--- _id: '26406' author: - first_name: Philipp full_name: Schubert, Philipp id: '60543' last_name: Schubert orcid: 0000-0002-8674-1859 - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Richard full_name: Leer, Richard last_name: Leer citation: ama: 'Schubert P, Hermann B, Bodden E, Leer R. Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++. In: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track). ; 2021.' apa: 'Schubert, P., Hermann, B., Bodden, E., & Leer, R. (2021). Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++. SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track).' bibtex: '@inproceedings{Schubert_Hermann_Bodden_Leer_2021, title={Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++}, booktitle={SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric and Leer, Richard}, year={2021} }' chicago: 'Schubert, Philipp, Ben Hermann, Eric Bodden, and Richard Leer. “Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++.” In SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.' ieee: 'P. Schubert, B. Hermann, E. Bodden, and R. Leer, “Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++,” 2021.' mla: 'Schubert, Philipp, et al. “Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++.” SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.' short: 'P. Schubert, B. Hermann, E. Bodden, R. Leer, in: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.' date_created: 2021-10-18T12:52:12Z date_updated: 2023-06-15T08:39:55Z department: - _id: '76' language: - iso: eng project: - _id: '3' name: 'SFB 901 - B: SFB 901 - Project Area B' - _id: '12' name: 'SFB 901 - B4: SFB 901 - Subproject B4' - _id: '1' grant_number: '160364472' name: 'SFB 901: SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen in dynamischen Märkten ' publication: 'SCAM ''21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track)' status: public title: 'Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++' type: conference user_id: '15249' year: '2021' ... --- _id: '26405' author: - first_name: Philipp full_name: Schubert, Philipp id: '60543' last_name: Schubert orcid: 0000-0002-8674-1859 - first_name: Florian full_name: Sattler, Florian last_name: Sattler - first_name: Fabian full_name: Schiebel, Fabian last_name: Schiebel - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Schubert P, Sattler F, Schiebel F, Hermann B, Bodden E. Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.' apa: Schubert, P., Sattler, F., Schiebel, F., Hermann, B., & Bodden, E. (2021). Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++. 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). bibtex: '@inproceedings{Schubert_Sattler_Schiebel_Hermann_Bodden_2021, title={Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Schubert, Philipp and Sattler, Florian and Schiebel, Fabian and Hermann, Ben and Bodden, Eric}, year={2021} }' chicago: Schubert, Philipp, Florian Sattler, Fabian Schiebel, Ben Hermann, and Eric Bodden. “Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++.” In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021. ieee: P. Schubert, F. Sattler, F. Schiebel, B. Hermann, and E. Bodden, “Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++,” 2021. mla: Schubert, Philipp, et al. “Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++.” 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021. short: 'P. Schubert, F. Sattler, F. Schiebel, B. Hermann, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.' date_created: 2021-10-18T12:50:35Z date_updated: 2023-06-15T08:57:24Z department: - _id: '76' language: - iso: eng project: - _id: '12' name: 'SFB 901 - B4: SFB 901 - Subproject B4' - _id: '3' name: 'SFB 901 - B: SFB 901 - Project Area B' - _id: '1' grant_number: '160364472' name: 'SFB 901: SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen in dynamischen Märkten ' publication: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM) status: public title: Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++ type: conference user_id: '15249' year: '2021' ... --- _id: '20507' author: - first_name: Johannes full_name: Geismann, Johannes id: '20063' last_name: Geismann orcid: https://orcid.org/0000-0003-2015-2047 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Geismann J, Bodden E. A systematic literature review of model-driven security engineering for cyber–physical systems. Journal of Systems and Software. 