Philipp
last_name: Holzinger
citation:
ama: Holzinger P. A Systematic Analysis and Hardening of the Java Security Architecture.
Universität Paderborn; 2019.
apa: Holzinger, P. (2019). A Systematic Analysis and Hardening of the Java Security
Architecture. Universität Paderborn.
bibtex: '@book{Holzinger_2019, title={A Systematic Analysis and Hardening of the
Java Security Architecture}, publisher={Universität Paderborn}, author={Holzinger,
Philipp}, year={2019} }'
chicago: Holzinger, Philipp. A Systematic Analysis and Hardening of the Java
Security Architecture. Universität Paderborn, 2019.
ieee: P. Holzinger, A Systematic Analysis and Hardening of the Java Security
Architecture. Universität Paderborn, 2019.
mla: Holzinger, Philipp. A Systematic Analysis and Hardening of the Java Security
Architecture. Universität Paderborn, 2019.
short: P. Holzinger, A Systematic Analysis and Hardening of the Java Security Architecture,
Universität Paderborn, 2019.
date_created: 2020-11-26T10:44:52Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/phdHolzinger.pdf
publisher: Universität Paderborn
status: public
supervisor:
- first_name: Eric
full_name: Bodden, Eric
last_name: Bodden
title: A Systematic Analysis and Hardening of the Java Security Architecture
type: dissertation
user_id: '5786'
year: '2019'
...
---
_id: '20524'
author:
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
citation:
ama: Nguyen Quang Do L. User-Centered Tool Design for Data-Flow Analysis.
Universität Paderborn; 2019.
apa: Nguyen Quang Do, L. (2019). User-Centered Tool Design for Data-Flow Analysis.
Universität Paderborn.
bibtex: '@book{Nguyen Quang Do_2019, title={User-Centered Tool Design for Data-Flow
Analysis}, publisher={Universität Paderborn}, author={Nguyen Quang Do, Lisa},
year={2019} }'
chicago: Nguyen Quang Do, Lisa. User-Centered Tool Design for Data-Flow Analysis.
Universität Paderborn, 2019.
ieee: L. Nguyen Quang Do, User-Centered Tool Design for Data-Flow Analysis.
Universität Paderborn, 2019.
mla: Nguyen Quang Do, Lisa. User-Centered Tool Design for Data-Flow Analysis.
Universität Paderborn, 2019.
short: L. Nguyen Quang Do, User-Centered Tool Design for Data-Flow Analysis, Universität
Paderborn, 2019.
date_created: 2020-11-26T10:47:51Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
publisher: Universität Paderborn
status: public
supervisor:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
title: User-Centered Tool Design for Data-Flow Analysis
type: dissertation
user_id: '5786'
year: '2019'
...
---
_id: '20525'
author:
- first_name: Lars
full_name: Stockmann, Lars
id: '48144'
last_name: Stockmann
- first_name: Sven
full_name: Laux, Sven
last_name: Laux
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Stockmann L, Laux S, Bodden E. Architectural Runtime Verification. In: 2019
IEEE International Conference on Software Architecture Companion (ICSA-C).
; 2019:77-84. doi:10.1109/ICSA-C.2019.00021'
apa: Stockmann, L., Laux, S., & Bodden, E. (2019). Architectural Runtime Verification.
2019 IEEE International Conference on Software Architecture Companion (ICSA-C),
77–84. https://doi.org/10.1109/ICSA-C.2019.00021
bibtex: '@inproceedings{Stockmann_Laux_Bodden_2019, title={Architectural Runtime
Verification}, DOI={10.1109/ICSA-C.2019.00021},
booktitle={2019 IEEE International Conference on Software Architecture Companion
(ICSA-C)}, author={Stockmann, Lars and Laux, Sven and Bodden, Eric}, year={2019},
pages={77–84} }'
chicago: Stockmann, Lars, Sven Laux, and Eric Bodden. “Architectural Runtime Verification.”
In 2019 IEEE International Conference on Software Architecture Companion (ICSA-C),
77–84, 2019. https://doi.org/10.1109/ICSA-C.2019.00021.
ieee: 'L. Stockmann, S. Laux, and E. Bodden, “Architectural Runtime Verification,”
in 2019 IEEE International Conference on Software Architecture Companion (ICSA-C),
2019, pp. 77–84, doi: 10.1109/ICSA-C.2019.00021.'
mla: Stockmann, Lars, et al. “Architectural Runtime Verification.” 2019 IEEE
International Conference on Software Architecture Companion (ICSA-C), 2019,
pp. 77–84, doi:10.1109/ICSA-C.2019.00021.
short: 'L. Stockmann, S. Laux, E. Bodden, in: 2019 IEEE International Conference
on Software Architecture Companion (ICSA-C), 2019, pp. 77–84.'
date_created: 2020-11-27T10:16:59Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1109/ICSA-C.2019.00021
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/stockmann19architectural.pdf
page: 77-84
publication: 2019 IEEE International Conference on Software Architecture Companion
(ICSA-C)
status: public
title: Architectural Runtime Verification
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20527'
author:
- first_name: Mohammadreza
full_name: Hazhirpasand, Mohammadreza
last_name: Hazhirpasand
- first_name: Mohammad
full_name: Ghafari, Mohammad
last_name: Ghafari
- first_name: Stefan
full_name: Krüger, Stefan
last_name: Krüger
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Oskar
full_name: Nierstrasz, Oskar
last_name: Nierstrasz
citation:
ama: 'Hazhirpasand M, Ghafari M, Krüger S, Bodden E, Nierstrasz O. The Impact of
Developer Experience in Using Java Cryptography. In: 2019 ACM/IEEE International
Symposium on Empirical Software Engineering and Measurement (ESEM). ; 2019:1-6.
doi:10.1109/ESEM.2019.8870184'
apa: Hazhirpasand, M., Ghafari, M., Krüger, S., Bodden, E., & Nierstrasz, O.
(2019). The Impact of Developer Experience in Using Java Cryptography. 2019
ACM/IEEE International Symposium on Empirical Software Engineering and Measurement
(ESEM), 1–6. https://doi.org/10.1109/ESEM.2019.8870184
bibtex: '@inproceedings{Hazhirpasand_Ghafari_Krüger_Bodden_Nierstrasz_2019, title={The
Impact of Developer Experience in Using Java Cryptography}, DOI={10.1109/ESEM.2019.8870184},
booktitle={2019 ACM/IEEE International Symposium on Empirical Software Engineering
and Measurement (ESEM)}, author={Hazhirpasand, Mohammadreza and Ghafari, Mohammad
and Krüger, Stefan and Bodden, Eric and Nierstrasz, Oskar}, year={2019}, pages={1–6}
}'
chicago: Hazhirpasand, Mohammadreza, Mohammad Ghafari, Stefan Krüger, Eric Bodden,
and Oskar Nierstrasz. “The Impact of Developer Experience in Using Java Cryptography.”
In 2019 ACM/IEEE International Symposium on Empirical Software Engineering
and Measurement (ESEM), 1–6, 2019. https://doi.org/10.1109/ESEM.2019.8870184.
ieee: 'M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, and O. Nierstrasz, “The
Impact of Developer Experience in Using Java Cryptography,” in 2019 ACM/IEEE
International Symposium on Empirical Software Engineering and Measurement (ESEM),
2019, pp. 1–6, doi: 10.1109/ESEM.2019.8870184.'
mla: Hazhirpasand, Mohammadreza, et al. “The Impact of Developer Experience in Using
Java Cryptography.” 2019 ACM/IEEE International Symposium on Empirical Software
Engineering and Measurement (ESEM), 2019, pp. 1–6, doi:10.1109/ESEM.2019.8870184.
short: 'M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, O. Nierstrasz, in: 2019
ACM/IEEE International Symposium on Empirical Software Engineering and Measurement
(ESEM), 2019, pp. 1–6.'
date_created: 2020-11-27T10:20:37Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1109/ESEM.2019.8870184
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/hazhirpasand19impact.pdf
page: 1-6
publication: 2019 ACM/IEEE International Symposium on Empirical Software Engineering
and Measurement (ESEM)
publication_identifier:
issn:
- 1949-3770
status: public
title: The Impact of Developer Experience in Using Java Cryptography
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20528'
author:
- first_name: Goran
full_name: Piskachev, Goran
last_name: Piskachev
- first_name: Tobias
full_name: Petrasch, Tobias
last_name: Petrasch
- first_name: Johannes
full_name: Späth, Johannes
last_name: Späth
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-state Analysis
for Access-control Vulnerabilities. In: 10th Workshop on Tools for Automatic
Program Analysis (TAPAS). ; 2019.'
apa: 'Piskachev, G., Petrasch, T., Späth, J., & Bodden, E. (2019). AuthCheck:
Program-state Analysis for Access-control Vulnerabilities. 10th Workshop on
Tools for Automatic Program Analysis (TAPAS).'
bibtex: '@inproceedings{Piskachev_Petrasch_Späth_Bodden_2019, title={AuthCheck:
Program-state Analysis for Access-control Vulnerabilities}, booktitle={10th Workshop
on Tools for Automatic Program Analysis (TAPAS)}, author={Piskachev, Goran and
Petrasch, Tobias and Späth, Johannes and Bodden, Eric}, year={2019} }'
chicago: 'Piskachev, Goran, Tobias Petrasch, Johannes Späth, and Eric Bodden. “AuthCheck:
Program-State Analysis for Access-Control Vulnerabilities.” In 10th Workshop
on Tools for Automatic Program Analysis (TAPAS), 2019.'
ieee: 'G. Piskachev, T. Petrasch, J. Späth, and E. Bodden, “AuthCheck: Program-state
Analysis for Access-control Vulnerabilities,” 2019.'
mla: 'Piskachev, Goran, et al. “AuthCheck: Program-State Analysis for Access-Control
Vulnerabilities.” 10th Workshop on Tools for Automatic Program Analysis (TAPAS),
2019.'
short: 'G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: 10th Workshop on Tools
for Automatic Program Analysis (TAPAS), 2019.'
date_created: 2020-11-27T10:21:19Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
- _id: '241'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/piskachev19authcheck.pdf
publication: 10th Workshop on Tools for Automatic Program Analysis (TAPAS)
status: public
title: 'AuthCheck: Program-state Analysis for Access-control Vulnerabilities'
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20529'
author:
- first_name: Marcus
full_name: Nachtigall, Marcus
id: '41213'
last_name: Nachtigall
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Nachtigall M, Nguyen Quang Do L, Bodden E. Explaining Static Analysis -- A
Perspective. In: 1st International Workshop on Explainable Software (EXPLAIN)
at ASE. ; 2019.'
apa: Nachtigall, M., Nguyen Quang Do, L., & Bodden, E. (2019). Explaining Static
Analysis -- A Perspective. 1st International Workshop on Explainable Software
(EXPLAIN) at ASE.
bibtex: '@inproceedings{Nachtigall_Nguyen Quang Do_Bodden_2019, title={Explaining
Static Analysis -- A Perspective}, booktitle={1st International Workshop on Explainable
Software (EXPLAIN) at ASE}, author={Nachtigall, Marcus and Nguyen Quang Do, Lisa
and Bodden, Eric}, year={2019} }'
chicago: Nachtigall, Marcus, Lisa Nguyen Quang Do, and Eric Bodden. “Explaining
Static Analysis -- A Perspective.” In 1st International Workshop on Explainable
Software (EXPLAIN) at ASE, 2019.
ieee: M. Nachtigall, L. Nguyen Quang Do, and E. Bodden, “Explaining Static Analysis
-- A Perspective,” 2019.
mla: Nachtigall, Marcus, et al. “Explaining Static Analysis -- A Perspective.” 1st
International Workshop on Explainable Software (EXPLAIN) at ASE, 2019.
short: 'M. Nachtigall, L. Nguyen Quang Do, E. Bodden, in: 1st International Workshop
on Explainable Software (EXPLAIN) at ASE, 2019.'
date_created: 2020-11-27T10:22:38Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/nachtigall19explaining.pdf
publication: 1st International Workshop on Explainable Software (EXPLAIN) at ASE
status: public
title: Explaining Static Analysis -- A Perspective
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20531'
author:
- first_name: Linghui
full_name: Luo, Linghui
last_name: Luo
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Johannes
full_name: Späth, Johannes
last_name: Späth
citation:
ama: 'Luo L, Bodden E, Späth J. A Qualitative Analysis of Android Taint-Analysis
Results. In: IEEE/ACM International Conference on Automated Software Engineering
(ASE 2019). ; 2019.'
apa: Luo, L., Bodden, E., & Späth, J. (2019). A Qualitative Analysis of Android
Taint-Analysis Results. IEEE/ACM International Conference on Automated Software
Engineering (ASE 2019).
bibtex: '@inproceedings{Luo_Bodden_Späth_2019, title={A Qualitative Analysis of
Android Taint-Analysis Results}, booktitle={IEEE/ACM International Conference
on Automated Software Engineering (ASE 2019)}, author={Luo, Linghui and Bodden,
Eric and Späth, Johannes}, year={2019} }'
chicago: Luo, Linghui, Eric Bodden, and Johannes Späth. “A Qualitative Analysis
of Android Taint-Analysis Results.” In IEEE/ACM International Conference on
Automated Software Engineering (ASE 2019), 2019.
ieee: L. Luo, E. Bodden, and J. Späth, “A Qualitative Analysis of Android Taint-Analysis
Results,” 2019.
mla: Luo, Linghui, et al. “A Qualitative Analysis of Android Taint-Analysis Results.”
IEEE/ACM International Conference on Automated Software Engineering (ASE 2019),
2019.
short: 'L. Luo, E. Bodden, J. Späth, in: IEEE/ACM International Conference on Automated
Software Engineering (ASE 2019), 2019.'
date_created: 2020-11-27T10:25:40Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/ase19qualitative.pdf
publication: IEEE/ACM International Conference on Automated Software Engineering (ASE
2019)
status: public
title: A Qualitative Analysis of Android Taint-Analysis Results
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20532'
author:
- first_name: Goran
full_name: Piskachev, Goran
last_name: Piskachev
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Oshando
full_name: Johnson, Oshando
last_name: Johnson
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated
Detection of Code-Specific, Security-Relevant Methods. In: IEEE/ACM International
Conference on Automated Software Engineering (ASE 2019), Tool Demo Track.
; 2019.'
apa: 'Piskachev, G., Nguyen Quang Do, L., Johnson, O., & Bodden, E. (2019).
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.
IEEE/ACM International Conference on Automated Software Engineering (ASE 2019),
Tool Demo Track.'
bibtex: '@inproceedings{Piskachev_Nguyen Quang Do_Johnson_Bodden_2019, title={SWAN_ASSIST:
Semi-Automated Detection of Code-Specific, Security-Relevant Methods}, booktitle={IEEE/ACM
International Conference on Automated Software Engineering (ASE 2019), Tool Demo
Track}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Johnson, Oshando
and Bodden, Eric}, year={2019} }'
chicago: 'Piskachev, Goran, Lisa Nguyen Quang Do, Oshando Johnson, and Eric Bodden.
“SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.”
In IEEE/ACM International Conference on Automated Software Engineering (ASE
2019), Tool Demo Track, 2019.'
ieee: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, and E. Bodden, “SWAN_ASSIST:
Semi-Automated Detection of Code-Specific, Security-Relevant Methods,” 2019.'
mla: 'Piskachev, Goran, et al. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific,
Security-Relevant Methods.” IEEE/ACM International Conference on Automated
Software Engineering (ASE 2019), Tool Demo Track, 2019.'
short: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: IEEE/ACM International
Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.'
date_created: 2020-11-27T10:37:17Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/ase19swanAssist.pdf
publication: IEEE/ACM International Conference on Automated Software Engineering (ASE
2019), Tool Demo Track
status: public
title: 'SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant
Methods'
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20533'
author:
- first_name: Stefan
full_name: Krüger, Stefan
last_name: Krüger
- first_name: Johannes
full_name: Späth, Johannes
last_name: Späth
- first_name: Karim
full_name: Ali, Karim
last_name: Ali
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Mira
full_name: Mezini, Mira
last_name: Mezini
citation:
ama: 'Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: An Extensible Approach
to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on
Software Engineering. Published online 2019:1-1. doi:10.1109/TSE.2019.2948910'
apa: 'Krüger, S., Späth, J., Ali, K., Bodden, E., & Mezini, M. (2019). CrySL:
An Extensible Approach to Validating the Correct Usage of Cryptographic APIs.
IEEE Transactions on Software Engineering, 1–1. https://doi.org/10.1109/TSE.2019.2948910'
bibtex: '@article{Krüger_Späth_Ali_Bodden_Mezini_2019, title={CrySL: An Extensible
Approach to Validating the Correct Usage of Cryptographic APIs}, DOI={10.1109/TSE.2019.2948910},
journal={IEEE Transactions on Software Engineering}, author={Krüger, Stefan and
Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2019},
pages={1–1} }'
chicago: 'Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini.
“CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic
APIs.” IEEE Transactions on Software Engineering, 2019, 1–1. https://doi.org/10.1109/TSE.2019.2948910.'
ieee: 'S. Krüger, J. Späth, K. Ali, E. Bodden, and M. Mezini, “CrySL: An Extensible
Approach to Validating the Correct Usage of Cryptographic APIs,” IEEE Transactions
on Software Engineering, pp. 1–1, 2019, doi: 10.1109/TSE.2019.2948910.'
mla: 'Krüger, Stefan, et al. “CrySL: An Extensible Approach to Validating the Correct
Usage of Cryptographic APIs.” IEEE Transactions on Software Engineering,
2019, pp. 1–1, doi:10.1109/TSE.2019.2948910.'
short: S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, IEEE Transactions on Software
Engineering (2019) 1–1.
date_created: 2020-11-27T10:48:38Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1109/TSE.2019.2948910
keyword:
- Java
- Encryption
- Static analysis
- Tools
- Ciphers
- Semantics
- cryptography
- domain-specific language
- static analysis
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/tse19CrySL.pdf
page: 1-1
publication: IEEE Transactions on Software Engineering
publication_identifier:
issn:
- 2326-3881
status: public
title: 'CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic
APIs'
type: journal_article
user_id: '5786'
year: '2019'
...
---
_id: '20534'
author:
- first_name: Goran
full_name: Piskachev, Goran
last_name: Piskachev
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Piskachev G, Nguyen Quang Do L, Bodden E. Codebase-Adaptive Detection of Security-Relevant
Methods. In: ACM SIGSOFT International Symposium on Software Testing and Analysis
(ISSTA). ; 2019.'
apa: Piskachev, G., Nguyen Quang Do, L., & Bodden, E. (2019). Codebase-Adaptive
Detection of Security-Relevant Methods. ACM SIGSOFT International Symposium
on Software Testing and Analysis (ISSTA).
bibtex: '@inproceedings{Piskachev_Nguyen Quang Do_Bodden_2019, title={Codebase-Adaptive
Detection of Security-Relevant Methods}, booktitle={ACM SIGSOFT International
Symposium on Software Testing and Analysis (ISSTA)}, author={Piskachev, Goran
and Nguyen Quang Do, Lisa and Bodden, Eric}, year={2019} }'
chicago: Piskachev, Goran, Lisa Nguyen Quang Do, and Eric Bodden. “Codebase-Adaptive
Detection of Security-Relevant Methods.” In ACM SIGSOFT International Symposium
on Software Testing and Analysis (ISSTA), 2019.
ieee: G. Piskachev, L. Nguyen Quang Do, and E. Bodden, “Codebase-Adaptive Detection
of Security-Relevant Methods,” 2019.
mla: Piskachev, Goran, et al. “Codebase-Adaptive Detection of Security-Relevant
Methods.” ACM SIGSOFT International Symposium on Software Testing and Analysis
(ISSTA), 2019.
short: 'G. Piskachev, L. Nguyen Quang Do, E. Bodden, in: ACM SIGSOFT International
Symposium on Software Testing and Analysis (ISSTA), 2019.'
date_created: 2020-11-27T10:49:33Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/issta19swan.pdf
publication: ACM SIGSOFT International Symposium on Software Testing and Analysis
(ISSTA)
status: public
title: Codebase-Adaptive Detection of Security-Relevant Methods
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20535'
author:
- first_name: Linghui
full_name: Luo, Linghui
last_name: Luo
- first_name: Julian
full_name: Dolby, Julian
last_name: Dolby
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Luo L, Dolby J, Bodden E. MagpieBridge: A General Approach to Integrating
Static Analyses into IDEs and Editors. In: European Conference on Object-Oriented
Programming (ECOOP). ; 2019.'
apa: 'Luo, L., Dolby, J., & Bodden, E. (2019). MagpieBridge: A General Approach
to Integrating Static Analyses into IDEs and Editors. European Conference on
Object-Oriented Programming (ECOOP).'
bibtex: '@inproceedings{Luo_Dolby_Bodden_2019, title={MagpieBridge: A General Approach
to Integrating Static Analyses into IDEs and Editors}, booktitle={European Conference
on Object-Oriented Programming (ECOOP)}, author={Luo, Linghui and Dolby, Julian
and Bodden, Eric}, year={2019} }'
chicago: 'Luo, Linghui, Julian Dolby, and Eric Bodden. “MagpieBridge: A General
Approach to Integrating Static Analyses into IDEs and Editors.” In European
Conference on Object-Oriented Programming (ECOOP), 2019.'
ieee: 'L. Luo, J. Dolby, and E. Bodden, “MagpieBridge: A General Approach to Integrating
Static Analyses into IDEs and Editors,” 2019.'
mla: 'Luo, Linghui, et al. “MagpieBridge: A General Approach to Integrating Static
Analyses into IDEs and Editors.” European Conference on Object-Oriented Programming
(ECOOP), 2019.'
short: 'L. Luo, J. Dolby, E. Bodden, in: European Conference on Object-Oriented
Programming (ECOOP), 2019.'
date_created: 2020-11-27T10:50:07Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/ldb19magpiebridge.pdf
publication: European Conference on Object-Oriented Programming (ECOOP)
status: public
title: 'MagpieBridge: A General Approach to Integrating Static Analyses into IDEs
and Editors'
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20536'
author:
- first_name: Johannes
full_name: Späth, Johannes
last_name: Späth
citation:
ama: Späth J. Synchronized Pushdown Systems for Pointer and Data-Flow Analysis.
Universität Paderborn; 2019.
apa: Späth, J. (2019). Synchronized Pushdown Systems for Pointer and Data-Flow
Analysis. Universität Paderborn.
bibtex: '@book{Späth_2019, title={Synchronized Pushdown Systems for Pointer and
Data-Flow Analysis}, publisher={Universität Paderborn}, author={Späth, Johannes},
year={2019} }'
chicago: Späth, Johannes. Synchronized Pushdown Systems for Pointer and Data-Flow
Analysis. Universität Paderborn, 2019.
ieee: J. Späth, Synchronized Pushdown Systems for Pointer and Data-Flow Analysis.
Universität Paderborn, 2019.
mla: Späth, Johannes. Synchronized Pushdown Systems for Pointer and Data-Flow
Analysis. Universität Paderborn, 2019.
short: J. Späth, Synchronized Pushdown Systems for Pointer and Data-Flow Analysis,
Universität Paderborn, 2019.
date_created: 2020-11-27T10:50:55Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/phdSpaeth.pdf
publisher: Universität Paderborn
status: public
supervisor:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
title: Synchronized Pushdown Systems for Pointer and Data-Flow Analysis
type: dissertation
user_id: '5786'
year: '2019'
...
---
_id: '20537'
author:
- first_name: Goran
full_name: Piskachev, Goran
last_name: Piskachev
- first_name: Lisa
full_name: Nguyen, Lisa
last_name: Nguyen
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: Piskachev G, Nguyen L, Bodden E. Codebase-Adaptive Detection of Security-Relevant
Methods.; 2019.
apa: Piskachev, G., Nguyen, L., & Bodden, E. (2019). Codebase-Adaptive Detection
of Security-Relevant Methods.
bibtex: '@book{Piskachev_Nguyen_Bodden_2019, title={Codebase-Adaptive Detection
of Security-Relevant Methods}, author={Piskachev, Goran and Nguyen, Lisa and Bodden,
Eric}, year={2019} }'
chicago: Piskachev, Goran, Lisa Nguyen, and Eric Bodden. Codebase-Adaptive Detection
of Security-Relevant Methods, 2019.
ieee: G. Piskachev, L. Nguyen, and E. Bodden, Codebase-Adaptive Detection of
Security-Relevant Methods. 2019.
mla: Piskachev, Goran, et al. Codebase-Adaptive Detection of Security-Relevant
Methods. 2019.
short: G. Piskachev, L. Nguyen, E. Bodden, Codebase-Adaptive Detection of Security-Relevant
Methods, 2019.
date_created: 2020-11-27T10:51:53Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
status: public
title: Codebase-Adaptive Detection of Security-Relevant Methods
type: report
user_id: '5786'
year: '2019'
...
---
_id: '20538'
author:
- first_name: Sigmund
full_name: Albert Gorski Iii, Sigmund
last_name: Albert Gorski Iii
- first_name: Benjamin
full_name: Andow, Benjamin
last_name: Andow
- first_name: Adwait
full_name: Nadkarni, Adwait
last_name: Nadkarni
- first_name: Sunil
full_name: Manandhar, Sunil
last_name: Manandhar
- first_name: William
full_name: Enck, William
last_name: Enck
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Alexandre
full_name: Bartel, Alexandre
last_name: Bartel
citation:
ama: 'Albert Gorski Iii S, Andow B, Nadkarni A, et al. ACMiner: Extraction and Analysis
of Authorization Checks in Android’s Middleware. In: ACM Conference on Data
and Application Security and Privacy (CODASPY 2019). ; 2019.'
apa: 'Albert Gorski Iii, S., Andow, B., Nadkarni, A., Manandhar, S., Enck, W., Bodden,
E., & Bartel, A. (2019). ACMiner: Extraction and Analysis of Authorization
Checks in Android’s Middleware. ACM Conference on Data and Application Security
and Privacy (CODASPY 2019).'
bibtex: '@inproceedings{Albert Gorski Iii_Andow_Nadkarni_Manandhar_Enck_Bodden_Bartel_2019,
title={ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware},
booktitle={ACM Conference on Data and Application Security and Privacy (CODASPY
2019)}, author={Albert Gorski Iii, Sigmund and Andow, Benjamin and Nadkarni, Adwait
and Manandhar, Sunil and Enck, William and Bodden, Eric and Bartel, Alexandre},
year={2019} }'
chicago: 'Albert Gorski Iii, Sigmund, Benjamin Andow, Adwait Nadkarni, Sunil Manandhar,
William Enck, Eric Bodden, and Alexandre Bartel. “ACMiner: Extraction and Analysis
of Authorization Checks in Android’s Middleware.” In ACM Conference on Data
and Application Security and Privacy (CODASPY 2019), 2019.'
ieee: 'S. Albert Gorski Iii et al., “ACMiner: Extraction and Analysis of
Authorization Checks in Android’s Middleware,” 2019.'
mla: 'Albert Gorski Iii, Sigmund, et al. “ACMiner: Extraction and Analysis of Authorization
Checks in Android’s Middleware.” ACM Conference on Data and Application Security
and Privacy (CODASPY 2019), 2019.'
short: 'S. Albert Gorski Iii, B. Andow, A. Nadkarni, S. Manandhar, W. Enck, E. Bodden,
A. Bartel, in: ACM Conference on Data and Application Security and Privacy (CODASPY
2019), 2019.'
date_created: 2020-11-27T10:52:59Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
keyword:
- ITSECWEBSITE
- CROSSING
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/gan19acminer.pdf
publication: ACM Conference on Data and Application Security and Privacy (CODASPY
2019)
status: public
title: 'ACMiner: Extraction and Analysis of Authorization Checks in Android''s Middleware'
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '20539'
author:
- first_name: Johannes
full_name: Späth, Johannes
last_name: Späth
- first_name: Karim
full_name: Ali, Karim
last_name: Ali
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: Späth J, Ali K, Bodden E. Context-, Flow-, and Field-sensitive Data-flow Analysis
Using Synchronized Pushdown Systems. Proceedings of the ACM SIGPLAN Symposium
on Principles of Programming Languages. 2019;3(POPL):48:1-48:29. doi:10.1145/3290361
apa: Späth, J., Ali, K., & Bodden, E. (2019). Context-, Flow-, and Field-sensitive
Data-flow Analysis Using Synchronized Pushdown Systems. Proceedings of the
ACM SIGPLAN Symposium on Principles of Programming Languages, 3(POPL),
48:1-48:29. https://doi.org/10.1145/3290361
bibtex: '@article{Späth_Ali_Bodden_2019, title={Context-, Flow-, and Field-sensitive
Data-flow Analysis Using Synchronized Pushdown Systems}, volume={3}, DOI={10.1145/3290361},
number={POPL}, journal={Proceedings of the ACM SIGPLAN Symposium on Principles
of Programming Languages}, publisher={ACM}, author={Späth, Johannes and Ali, Karim
and Bodden, Eric}, year={2019}, pages={48:1-48:29} }'
chicago: 'Späth, Johannes, Karim Ali, and Eric Bodden. “Context-, Flow-, and Field-Sensitive
Data-Flow Analysis Using Synchronized Pushdown Systems.” Proceedings of the
ACM SIGPLAN Symposium on Principles of Programming Languages 3, no. POPL (2019):
48:1-48:29. https://doi.org/10.1145/3290361.'
ieee: 'J. Späth, K. Ali, and E. Bodden, “Context-, Flow-, and Field-sensitive Data-flow
Analysis Using Synchronized Pushdown Systems,” Proceedings of the ACM SIGPLAN
Symposium on Principles of Programming Languages, vol. 3, no. POPL, p. 48:1-48:29,
2019, doi: 10.1145/3290361.'
mla: Späth, Johannes, et al. “Context-, Flow-, and Field-Sensitive Data-Flow Analysis
Using Synchronized Pushdown Systems.” Proceedings of the ACM SIGPLAN Symposium
on Principles of Programming Languages, vol. 3, no. POPL, ACM, 2019, p. 48:1-48:29,
doi:10.1145/3290361.
short: J. Späth, K. Ali, E. Bodden, Proceedings of the ACM SIGPLAN Symposium on
Principles of Programming Languages 3 (2019) 48:1-48:29.
date_created: 2020-11-27T10:53:57Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1145/3290361
intvolume: ' 3'
issue: POPL
keyword:
- ATTRACT
- ITSECWEBSITE
- CROSSING
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/sab19context.pdf
page: 48:1-48:29
publication: Proceedings of the ACM SIGPLAN Symposium on Principles of Programming
Languages
publication_identifier:
issn:
- 2475-1421
publisher: ACM
status: public
title: Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized
Pushdown Systems
type: journal_article
user_id: '5786'
volume: 3
year: '2019'
...
---
_id: '20759'
author:
- first_name: Christopher
full_name: Gerking, Christopher
last_name: Gerking
- first_name: David
full_name: Schubert, David
id: '9106'
last_name: Schubert
citation:
ama: 'Gerking C, Schubert D. Component-Based Refinement and Verification of Information-Flow
Security Policies for Cyber-Physical Microservice Architectures. In: International
Conference on Software Architecture (ICSA 2019). ; 2019.'
apa: Gerking, C., & Schubert, D. (2019). Component-Based Refinement and Verification
of Information-Flow Security Policies for Cyber-Physical Microservice Architectures.
International Conference on Software Architecture (ICSA 2019).
bibtex: '@inproceedings{Gerking_Schubert_2019, title={Component-Based Refinement
and Verification of Information-Flow Security Policies for Cyber-Physical Microservice
Architectures}, booktitle={International Conference on Software Architecture (ICSA
2019)}, author={Gerking, Christopher and Schubert, David}, year={2019} }'
chicago: Gerking, Christopher, and David Schubert. “Component-Based Refinement and
Verification of Information-Flow Security Policies for Cyber-Physical Microservice
Architectures.” In International Conference on Software Architecture (ICSA
2019), 2019.
ieee: C. Gerking and D. Schubert, “Component-Based Refinement and Verification of
Information-Flow Security Policies for Cyber-Physical Microservice Architectures,”
2019.
mla: Gerking, Christopher, and David Schubert. “Component-Based Refinement and Verification
of Information-Flow Security Policies for Cyber-Physical Microservice Architectures.”
International Conference on Software Architecture (ICSA 2019), 2019.
short: 'C. Gerking, D. Schubert, in: International Conference on Software Architecture
(ICSA 2019), 2019.'
date_created: 2020-12-16T14:03:44Z
date_updated: 2022-01-06T06:54:36Z
department:
- _id: '76'
- _id: '241'
language:
- iso: eng
publication: International Conference on Software Architecture (ICSA 2019)
status: public
title: Component-Based Refinement and Verification of Information-Flow Security Policies
for Cyber-Physical Microservice Architectures
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '23378'
author:
- first_name: Goran
full_name: Piskachev, Goran
last_name: Piskachev
- first_name: Lisa Nguyen Quang
full_name: Do, Lisa Nguyen Quang
last_name: Do
- first_name: Eric
full_name: Bodden, Eric
last_name: Bodden
citation:
ama: 'Piskachev G, Do LNQ, Bodden E. Codebase-adaptive detection of security-relevant
methods. In: Proceedings of the 28th ACM SIGSOFT International Symposium on
Software Testing and Analysis. ; 2019. doi:10.1145/3293882.3330556'
apa: Piskachev, G., Do, L. N. Q., & Bodden, E. (2019). Codebase-adaptive detection
of security-relevant methods. Proceedings of the 28th ACM SIGSOFT International
Symposium on Software Testing and Analysis. https://doi.org/10.1145/3293882.3330556
bibtex: '@inproceedings{Piskachev_Do_Bodden_2019, title={Codebase-adaptive detection
of security-relevant methods}, DOI={10.1145/3293882.3330556},
booktitle={Proceedings of the 28th ACM SIGSOFT International Symposium on Software
Testing and Analysis}, author={Piskachev, Goran and Do, Lisa Nguyen Quang and
Bodden, Eric}, year={2019} }'
chicago: Piskachev, Goran, Lisa Nguyen Quang Do, and Eric Bodden. “Codebase-Adaptive
Detection of Security-Relevant Methods.” In Proceedings of the 28th ACM SIGSOFT
International Symposium on Software Testing and Analysis, 2019. https://doi.org/10.1145/3293882.3330556.
ieee: 'G. Piskachev, L. N. Q. Do, and E. Bodden, “Codebase-adaptive detection of
security-relevant methods,” 2019, doi: 10.1145/3293882.3330556.'
mla: Piskachev, Goran, et al. “Codebase-Adaptive Detection of Security-Relevant
Methods.” Proceedings of the 28th ACM SIGSOFT International Symposium on Software
Testing and Analysis, 2019, doi:10.1145/3293882.3330556.
short: 'G. Piskachev, L.N.Q. Do, E. Bodden, in: Proceedings of the 28th ACM SIGSOFT
International Symposium on Software Testing and Analysis, 2019.'
date_created: 2021-08-09T12:06:52Z
date_updated: 2022-01-06T06:55:50Z
department:
- _id: '241'
- _id: '662'
- _id: '76'
doi: 10.1145/3293882.3330556
language:
- iso: eng
publication: Proceedings of the 28th ACM SIGSOFT International Symposium on Software
Testing and Analysis
publication_status: published
status: public
title: Codebase-adaptive detection of security-relevant methods
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '7628'
author:
- first_name: Nils
full_name: Selbach, Nils
last_name: Selbach
citation:
ama: Selbach N. Modeling Crypto API Usages in OpenSSL’s EVP Library. Universität
Paderborn; 2019.
apa: Selbach, N. (2019). Modeling Crypto API usages in OpenSSL’s EVP library.
Universität Paderborn.
bibtex: '@book{Selbach_2019, title={Modeling Crypto API usages in OpenSSL’s EVP
library}, publisher={Universität Paderborn}, author={Selbach, Nils}, year={2019}
}'
chicago: Selbach, Nils. Modeling Crypto API Usages in OpenSSL’s EVP Library.
Universität Paderborn, 2019.
ieee: N. Selbach, Modeling Crypto API usages in OpenSSL’s EVP library. Universität
Paderborn, 2019.
mla: Selbach, Nils. Modeling Crypto API Usages in OpenSSL’s EVP Library.
Universität Paderborn, 2019.
short: N. Selbach, Modeling Crypto API Usages in OpenSSL’s EVP Library, Universität
Paderborn, 2019.
date_created: 2019-02-12T07:28:12Z
date_updated: 2022-01-06T07:03:41Z
department:
- _id: '76'
language:
- iso: eng
project:
- _id: '12'
name: SFB 901 - Subproject B4
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
publisher: Universität Paderborn
status: public
supervisor:
- first_name: Philipp
full_name: Schubert, Philipp
id: '60543'
last_name: Schubert
orcid: 0000-0002-8674-1859
title: Modeling Crypto API usages in OpenSSL's EVP library
type: bachelorsthesis
user_id: '477'
year: '2019'
...
---
_id: '14896'
author:
- first_name: Andreas
full_name: Dann, Andreas
last_name: Dann
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Dann A, Hermann B, Bodden E. ModGuard: Identifying Integrity &Confidentiality
Violations in Java Modules. IEEE Transactions on Software Engineering.
Published online 2019:1-1. doi:10.1109/tse.2019.2931331'
apa: 'Dann, A., Hermann, B., & Bodden, E. (2019). ModGuard: Identifying Integrity
&Confidentiality Violations in Java Modules. IEEE Transactions on Software
Engineering, 1–1. https://doi.org/10.1109/tse.2019.2931331'
bibtex: '@article{Dann_Hermann_Bodden_2019, title={ModGuard: Identifying Integrity
&Confidentiality Violations in Java Modules}, DOI={10.1109/tse.2019.2931331},
journal={IEEE Transactions on Software Engineering}, author={Dann, Andreas and
Hermann, Ben and Bodden, Eric}, year={2019}, pages={1–1} }'
chicago: 'Dann, Andreas, Ben Hermann, and Eric Bodden. “ModGuard: Identifying Integrity
&Confidentiality Violations in Java Modules.” IEEE Transactions on Software
Engineering, 2019, 1–1. https://doi.org/10.1109/tse.2019.2931331.'
ieee: 'A. Dann, B. Hermann, and E. Bodden, “ModGuard: Identifying Integrity &Confidentiality
Violations in Java Modules,” IEEE Transactions on Software Engineering,
pp. 1–1, 2019, doi: 10.1109/tse.2019.2931331.'
mla: 'Dann, Andreas, et al. “ModGuard: Identifying Integrity &Confidentiality
Violations in Java Modules.” IEEE Transactions on Software Engineering,
2019, pp. 1–1, doi:10.1109/tse.2019.2931331.'
short: A. Dann, B. Hermann, E. Bodden, IEEE Transactions on Software Engineering
(2019) 1–1.
date_created: 2019-11-12T12:20:56Z
date_updated: 2022-01-06T06:52:10Z
department:
- _id: '76'
- _id: '34'
- _id: '26'
doi: 10.1109/tse.2019.2931331
language:
- iso: eng
page: 1-1
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: IEEE Transactions on Software Engineering
publication_identifier:
issn:
- 0098-5589
- 1939-3520
- 2326-3881
publication_status: published
status: public
title: 'ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules'
type: journal_article
user_id: '5786'
year: '2019'
...
---
_id: '14897'
author:
- first_name: Andreas
full_name: Dann, Andreas
last_name: Dann
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Dann A, Hermann B, Bodden E. SootDiff: bytecode comparison across different
Java compilers. In: Proceedings of the 8th ACM SIGPLAN International Workshop
on State Of the Art in Program Analysis - SOAP 2019. ; 2019. doi:10.1145/3315568.3329966'
apa: 'Dann, A., Hermann, B., & Bodden, E. (2019). SootDiff: bytecode comparison
across different Java compilers. Proceedings of the 8th ACM SIGPLAN International
Workshop on State Of the Art in Program Analysis - SOAP 2019. https://doi.org/10.1145/3315568.3329966'
bibtex: '@inproceedings{Dann_Hermann_Bodden_2019, title={SootDiff: bytecode comparison
across different Java compilers}, DOI={10.1145/3315568.3329966},
booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State
Of the Art in Program Analysis - SOAP 2019}, author={Dann, Andreas and Hermann,
Ben and Bodden, Eric}, year={2019} }'
chicago: 'Dann, Andreas, Ben Hermann, and Eric Bodden. “SootDiff: Bytecode Comparison
across Different Java Compilers.” In Proceedings of the 8th ACM SIGPLAN International
Workshop on State Of the Art in Program Analysis - SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329966.'
ieee: 'A. Dann, B. Hermann, and E. Bodden, “SootDiff: bytecode comparison across
different Java compilers,” 2019, doi: 10.1145/3315568.3329966.'
mla: 'Dann, Andreas, et al. “SootDiff: Bytecode Comparison across Different Java
Compilers.” Proceedings of the 8th ACM SIGPLAN International Workshop on State
Of the Art in Program Analysis - SOAP 2019, 2019, doi:10.1145/3315568.3329966.'
short: 'A. Dann, B. Hermann, E. Bodden, in: Proceedings of the 8th ACM SIGPLAN International
Workshop on State Of the Art in Program Analysis - SOAP 2019, 2019.'
date_created: 2019-11-12T12:21:11Z
date_updated: 2022-01-06T06:52:10Z
department:
- _id: '76'
- _id: '34'
- _id: '26'
doi: 10.1145/3315568.3329966
language:
- iso: eng
main_file_link:
- url: https://thewhitespace.de/publications/dhb19-sootdiff.pdf
publication: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of
the Art in Program Analysis - SOAP 2019
publication_identifier:
isbn:
- '9781450367202'
publication_status: published
status: public
title: 'SootDiff: bytecode comparison across different Java compilers'
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '14899'
author:
- first_name: Stefan
full_name: Kruger, Stefan
last_name: Kruger
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
citation:
ama: 'Kruger S, Hermann B. Can an Online Service Predict Gender? On the State-of-the-Art
in Gender Identification from Texts. In: 2019 IEEE/ACM 2nd International Workshop
on Gender Equality in Software Engineering (GE). ; 2019. doi:10.1109/ge.2019.00012'
apa: Kruger, S., & Hermann, B. (2019). Can an Online Service Predict Gender?
On the State-of-the-Art in Gender Identification from Texts. 2019 IEEE/ACM
2nd International Workshop on Gender Equality in Software Engineering (GE).
https://doi.org/10.1109/ge.2019.00012
bibtex: '@inproceedings{Kruger_Hermann_2019, title={Can an Online Service Predict
Gender? On the State-of-the-Art in Gender Identification from Texts}, DOI={10.1109/ge.2019.00012}, booktitle={2019
IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering
(GE)}, author={Kruger, Stefan and Hermann, Ben}, year={2019} }'
chicago: Kruger, Stefan, and Ben Hermann. “Can an Online Service Predict Gender?
On the State-of-the-Art in Gender Identification from Texts.” In 2019 IEEE/ACM
2nd International Workshop on Gender Equality in Software Engineering (GE),
2019. https://doi.org/10.1109/ge.2019.00012.
ieee: 'S. Kruger and B. Hermann, “Can an Online Service Predict Gender? On the State-of-the-Art
in Gender Identification from Texts,” 2019, doi: 10.1109/ge.2019.00012.'
mla: Kruger, Stefan, and Ben Hermann. “Can an Online Service Predict Gender? On
the State-of-the-Art in Gender Identification from Texts.” 2019 IEEE/ACM 2nd
International Workshop on Gender Equality in Software Engineering (GE), 2019,
doi:10.1109/ge.2019.00012.
short: 'S. Kruger, B. Hermann, in: 2019 IEEE/ACM 2nd International Workshop on Gender
Equality in Software Engineering (GE), 2019.'
date_created: 2019-11-12T12:22:48Z
date_updated: 2022-01-06T06:52:10Z
department:
- _id: '76'
- _id: '34'
- _id: '26'
doi: 10.1109/ge.2019.00012
language:
- iso: eng
publication: 2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software
Engineering (GE)
publication_identifier:
isbn:
- '9781728122458'
publication_status: published
status: public
title: Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification
from Texts
type: conference
user_id: '5786'
year: '2019'
...
---
_id: '7626'
author:
- first_name: Philipp
full_name: Schubert, Philipp
id: '60543'
last_name: Schubert
orcid: 0000-0002-8674-1859
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Schubert P, Hermann B, Bodden E. PhASAR: An Inter-Procedural Static Analysis
Framework for C/C++. In: Proceedings of the 25th International Conference on
Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019),
Held as Part of the European Joint Conferences on Theory and Practice of Software
(ETAPS 2019). Vol II. ; 2019:393-410. doi:10.1007/978-3-030-17465-1_22'
apa: 'Schubert, P., Hermann, B., & Bodden, E. (2019). PhASAR: An Inter-Procedural
Static Analysis Framework for C/C++. Proceedings of the 25th International
Conference on Tools and Algorithms for the Construction and Analysis of Systems
(TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice
of Software (ETAPS 2019), II, 393–410. https://doi.org/10.1007/978-3-030-17465-1_22'
bibtex: '@inproceedings{Schubert_Hermann_Bodden_2019, title={PhASAR: An Inter-Procedural
Static Analysis Framework for C/C++}, volume={II}, DOI={10.1007/978-3-030-17465-1_22},
booktitle={Proceedings of the 25th International Conference on Tools and Algorithms
for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the
European Joint Conferences on Theory and Practice of Software (ETAPS 2019)}, author={Schubert,
Philipp and Hermann, Ben and Bodden, Eric}, year={2019}, pages={393–410} }'
chicago: 'Schubert, Philipp, Ben Hermann, and Eric Bodden. “PhASAR: An Inter-Procedural
Static Analysis Framework for C/C++.” In Proceedings of the 25th International
Conference on Tools and Algorithms for the Construction and Analysis of Systems
(TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice
of Software (ETAPS 2019), II:393–410, 2019. https://doi.org/10.1007/978-3-030-17465-1_22.'
ieee: 'P. Schubert, B. Hermann, and E. Bodden, “PhASAR: An Inter-Procedural Static
Analysis Framework for C/C++,” in Proceedings of the 25th International Conference
on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019),
Held as Part of the European Joint Conferences on Theory and Practice of Software
(ETAPS 2019), Prague, Czech Republic, 2019, vol. II, pp. 393–410, doi: 10.1007/978-3-030-17465-1_22.'
mla: 'Schubert, Philipp, et al. “PhASAR: An Inter-Procedural Static Analysis Framework
for C/C++.” Proceedings of the 25th International Conference on Tools and Algorithms
for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the
European Joint Conferences on Theory and Practice of Software (ETAPS 2019),
vol. II, 2019, pp. 393–410, doi:10.1007/978-3-030-17465-1_22.'
short: 'P. Schubert, B. Hermann, E. Bodden, in: Proceedings of the 25th International
Conference on Tools and Algorithms for the Construction and Analysis of Systems
(TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice
of Software (ETAPS 2019), 2019, pp. 393–410.'
conference:
end_date: 2019-04-11
location: Prague, Czech Republic
name: 25th International Conference on Tools and Algorithms for the Construction
and Analysis of Systems (TACAS)
start_date: 2019-04-08
date_created: 2019-02-12T07:20:07Z
date_updated: 2022-03-25T07:48:36Z
ddc:
- '000'
department:
- _id: '76'
doi: 10.1007/978-3-030-17465-1_22
file:
- access_level: closed
content_type: application/pdf
creator: pdschbrt
date_created: 2019-02-12T07:18:17Z
date_updated: 2019-02-12T07:18:17Z
file_id: '7627'
file_name: main.pdf
file_size: 504897
relation: main_file
success: 1
file_date_updated: 2019-02-12T07:18:17Z
has_accepted_license: '1'
language:
- iso: eng
main_file_link:
- open_access: '1'
url: https://link.springer.com/chapter/10.1007/978-3-030-17465-1_22
oa: '1'
page: 393-410
project:
- _id: '1'
name: SFB 901
- _id: '12'
name: SFB 901 - Subproject B4
- _id: '3'
name: SFB 901 - Project Area B
publication: Proceedings of the 25th International Conference on Tools and Algorithms
for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European
Joint Conferences on Theory and Practice of Software (ETAPS 2019)
publication_status: published
status: public
title: 'PhASAR: An Inter-Procedural Static Analysis Framework for C/C++'
type: conference
user_id: '60543'
volume: II
year: '2019'
...
---
_id: '14898'
author:
- first_name: Philipp
full_name: Schubert, Philipp
id: '60543'
last_name: Schubert
orcid: 0000-0002-8674-1859
- first_name: Richard
full_name: Leer, Richard
last_name: Leer
- first_name: Ben
full_name: Hermann, Ben
id: '66173'
last_name: Hermann
orcid: 0000-0001-9848-2017
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Schubert P, Leer R, Hermann B, Bodden E. Know your analysis: how instrumentation
aids understanding static analysis. In: Proceedings of the 8th ACM SIGPLAN
International Workshop on State Of the Art in Program Analysis - SOAP 2019.
; 2019. doi:10.1145/3315568.3329965'
apa: 'Schubert, P., Leer, R., Hermann, B., & Bodden, E. (2019). Know your analysis:
how instrumentation aids understanding static analysis. Proceedings of the
8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis
- SOAP 2019. https://doi.org/10.1145/3315568.3329965'
bibtex: '@inproceedings{Schubert_Leer_Hermann_Bodden_2019, title={Know your analysis:
how instrumentation aids understanding static analysis}, DOI={10.1145/3315568.3329965},
booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State
Of the Art in Program Analysis - SOAP 2019}, author={Schubert, Philipp and Leer,
Richard and Hermann, Ben and Bodden, Eric}, year={2019} }'
chicago: 'Schubert, Philipp, Richard Leer, Ben Hermann, and Eric Bodden. “Know Your
Analysis: How Instrumentation Aids Understanding Static Analysis.” In Proceedings
of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis
- SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329965.'
ieee: 'P. Schubert, R. Leer, B. Hermann, and E. Bodden, “Know your analysis: how
instrumentation aids understanding static analysis,” 2019, doi: 10.1145/3315568.3329965.'
mla: 'Schubert, Philipp, et al. “Know Your Analysis: How Instrumentation Aids Understanding
Static Analysis.” Proceedings of the 8th ACM SIGPLAN International Workshop
on State Of the Art in Program Analysis - SOAP 2019, 2019, doi:10.1145/3315568.3329965.'
short: 'P. Schubert, R. Leer, B. Hermann, E. Bodden, in: Proceedings of the 8th
ACM SIGPLAN International Workshop on State Of the Art in Program Analysis -
SOAP 2019, 2019.'
date_created: 2019-11-12T12:22:16Z
date_updated: 2023-06-15T08:52:37Z
department:
- _id: '76'
- _id: '34'
- _id: '26'
doi: 10.1145/3315568.3329965
language:
- iso: eng
project:
- _id: '12'
name: 'SFB 901 - B4: SFB 901 - Subproject B4'
- _id: '3'
name: 'SFB 901 - B: SFB 901 - Project Area B'
- _id: '1'
grant_number: '160364472'
name: 'SFB 901: SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen
in dynamischen Märkten '
publication: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of
the Art in Program Analysis - SOAP 2019
publication_identifier:
isbn:
- '9781450367202'
publication_status: published
status: public
title: 'Know your analysis: how instrumentation aids understanding static analysis'
type: conference
user_id: '15249'
year: '2019'
...
---
_id: '2711'
abstract:
- lang: eng
text: "In recent years, researchers have developed a number of tools to conduct\r\ntaint
analysis of Android applications. While all the respective papers aim at\r\nproviding
a thorough empirical evaluation, comparability is hindered by varying\r\nor unclear
evaluation targets. Sometimes, the apps used for evaluation are not\r\nprecisely
described. In other cases, authors use an established benchmark but\r\ncover it
only partially. In yet other cases, the evaluations differ in terms of\r\nthe
data leaks searched for, or lack a ground truth to compare against. All\r\nthose
limitations make it impossible to truly compare the tools based on those\r\npublished
evaluations.\r\n We thus present ReproDroid, a framework allowing the accurate
comparison of\r\nAndroid taint analysis tools. ReproDroid supports researchers
in inferring the\r\nground truth for data leaks in apps, in automatically applying
tools to\r\nbenchmarks, and in evaluating the obtained results. We use ReproDroid
to\r\ncomparatively evaluate on equal grounds the six prominent taint analysis
tools\r\nAmandroid, DIALDroid, DidFail, DroidSafe, FlowDroid and IccTA. The results
are\r\nlargely positive although four tools violate some promises concerning features\r\nand
accuracy. Finally, we contribute to the area of unbiased benchmarking with\r\na
new and improved version of the open test suite DroidBench."
author:
- first_name: Felix
full_name: Pauck, Felix
id: '22398'
last_name: Pauck
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Heike
full_name: Wehrheim, Heike
id: '573'
last_name: Wehrheim
citation:
ama: Pauck F, Bodden E, Wehrheim H. Do Android Taint Analysis Tools Keep their Promises?
arXiv:180402903. 2018.
apa: Pauck, F., Bodden, E., & Wehrheim, H. (2018). Do Android Taint Analysis
Tools Keep their Promises? ArXiv:1804.02903.
bibtex: '@article{Pauck_Bodden_Wehrheim_2018, title={Do Android Taint Analysis Tools
Keep their Promises?}, journal={arXiv:1804.02903}, author={Pauck, Felix and Bodden,
Eric and Wehrheim, Heike}, year={2018} }'
chicago: Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis
Tools Keep Their Promises?” ArXiv:1804.02903, 2018.
ieee: F. Pauck, E. Bodden, and H. Wehrheim, “Do Android Taint Analysis Tools Keep
their Promises?,” arXiv:1804.02903. 2018.
mla: Pauck, Felix, et al. “Do Android Taint Analysis Tools Keep Their Promises?”
ArXiv:1804.02903, 2018.
short: F. Pauck, E. Bodden, H. Wehrheim, ArXiv:1804.02903 (2018).
date_created: 2018-05-09T08:27:11Z
date_updated: 2022-01-06T06:57:35Z
ddc:
- '000'
department:
- _id: '77'
- _id: '76'
file:
- access_level: closed
content_type: application/pdf
creator: florida
date_created: 2018-11-21T10:49:23Z
date_updated: 2018-11-21T10:49:23Z
file_id: '5781'
file_name: Do Android Taint Analysis Tools Keep their Promises.pdf
file_size: 1045861
relation: main_file
success: 1
file_date_updated: 2018-11-21T10:49:23Z
has_accepted_license: '1'
language:
- iso: eng
project:
- _id: '1'
name: SFB 901
- _id: '3'
name: SFB 901 - Project Area B
- _id: '12'
name: SFB 901 - Subproject B4
publication: arXiv:1804.02903
status: public
title: Do Android Taint Analysis Tools Keep their Promises?
type: preprint
user_id: '477'
year: '2018'
...
---
_id: '20530'
author:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
citation:
ama: 'Bodden E, Nguyen Quang Do L. Explainable Static Analysis. In: Software
Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik,
{SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany. {LNI}. ; 2018:205-208.'
apa: Bodden, E., & Nguyen Quang Do, L. (2018). Explainable Static Analysis.
Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs
Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 205–208.
bibtex: '@inproceedings{Bodden_Nguyen Quang Do_2018, series={{LNI}}, title={Explainable
Static Analysis}, booktitle={Software Engineering und Software Management 2018,
Fachtagung des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018,
Ulm, Germany.}, author={Bodden, Eric and Nguyen Quang Do, Lisa}, year={2018},
pages={205–208}, collection={{LNI}} }'
chicago: Bodden, Eric, and Lisa Nguyen Quang Do. “Explainable Static Analysis.”
In Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs
Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 205–8. {LNI},
2018.
ieee: E. Bodden and L. Nguyen Quang Do, “Explainable Static Analysis,” in Software
Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik,
{SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 2018, pp. 205–208.
mla: Bodden, Eric, and Lisa Nguyen Quang Do. “Explainable Static Analysis.” Software
Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik,
{SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 2018, pp. 205–08.
short: 'E. Bodden, L. Nguyen Quang Do, in: Software Engineering Und Software Management
2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz
2018, Ulm, Germany., 2018, pp. 205–208.'
date_created: 2020-11-27T10:24:21Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
language:
- iso: eng
main_file_link:
- url: https://dl.gi.de/20.500.12116/16348
page: 205-208
publication: Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs
Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany.
publication_identifier:
isbn:
- 978-3-88579-673-2
series_title: '{LNI}'
status: public
title: Explainable Static Analysis
type: conference
user_id: '5786'
year: '2018'
...
---
_id: '20543'
author:
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Stefan
full_name: Krüger, Stefan
last_name: Krüger
- first_name: Patrick
full_name: Hill, Patrick
last_name: Hill
- first_name: Karim
full_name: Ali, Karim
last_name: Ali
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. Debugging Static Analysis.
IEEE Transactions on Software Engineering. Published online 2018:1-1. doi:10.1109/TSE.2018.2868349
apa: Nguyen Quang Do, L., Krüger, S., Hill, P., Ali, K., & Bodden, E. (2018).
Debugging Static Analysis. IEEE Transactions on Software Engineering, 1–1.
https://doi.org/10.1109/TSE.2018.2868349
bibtex: '@article{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={Debugging
Static Analysis}, DOI={10.1109/TSE.2018.2868349},
journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do,
Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}, year={2018},
pages={1–1} }'
chicago: Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric
Bodden. “Debugging Static Analysis.” IEEE Transactions on Software Engineering,
2018, 1–1. https://doi.org/10.1109/TSE.2018.2868349.
ieee: 'L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, and E. Bodden, “Debugging
Static Analysis,” IEEE Transactions on Software Engineering, pp. 1–1, 2018,
doi: 10.1109/TSE.2018.2868349.'
mla: Nguyen Quang Do, Lisa, et al. “Debugging Static Analysis.” IEEE Transactions
on Software Engineering, 2018, pp. 1–1, doi:10.1109/TSE.2018.2868349.
short: L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, IEEE Transactions
on Software Engineering (2018) 1–1.
date_created: 2020-11-30T09:32:12Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1109/TSE.2018.2868349
keyword:
- Debugging
- Static analysis
- Tools
- Computer bugs
- Standards
- Writing
- Encoding
- Testing and Debugging
- Program analysis
- Development tools
- Integrated environments
- Graphical environments
- Usability testing
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/tse18debugging.pdf
page: 1-1
publication: IEEE Transactions on Software Engineering
publication_identifier:
issn:
- 2326-3881
status: public
title: Debugging Static Analysis
type: journal_article
user_id: '5786'
year: '2018'
...
---
_id: '20544'
citation:
ama: Tichy M, Bodden E, Kuhrmann M, Wagner S, Steghöfer J-P, eds. Software Engineering
Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik,
SE 2018, 5.-9. März 2018, Ulm, Germany. Vol {P-279}. Gesellschaft für Informatik;
2018.
apa: 'Tichy, M., Bodden, E., Kuhrmann, M., Wagner, S., & Steghöfer, J.-P. (Eds.).
(2018). Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs
Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany: Vol. {P-279}. Gesellschaft
für Informatik.'
bibtex: '@book{Tichy_Bodden_Kuhrmann_Wagner_Steghöfer_2018, series={{LNI}}, title={Software
Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik,
SE 2018, 5.-9. März 2018, Ulm, Germany}, volume={{P-279}}, publisher={Gesellschaft
für Informatik}, year={2018}, collection={{LNI}} }'
chicago: Tichy, Matthias, Eric Bodden, Marco Kuhrmann, Stefan Wagner, and Jan-Philipp
Steghöfer, eds. Software Engineering Und Software Management 2018, Fachtagung
Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany.
Vol. {P-279}. {LNI}. Gesellschaft für Informatik, 2018.
ieee: M. Tichy, E. Bodden, M. Kuhrmann, S. Wagner, and J.-P. Steghöfer, Eds., Software
Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik,
SE 2018, 5.-9. März 2018, Ulm, Germany, vol. {P-279}. Gesellschaft für Informatik,
2018.
mla: Tichy, Matthias, et al., editors. Software Engineering Und Software Management
2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018,
Ulm, Germany. Gesellschaft für Informatik, 2018.
short: M. Tichy, E. Bodden, M. Kuhrmann, S. Wagner, J.-P. Steghöfer, eds., Software
Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik,
SE 2018, 5.-9. März 2018, Ulm, Germany, Gesellschaft für Informatik, 2018.
date_created: 2020-11-30T09:32:58Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
editor:
- first_name: Matthias
full_name: Tichy, Matthias
last_name: Tichy
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
- first_name: Marco
full_name: Kuhrmann, Marco
last_name: Kuhrmann
- first_name: Stefan
full_name: Wagner, Stefan
last_name: Wagner
- first_name: Jan-Philipp
full_name: Steghöfer, Jan-Philipp
last_name: Steghöfer
language:
- iso: eng
publication_identifier:
isbn:
- 978-3-88579-673-2
publisher: Gesellschaft für Informatik
series_title: '{LNI}'
status: public
title: Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs
Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany
type: conference_editor
user_id: '5786'
volume: '{P-279}'
year: '2018'
...
---
_id: '20545'
citation:
ama: Tip F, Bodden E, eds. Proceedings of the 27th ACM SIGSOFT International
Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands,
July 16-21, 2018. ACM; 2018.
apa: Tip, F., & Bodden, E. (Eds.). (2018). Proceedings of the 27th ACM SIGSOFT
International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam,
The Netherlands, July 16-21, 2018. ACM.
bibtex: '@book{Tip_Bodden_2018, title={Proceedings of the 27th ACM SIGSOFT International
Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands,
July 16-21, 2018}, publisher={ACM}, year={2018} }'
chicago: Tip, Frank, and Eric Bodden, eds. Proceedings of the 27th ACM SIGSOFT
International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam,
The Netherlands, July 16-21, 2018. ACM, 2018.
ieee: F. Tip and E. Bodden, Eds., Proceedings of the 27th ACM SIGSOFT International
Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands,
July 16-21, 2018. ACM, 2018.
mla: Tip, Frank, and Eric Bodden, editors. Proceedings of the 27th ACM SIGSOFT
International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam,
The Netherlands, July 16-21, 2018. ACM, 2018.
short: F. Tip, E. Bodden, eds., Proceedings of the 27th ACM SIGSOFT International
Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands,
July 16-21, 2018, ACM, 2018.
date_created: 2020-11-30T09:35:03Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
editor:
- first_name: Frank
full_name: Tip, Frank
last_name: Tip
- first_name: Eric
full_name: Bodden, Eric
last_name: Bodden
language:
- iso: eng
publisher: ACM
status: public
title: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing
and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018
type: conference_editor
user_id: '5786'
year: '2018'
...
---
_id: '20546'
author:
- first_name: Christopher
full_name: Gerking, Christopher
last_name: Gerking
- first_name: David
full_name: Schubert, David
id: '9106'
last_name: Schubert
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Gerking C, Schubert D, Bodden E. Model Checking the Information Flow Security
of Real-Time Systems. In: Payer M, Rashid A, Such JM, eds. Engineering Secure
Software and Systems. Springer International Publishing; 2018:27-43.'
apa: Gerking, C., Schubert, D., & Bodden, E. (2018). Model Checking the Information
Flow Security of Real-Time Systems. In M. Payer, A. Rashid, & J. M. Such (Eds.),
Engineering Secure Software and Systems (pp. 27–43). Springer International
Publishing.
bibtex: '@inproceedings{Gerking_Schubert_Bodden_2018, place={Cham}, title={Model
Checking the Information Flow Security of Real-Time Systems}, booktitle={Engineering
Secure Software and Systems}, publisher={Springer International Publishing}, author={Gerking,
Christopher and Schubert, David and Bodden, Eric}, editor={Payer, Mathias and
Rashid, Awais and Such, Jose M.}, year={2018}, pages={27–43} }'
chicago: 'Gerking, Christopher, David Schubert, and Eric Bodden. “Model Checking
the Information Flow Security of Real-Time Systems.” In Engineering Secure
Software and Systems, edited by Mathias Payer, Awais Rashid, and Jose M. Such,
27–43. Cham: Springer International Publishing, 2018.'
ieee: C. Gerking, D. Schubert, and E. Bodden, “Model Checking the Information Flow
Security of Real-Time Systems,” in Engineering Secure Software and Systems,
2018, pp. 27–43.
mla: Gerking, Christopher, et al. “Model Checking the Information Flow Security
of Real-Time Systems.” Engineering Secure Software and Systems, edited
by Mathias Payer et al., Springer International Publishing, 2018, pp. 27–43.
short: 'C. Gerking, D. Schubert, E. Bodden, in: M. Payer, A. Rashid, J.M. Such (Eds.),
Engineering Secure Software and Systems, Springer International Publishing, Cham,
2018, pp. 27–43.'
date_created: 2020-11-30T09:35:55Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
editor:
- first_name: Mathias
full_name: Payer, Mathias
last_name: Payer
- first_name: Awais
full_name: Rashid, Awais
last_name: Rashid
- first_name: Jose M.
full_name: Such, Jose M.
last_name: Such
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/gsb18model.pdf
page: 27-43
place: Cham
publication: Engineering Secure Software and Systems
publisher: Springer International Publishing
status: public
title: Model Checking the Information Flow Security of Real-Time Systems
type: conference
user_id: '5786'
year: '2018'
...
---
_id: '20547'
author:
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Nguyen Quang Do L, Bodden E. Gamifying Static Analysis. In: Proceedings
of the 2018 26th ACM Joint Meeting on European Software Engineering Conference
and Symposium on the Foundations of Software Engineering. ESEC/FSE 2018. ACM;
2018:714-718. doi:10.1145/3236024.3264830'
apa: Nguyen Quang Do, L., & Bodden, E. (2018). Gamifying Static Analysis. Proceedings
of the 2018 26th ACM Joint Meeting on European Software Engineering Conference
and Symposium on the Foundations of Software Engineering, 714–718. https://doi.org/10.1145/3236024.3264830
bibtex: '@inproceedings{Nguyen Quang Do_Bodden_2018, place={New York, NY, USA},
series={ESEC/FSE 2018}, title={Gamifying Static Analysis}, DOI={10.1145/3236024.3264830},
booktitle={Proceedings of the 2018 26th ACM Joint Meeting on European Software
Engineering Conference and Symposium on the Foundations of Software Engineering},
publisher={ACM}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2018},
pages={714–718}, collection={ESEC/FSE 2018} }'
chicago: 'Nguyen Quang Do, Lisa, and Eric Bodden. “Gamifying Static Analysis.” In
Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering
Conference and Symposium on the Foundations of Software Engineering, 714–18.
ESEC/FSE 2018. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236024.3264830.'
ieee: 'L. Nguyen Quang Do and E. Bodden, “Gamifying Static Analysis,” in Proceedings
of the 2018 26th ACM Joint Meeting on European Software Engineering Conference
and Symposium on the Foundations of Software Engineering, 2018, pp. 714–718,
doi: 10.1145/3236024.3264830.'
mla: Nguyen Quang Do, Lisa, and Eric Bodden. “Gamifying Static Analysis.” Proceedings
of the 2018 26th ACM Joint Meeting on European Software Engineering Conference
and Symposium on the Foundations of Software Engineering, ACM, 2018, pp. 714–18,
doi:10.1145/3236024.3264830.
short: 'L. Nguyen Quang Do, E. Bodden, in: Proceedings of the 2018 26th ACM Joint
Meeting on European Software Engineering Conference and Symposium on the Foundations
of Software Engineering, ACM, New York, NY, USA, 2018, pp. 714–718.'
date_created: 2020-11-30T09:37:35Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1145/3236024.3264830
keyword:
- Gamification
- Integrated Environments
- Program analysis
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/db18gamifying.pdf
page: 714-718
place: New York, NY, USA
publication: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering
Conference and Symposium on the Foundations of Software Engineering
publication_identifier:
isbn:
- 978-1-4503-5573-5
publisher: ACM
series_title: ESEC/FSE 2018
status: public
title: Gamifying Static Analysis
type: conference
user_id: '5786'
year: '2018'
...
---
_id: '20548'
author:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Bodden E. The Secret Sauce in Efficient and Precise Static Analysis: The Beauty
of Distributive, Summary-based Static Analyses (and How to Master Them). In: ACM
SIGPLAN International Workshop on the State Of the Art in Java Program Analysis
(SOAP 2018). ISSTA ’18. ACM; 2018:85-93. doi:10.1145/3236454.3236500'
apa: 'Bodden, E. (2018). The Secret Sauce in Efficient and Precise Static Analysis:
The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them).
ACM SIGPLAN International Workshop on the State Of the Art in Java Program
Analysis (SOAP 2018), 85–93. https://doi.org/10.1145/3236454.3236500'
bibtex: '@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ISSTA ’18},
title={The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of
Distributive, Summary-based Static Analyses (and How to Master Them)}, DOI={10.1145/3236454.3236500}, booktitle={ACM
SIGPLAN International Workshop on the State Of the Art in Java Program Analysis
(SOAP 2018)}, publisher={ACM}, author={Bodden, Eric}, year={2018}, pages={85–93},
collection={ISSTA ’18} }'
chicago: 'Bodden, Eric. “The Secret Sauce in Efficient and Precise Static Analysis:
The Beauty of Distributive, Summary-Based Static Analyses (and How to Master Them).”
In ACM SIGPLAN International Workshop on the State Of the Art in Java Program
Analysis (SOAP 2018), 85–93. ISSTA ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236454.3236500.'
ieee: 'E. Bodden, “The Secret Sauce in Efficient and Precise Static Analysis: The
Beauty of Distributive, Summary-based Static Analyses (and How to Master Them),”
in ACM SIGPLAN International Workshop on the State Of the Art in Java Program
Analysis (SOAP 2018), 2018, pp. 85–93, doi: 10.1145/3236454.3236500.'
mla: 'Bodden, Eric. “The Secret Sauce in Efficient and Precise Static Analysis:
The Beauty of Distributive, Summary-Based Static Analyses (and How to Master Them).”
ACM SIGPLAN International Workshop on the State Of the Art in Java Program
Analysis (SOAP 2018), ACM, 2018, pp. 85–93, doi:10.1145/3236454.3236500.'
short: 'E. Bodden, in: ACM SIGPLAN International Workshop on the State Of the Art
in Java Program Analysis (SOAP 2018), ACM, New York, NY, USA, 2018, pp. 85–93.'
date_created: 2020-11-30T09:51:05Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1145/3236454.3236500
keyword:
- ATTRACT
- ITSECWEBSITE
language:
- iso: eng
main_file_link:
- url: http://bodden.de/pubs/bodden18secret.pdf
page: 85-93
place: New York, NY, USA
publication: ACM SIGPLAN International Workshop on the State Of the Art in Java Program
Analysis (SOAP 2018)
publication_identifier:
isbn:
- 978-1-4503-5939-9
publisher: ACM
series_title: ISSTA '18
status: public
title: 'The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive,
Summary-based Static Analyses (and How to Master Them)'
type: conference
user_id: '5786'
year: '2018'
...
---
_id: '20549'
author:
- first_name: Johannes
full_name: Geismann, Johannes
id: '20063'
last_name: Geismann
orcid: https://orcid.org/0000-0003-2015-2047
- first_name: Christopher
full_name: Gerking, Christopher
last_name: Gerking
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Geismann J, Gerking C, Bodden E. Towards Ensuring Security by Design in Cyber-Physical
Systems Engineering Processes. In: International Conference on Software and
System Processes (ICSSP). ; 2018.'
apa: Geismann, J., Gerking, C., & Bodden, E. (2018). Towards Ensuring Security
by Design in Cyber-Physical Systems Engineering Processes. International Conference
on Software and System Processes (ICSSP).
bibtex: '@inproceedings{Geismann_Gerking_Bodden_2018, title={Towards Ensuring Security
by Design in Cyber-Physical Systems Engineering Processes}, booktitle={International
Conference on Software and System Processes (ICSSP)}, author={Geismann, Johannes
and Gerking, Christopher and Bodden, Eric}, year={2018} }'
chicago: Geismann, Johannes, Christopher Gerking, and Eric Bodden. “Towards Ensuring
Security by Design in Cyber-Physical Systems Engineering Processes.” In International
Conference on Software and System Processes (ICSSP), 2018.
ieee: J. Geismann, C. Gerking, and E. Bodden, “Towards Ensuring Security by Design
in Cyber-Physical Systems Engineering Processes,” 2018.
mla: Geismann, Johannes, et al. “Towards Ensuring Security by Design in Cyber-Physical
Systems Engineering Processes.” International Conference on Software and System
Processes (ICSSP), 2018.
short: 'J. Geismann, C. Gerking, E. Bodden, in: International Conference on Software
and System Processes (ICSSP), 2018.'
date_created: 2020-11-30T09:52:21Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
keyword:
- ITSECWEBSITE
language:
- iso: eng
publication: International Conference on Software and System Processes (ICSSP)
related_material:
link:
- relation: confirmation
url: http://bodden.de/pubs/ggb18towards.pdf
status: public
title: Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes
type: conference
user_id: '5786'
year: '2018'
...
---
_id: '20550'
author:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Bodden E. Self-adaptive Static Analysis. In: Proceedings of the 40th International
Conference on Software Engineering: New Ideas and Emerging Results. ICSE-NIER
’18. ACM; 2018:45-48. doi:10.1145/3183399.3183401'
apa: 'Bodden, E. (2018). Self-adaptive Static Analysis. Proceedings of the 40th
International Conference on Software Engineering: New Ideas and Emerging Results,
45–48. https://doi.org/10.1145/3183399.3183401'
bibtex: '@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ICSE-NIER
’18}, title={Self-adaptive Static Analysis}, DOI={10.1145/3183399.3183401},
booktitle={Proceedings of the 40th International Conference on Software Engineering:
New Ideas and Emerging Results}, publisher={ACM}, author={Bodden, Eric}, year={2018},
pages={45–48}, collection={ICSE-NIER ’18} }'
chicago: 'Bodden, Eric. “Self-Adaptive Static Analysis.” In Proceedings of the
40th International Conference on Software Engineering: New Ideas and Emerging
Results, 45–48. ICSE-NIER ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3183399.3183401.'
ieee: 'E. Bodden, “Self-adaptive Static Analysis,” in Proceedings of the 40th
International Conference on Software Engineering: New Ideas and Emerging Results,
2018, pp. 45–48, doi: 10.1145/3183399.3183401.'
mla: 'Bodden, Eric. “Self-Adaptive Static Analysis.” Proceedings of the 40th
International Conference on Software Engineering: New Ideas and Emerging Results,
ACM, 2018, pp. 45–48, doi:10.1145/3183399.3183401.'
short: 'E. Bodden, in: Proceedings of the 40th International Conference on Software
Engineering: New Ideas and Emerging Results, ACM, New York, NY, USA, 2018, pp.
45–48.'
date_created: 2020-11-30T09:54:33Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
doi: 10.1145/3183399.3183401
keyword:
- ATTRACT
- ITSECWEBSITE
language:
- iso: eng
page: 45-48
place: New York, NY, USA
publication: 'Proceedings of the 40th International Conference on Software Engineering:
New Ideas and Emerging Results'
publication_identifier:
isbn:
- 978-1-4503-5662-6
publisher: ACM
related_material:
link:
- relation: confirmation
url: http://bodden.de/pubs/bodden18selfadaptive.pdf
series_title: ICSE-NIER '18
status: public
title: Self-adaptive Static Analysis
type: conference
user_id: '5786'
year: '2018'
...
---
_id: '20551'
author:
- first_name: Lisa
full_name: Nguyen Quang Do, Lisa
last_name: Nguyen Quang Do
- first_name: Stefan
full_name: Krüger, Stefan
last_name: Krüger
- first_name: Patrick
full_name: Hill, Patrick
last_name: Hill
- first_name: Karim
full_name: Ali, Karim
last_name: Ali
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
citation:
ama: 'Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. VISUFLOW, a Debugging
Environment for Static Analyses. In: International Conference for Software
Engineering (ICSE), Tool Demonstrations Track. ; 2018.'
apa: Nguyen Quang Do, L., Krüger, S., Hill, P., Ali, K., & Bodden, E. (2018).
VISUFLOW, a Debugging Environment for Static Analyses. International Conference
for Software Engineering (ICSE), Tool Demonstrations Track.
bibtex: '@inproceedings{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={VISUFLOW,
a Debugging Environment for Static Analyses}, booktitle={International Conference
for Software Engineering (ICSE), Tool Demonstrations Track}, author={Nguyen Quang
Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric},
year={2018} }'
chicago: Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric
Bodden. “VISUFLOW, a Debugging Environment for Static Analyses.” In International
Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018.
ieee: L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, and E. Bodden, “VISUFLOW,
a Debugging Environment for Static Analyses,” 2018.
mla: Nguyen Quang Do, Lisa, et al. “VISUFLOW, a Debugging Environment for Static
Analyses.” International Conference for Software Engineering (ICSE), Tool Demonstrations
Track, 2018.
short: 'L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, in: International
Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018.'
date_created: 2020-11-30T09:55:20Z
date_updated: 2022-01-06T06:54:29Z
department:
- _id: '76'
keyword:
- ATTRACT
- ITSECWEBSITE
language:
- iso: eng
main_file_link:
- url: http://www.bodden.de/pubs/dkh+18visuflow.pdf
publication: International Conference for Software Engineering (ICSE), Tool Demonstrations
Track
status: public
title: VISUFLOW, a Debugging Environment for Static Analyses
type: conference
user_id: '5786'
year: '2018'
...
---
_id: '20779'
abstract:
- lang: eng
text: Der hohe Grad an Innovation in mechatronischen Systemen führt zu sogenannten
Cyber-Physical Systems (CPS). Diese haben eine komplexe Funktionalität und Kommunikation.
Wie sicherheitskritisch solche Systeme sind, wird durch sogenannte Sicherheits-Integritätslevel
(SIL) kategorisiert, die durch Normen wie der ISO 26262 definiert werden. Ein
bestimmter SIL beschreibt nicht nur die Höhe des Gefährdungsrisikos, sondern diktiert
auch den erforderlichen Grad an Sorgfalt bei der Entwicklung des Systems. Ein
hoher SIL erfordert die Anwendung von Safety-Maßnahmen mit einem hohen Sorgfaltsgrad
in allen Phasen der Entwicklung und impliziert daher einen hohen Safety-Aufwand.
SIL-Tailoring ist ein Mittel um den Safety-Aufwand zu reduzieren, indem man Subsystemen
geringere SILs zuordnet, falls sie von kritischeren Subsystemen getrennt sind
oder redundante Safety-Anforderungen erfüllen. Um den nötigen Safety-Aufwand zu
planen, sollten Möglichkeiten für SIL-Tailoring so früh wie möglich identifiziert
werden - d.h. bereits in der Anforderungsanalyse. Durch die Komplexität von CPS,
ist es schwierig valide SIL-Tailorings zu finden. Die Validität von SIL-Tailorings
muss durch Analyse von Fehlerpropagierungspfaden geprüft und durch Argumente im
Safety Case begründet werden. Der Beitrag dieser Dissertation ist ein systematischer,
tool-unterstützter SIL-Tailoring-Prozess, der im Safety Requirements Engineering
angewendet wird. Der Prozess nutzt eine modell-basierte, formale Anforderungsspezifikation
und stellt einen Katalog von Anforderungsmustern bereit. Basierend auf diesen
Anforderungen werden Fehlerpropagierungsmodelle generiert und Subsystemen automatisch
SILs zugeordnet. Das minimiert den Sicherheitsanalyseaufwand. Aus den generierten
Ergebnissen wird automatisch ein Safety Case mit Argumenten für die SIL-Tailoring-Validität
abgeleitet.
author:
- first_name: Markus
full_name: Fockel, Markus
id: '8472'
last_name: Fockel
orcid: 0000-0002-1269-0702
citation:
ama: Fockel M. Safety Requirements Engineering for Early SIL Tailoring. Fakultät
für Elektrotechnik, Informatik und Mathematik, Universität Paderborn; 2018. doi:10.17619/UNIPB/1-490
apa: Fockel, M. (2018). Safety Requirements Engineering for Early SIL Tailoring.
Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn.
https://doi.org/10.17619/UNIPB/1-490
bibtex: '@book{Fockel_2018, title={Safety Requirements Engineering for Early SIL
Tailoring}, DOI={10.17619/UNIPB/1-490},
publisher={Fakultät für Elektrotechnik, Informatik und Mathematik, Universität
Paderborn}, author={Fockel, Markus}, year={2018} }'
chicago: Fockel, Markus. Safety Requirements Engineering for Early SIL Tailoring.
Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn,
2018. https://doi.org/10.17619/UNIPB/1-490.
ieee: M. Fockel, Safety Requirements Engineering for Early SIL Tailoring.
Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn,
2018.
mla: Fockel, Markus. Safety Requirements Engineering for Early SIL Tailoring.
Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn,
2018, doi:10.17619/UNIPB/1-490.
short: M. Fockel, Safety Requirements Engineering for Early SIL Tailoring, Fakultät
für Elektrotechnik, Informatik und Mathematik, Universität Paderborn, 2018.
date_created: 2020-12-17T11:59:05Z
date_updated: 2022-01-06T06:54:38Z
department:
- _id: '76'
- _id: '241'
- _id: '662'
doi: 10.17619/UNIPB/1-490
language:
- iso: eng
publisher: Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn
status: public
supervisor:
- first_name: Eric
full_name: Bodden, Eric
id: '59256'
last_name: Bodden
orcid: 0000-0003-3470-3647
title: Safety Requirements Engineering for Early SIL Tailoring
type: dissertation
user_id: '5786'
year: '2018'
...