2020;169:110697. doi:https://doi.org/10.1016/j.jss.2020.110697 apa: Geismann, J., & Bodden, E. (2020). A systematic literature review of model-driven security engineering for cyber–physical systems. Journal of Systems and Software, 169, 110697. https://doi.org/10.1016/j.jss.2020.110697 bibtex: '@article{Geismann_Bodden_2020, title={A systematic literature review of model-driven security engineering for cyber–physical systems}, volume={169}, DOI={https://doi.org/10.1016/j.jss.2020.110697}, journal={Journal of Systems and Software}, author={Geismann, Johannes and Bodden, Eric}, year={2020}, pages={110697} }' chicago: 'Geismann, Johannes, and Eric Bodden. “A Systematic Literature Review of Model-Driven Security Engineering for Cyber–Physical Systems.” Journal of Systems and Software 169 (2020): 110697. https://doi.org/10.1016/j.jss.2020.110697.' ieee: 'J. Geismann and E. Bodden, “A systematic literature review of model-driven security engineering for cyber–physical systems,” Journal of Systems and Software, vol. 169, p. 110697, 2020, doi: https://doi.org/10.1016/j.jss.2020.110697.' mla: Geismann, Johannes, and Eric Bodden. “A Systematic Literature Review of Model-Driven Security Engineering for Cyber–Physical Systems.” Journal of Systems and Software, vol. 169, 2020, p. 110697, doi:https://doi.org/10.1016/j.jss.2020.110697. short: J. Geismann, E. Bodden, Journal of Systems and Software 169 (2020) 110697. date_created: 2020-11-26T08:32:56Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: https://doi.org/10.1016/j.jss.2020.110697 intvolume: ' 169' language: - iso: eng page: '110697' publication: Journal of Systems and Software publication_identifier: issn: - 0164-1212 status: public title: A systematic literature review of model-driven security engineering for cyber–physical systems type: journal_article user_id: '5786' volume: 169 year: '2020' ... --- _id: '20508' author: - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Nguyen Quang Do L, Bodden E. Explaining Static Analysis with Rule Graphs. IEEE Transactions on Software Engineering. Published online 2020. apa: Nguyen Quang Do, L., & Bodden, E. (2020). Explaining Static Analysis with Rule Graphs. IEEE Transactions on Software Engineering. bibtex: '@article{Nguyen Quang Do_Bodden_2020, title={Explaining Static Analysis with Rule Graphs}, journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2020} }' chicago: Nguyen Quang Do, Lisa, and Eric Bodden. “Explaining Static Analysis with Rule Graphs.” IEEE Transactions on Software Engineering, 2020. ieee: L. Nguyen Quang Do and E. Bodden, “Explaining Static Analysis with Rule Graphs,” IEEE Transactions on Software Engineering, 2020. mla: Nguyen Quang Do, Lisa, and Eric Bodden. “Explaining Static Analysis with Rule Graphs.” IEEE Transactions on Software Engineering, 2020. short: L. Nguyen Quang Do, E. Bodden, IEEE Transactions on Software Engineering (2020). date_created: 2020-11-26T08:38:33Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/tse20ruleGraphs.pdf publication: IEEE Transactions on Software Engineering status: public title: Explaining Static Analysis with Rule Graphs type: journal_article user_id: '5786' year: '2020' ... --- _id: '20509' author: - first_name: Andreas full_name: Fischer, Andreas last_name: Fischer - first_name: Jonas full_name: Janneck, Jonas last_name: Janneck - first_name: Jörn full_name: Kussmaul, Jörn last_name: Kussmaul - first_name: Nikolas full_name: Krätzschmar, Nikolas last_name: Krätzschmar - first_name: Florian full_name: Kerschbaum, Florian last_name: Kerschbaum - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Fischer A, Janneck J, Kussmaul J, Krätzschmar N, Kerschbaum F, Bodden E. PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage. In: 2020 IEEE Computer Security Foundations Symposium (CSF). ; 2020.' apa: 'Fischer, A., Janneck, J., Kussmaul, J., Krätzschmar, N., Kerschbaum, F., & Bodden, E. (2020). PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage. 2020 IEEE Computer Security Foundations Symposium (CSF).' bibtex: '@inproceedings{Fischer_Janneck_Kussmaul_Krätzschmar_Kerschbaum_Bodden_2020, title={PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage}, booktitle={2020 IEEE Computer Security Foundations Symposium (CSF)}, author={Fischer, Andreas and Janneck, Jonas and Kussmaul, Jörn and Krätzschmar, Nikolas and Kerschbaum, Florian and Bodden, Eric}, year={2020} }' chicago: 'Fischer, Andreas, Jonas Janneck, Jörn Kussmaul, Nikolas Krätzschmar, Florian Kerschbaum, and Eric Bodden. “PASAPTO: Policy-Aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage.” In 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.' ieee: 'A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, and E. Bodden, “PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage,” 2020.' mla: 'Fischer, Andreas, et al. “PASAPTO: Policy-Aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage.” 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.' short: 'A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, E. Bodden, in: 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.' date_created: 2020-11-26T08:40:08Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/fjk+20pasapto.pdf publication: 2020 IEEE Computer Security Foundations Symposium (CSF) status: public title: 'PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage' type: conference user_id: '5786' year: '2020' ... --- _id: '20510' author: - first_name: Manuel full_name: Benz, Manuel last_name: Benz - first_name: Erik full_name: Krogh Kristensen, Erik last_name: Krogh Kristensen - first_name: Linghui full_name: Luo, Linghui last_name: Luo - first_name: Nataniel full_name: P. Borges Jr., Nataniel last_name: P. Borges Jr. - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Andreas full_name: Zeller, Andreas last_name: Zeller citation: ama: 'Benz M, Krogh Kristensen E, Luo L, P. Borges Jr. N, Bodden E, Zeller A. Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis. In: International Conference for Software Engineering (ICSE). ; 2020.' apa: 'Benz, M., Krogh Kristensen, E., Luo, L., P. Borges Jr., N., Bodden, E., & Zeller, A. (2020). Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis. International Conference for Software Engineering (ICSE).' bibtex: '@inproceedings{Benz_Krogh Kristensen_Luo_P. Borges Jr._Bodden_Zeller_2020, title={Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis}, booktitle={International Conference for Software Engineering (ICSE)}, author={Benz, Manuel and Krogh Kristensen, Erik and Luo, Linghui and P. Borges Jr., Nataniel and Bodden, Eric and Zeller, Andreas}, year={2020} }' chicago: 'Benz, Manuel, Erik Krogh Kristensen, Linghui Luo, Nataniel P. Borges Jr., Eric Bodden, and Andreas Zeller. “Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis.” In International Conference for Software Engineering (ICSE), 2020.' ieee: 'M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, and A. Zeller, “Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis,” 2020.' mla: 'Benz, Manuel, et al. “Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis.” International Conference for Software Engineering (ICSE), 2020.' short: 'M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, A. Zeller, in: International Conference for Software Engineering (ICSE), 2020.' date_created: 2020-11-26T08:47:56Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng publication: International Conference for Software Engineering (ICSE) status: public title: 'Heaps''n Leaks: How Heap Snapshots Improve Android Taint Analysis' type: conference user_id: '5786' year: '2020' ... --- _id: '20511' author: - first_name: Andreas full_name: Fischer, Andreas last_name: Fischer - first_name: Benny full_name: Fuhry, Benny last_name: Fuhry - first_name: Florian full_name: Kerschbaum, Florian last_name: Kerschbaum - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data using Dataflow Authentication. In: Privacy Enhancing Technologies Symposium (PETS/PoPETS). ; 2020.' apa: Fischer, A., Fuhry, B., Kerschbaum, F., & Bodden, E. (2020). Computation on Encrypted Data using Dataflow Authentication. Privacy Enhancing Technologies Symposium (PETS/PoPETS). bibtex: '@inproceedings{Fischer_Fuhry_Kerschbaum_Bodden_2020, title={Computation on Encrypted Data using Dataflow Authentication}, booktitle={Privacy Enhancing Technologies Symposium (PETS/PoPETS)}, author={Fischer, Andreas and Fuhry, Benny and Kerschbaum, Florian and Bodden, Eric}, year={2020} }' chicago: Fischer, Andreas, Benny Fuhry, Florian Kerschbaum, and Eric Bodden. “Computation on Encrypted Data Using Dataflow Authentication.” In Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020. ieee: A. Fischer, B. Fuhry, F. Kerschbaum, and E. Bodden, “Computation on Encrypted Data using Dataflow Authentication,” 2020. mla: Fischer, Andreas, et al. “Computation on Encrypted Data Using Dataflow Authentication.” Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020. short: 'A. Fischer, B. Fuhry, F. Kerschbaum, E. Bodden, in: Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020.' date_created: 2020-11-26T08:50:59Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/ffk+20computation.pdf publication: Privacy Enhancing Technologies Symposium (PETS/PoPETS) status: public title: Computation on Encrypted Data using Dataflow Authentication type: conference user_id: '5786' year: '2020' ... --- _id: '20512' author: - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger - first_name: Karim full_name: Ali, Karim last_name: Ali - first_name: Eric full_name: Bodden, Eric last_name: Bodden citation: ama: 'Krüger S, Ali K, Bodden E. CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs. In: International Symposium on Code Generation and Optimization (CGO). ; 2020:185-198.' apa: Krüger, S., Ali, K., & Bodden, E. (2020). CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs. International Symposium on Code Generation and Optimization (CGO), 185–198. bibtex: '@inproceedings{Krüger_Ali_Bodden_2020, title={CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs}, booktitle={International Symposium on Code Generation and Optimization (CGO)}, author={Krüger, Stefan and Ali, Karim and Bodden, Eric}, year={2020}, pages={185–198} }' chicago: Krüger, Stefan, Karim Ali, and Eric Bodden. “CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs.” In International Symposium on Code Generation and Optimization (CGO), 185–98, 2020. ieee: S. Krüger, K. Ali, and E. Bodden, “CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs,” in International Symposium on Code Generation and Optimization (CGO), 2020, pp. 185–198. mla: Krüger, Stefan, et al. “CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs.” International Symposium on Code Generation and Optimization (CGO), 2020, pp. 185–98. short: 'S. Krüger, K. Ali, E. Bodden, in: International Symposium on Code Generation and Optimization (CGO), 2020, pp. 185–198.' date_created: 2020-11-26T08:51:01Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng page: 185-198 publication: International Symposium on Code Generation and Optimization (CGO) related_material: link: - relation: confirmation url: http://www.bodden.de/pubs/krueger20cognicryptgen.pdf status: public title: CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs type: conference user_id: '5786' year: '2020' ... --- _id: '20513' abstract: - lang: ger text: "Frühere Studien haben empirisch offenbart, dass Fehlbenutzungen von kryptographischen APIs in Softwareanwendungen weitverbreitet sind. Dies geschieht vor allem, weil Software-Entwickler_innen aufgrund schlechten API-Designs und fehlenden Kryptographiewissens Probleme bekommen, wenn sie versuchen kryptographische Features zu implementieren. Die Literatur liefert mehrere Ansätze und Vorschläge diese Probleme zu lösen, aber alle scheitern schlussendlich auf die eine oder andere Weise daran die Anforderungen der Entwickler_innenzu erfüllen. Das Resultat ist eine insgesamt lückenhafte Landschaft verschiedener nur wenigkomplementärer Ansätze.In dieser Arbeit adressieren wir das Problem kryptographischer Fehlbenutzungen systematischer durch CogniCrypt. CogniCrypt integriert verschiedene Arten von Tool Supportin einen gemeinsamen Ansatz, der Entwickler_innen davon befreit wissen zu müssen, wie diese APIs benutzt werden müssen. Zentral für unseren Ansatz ist CrySL, eine Beschreibungssprache,die die kognitive Lücke zwischen Kryptographie-Expert_innen und Software-Entwickler_innenüberbrückt. CrySL ermöglicht es Kryptographie-Expert_innen zu spezifizeren, wie die APIs,die sie bereitstellen, richtig benutzt werden. Wir haben einen Compiler für CrySL implementiert, der es erlaubt auf CrySL-Spezifikationen aufbauenden Tool Support zu entwickeln. Wir haben weiterhin die statische Analyse CogniCrypt_SAST und den Code-Generator CogniCrypt_GEN entwickelt. Schlussendlich haben wir CogniCrypt prototypisch implementiert und diesen Prototyp in einem kontrollierten Experiment evaluiert.\r\n" author: - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger citation: ama: Krüger S. CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn; 2020. apa: Krüger, S. (2020). CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn. bibtex: '@book{Krüger_2020, title={CogniCrypt -- The Secure Integration of Cryptographic Software}, publisher={Universitaetsbibliothek Paderborn}, author={Krüger, Stefan}, year={2020} }' chicago: Krüger, Stefan. CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn, 2020. ieee: S. Krüger, CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn, 2020. mla: Krüger, Stefan. CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn, 2020. short: S. Krüger, CogniCrypt -- The Secure Integration of Cryptographic Software, Universitaetsbibliothek Paderborn, 2020. date_created: 2020-11-26T09:02:19Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: https://digital.ub.uni-paderborn.de/hs/document/preview/3500836 publisher: Universitaetsbibliothek Paderborn status: public supervisor: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 title: CogniCrypt -- The Secure Integration of Cryptographic Software type: dissertation user_id: '5786' year: '2020' ... --- _id: '20518' author: - first_name: Thorsten full_name: Koch, Thorsten id: '13616' last_name: Koch - first_name: Stefan full_name: Dziwok, Stefan id: '3901' last_name: Dziwok orcid: http://orcid.org/0000-0002-8679-6673 - first_name: Jörg full_name: Holtmann, Jörg id: '3875' last_name: Holtmann orcid: 0000-0001-6141-4571 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Koch T, Dziwok S, Holtmann J, Bodden E. Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers. In: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM; 2020. doi:10.1145/3365438.3410946' apa: Koch, T., Dziwok, S., Holtmann, J., & Bodden, E. (2020). Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers. ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). https://doi.org/10.1145/3365438.3410946 bibtex: '@inproceedings{Koch_Dziwok_Holtmann_Bodden_2020, title={Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers}, DOI={10.1145/3365438.3410946}, booktitle={ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20)}, publisher={ACM}, author={Koch, Thorsten and Dziwok, Stefan and Holtmann, Jörg and Bodden, Eric}, year={2020} }' chicago: Koch, Thorsten, Stefan Dziwok, Jörg Holtmann, and Eric Bodden. “Scenario-Based Specification of Security Protocols and Transformation to Security Model Checkers.” In ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM, 2020. https://doi.org/10.1145/3365438.3410946. ieee: 'T. Koch, S. Dziwok, J. Holtmann, and E. Bodden, “Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers,” 2020, doi: 10.1145/3365438.3410946.' mla: Koch, Thorsten, et al. “Scenario-Based Specification of Security Protocols and Transformation to Security Model Checkers.” ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20), ACM, 2020, doi:10.1145/3365438.3410946. short: 'T. Koch, S. Dziwok, J. Holtmann, E. Bodden, in: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20), ACM, 2020.' date_created: 2020-11-26T10:19:54Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' - _id: '241' - _id: '662' doi: 10.1145/3365438.3410946 language: - iso: eng publication: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20) publisher: ACM status: public title: Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers type: conference user_id: '5786' year: '2020' ... --- _id: '20521' author: - first_name: Christopher full_name: Gerking, Christopher last_name: Gerking citation: ama: Gerking C. Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University; 2020. doi:10.17619/UNIPB/1-1033 apa: Gerking, C. (2020). Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University. https://doi.org/10.17619/UNIPB/1-1033 bibtex: '@book{Gerking_2020, title={Model-Driven Information Flow Security Engineering for Cyber-Physical Systems}, DOI={10.17619/UNIPB/1-1033}, publisher={Paderborn University}, author={Gerking, Christopher}, year={2020} }' chicago: Gerking, Christopher. Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University, 2020. https://doi.org/10.17619/UNIPB/1-1033. ieee: C. Gerking, Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University, 2020. mla: Gerking, Christopher. Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University, 2020, doi:10.17619/UNIPB/1-1033. short: C. Gerking, Model-Driven Information Flow Security Engineering for Cyber-Physical Systems, Paderborn University, 2020. date_created: 2020-11-26T10:37:17Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.17619/UNIPB/1-1033 language: - iso: eng publisher: Paderborn University status: public supervisor: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 title: Model-Driven Information Flow Security Engineering for Cyber-Physical Systems type: dissertation user_id: '5786' year: '2020' ... --- _id: '20712' author: - first_name: Philipp full_name: Schubert, Philipp id: '60543' last_name: Schubert orcid: 0000-0002-8674-1859 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 citation: ama: Schubert P, Bodden E, Hermann B. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries.; 2020. apa: Schubert, P., Bodden, E., & Hermann, B. (2020). Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries. bibtex: '@book{Schubert_Bodden_Hermann_2020, title={Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries}, author={Schubert, Philipp and Bodden, Eric and Hermann, Ben}, year={2020} }' chicago: Schubert, Philipp, Eric Bodden, and Ben Hermann. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries, 2020. ieee: P. Schubert, E. Bodden, and B. Hermann, Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries. 2020. mla: Schubert, Philipp, et al. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries. 2020. short: P. Schubert, E. Bodden, B. Hermann, Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries, 2020. date_created: 2020-12-14T07:44:11Z date_updated: 2022-01-06T06:54:34Z ddc: - '000' department: - _id: '76' file: - access_level: closed content_type: application/pdf creator: pdschbrt date_created: 2020-12-14T07:39:07Z date_updated: 2020-12-14T07:39:07Z file_id: '20713' file_name: main.pdf file_size: 683576 relation: main_file success: 1 file_date_updated: 2020-12-14T07:39:07Z has_accepted_license: '1' language: - iso: eng project: - _id: '1' name: SFB 901 - _id: '3' name: SFB 901 - Project Area B - _id: '12' name: SFB 901 - Subproject B4 status: public title: Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries type: report user_id: '477' year: '2020' ... --- _id: '20891' abstract: - lang: eng text: "Today, software systems are rarely developed monolithically, but may be composed of numerous individually developed features. Their modularization facilitates independent development and verification. While feature-based strategies to verify features in isolation have existed for years, they cannot address interactions between features. The problem with feature interactions is that they are typically unknown and may involve any subset of the features. Contrary, a family-based verification strategy captures feature interactions, but does not scale well when features evolve frequently. To the best of our knowledge, there currently exists no approach with focus on evolving features that combines both strategies and aims at eliminating their respective drawbacks. To fill this gap, we introduce Fefalution, a feature-family-based verification approach based on abstract contracts to verify evolving features and their interactions. Fefalution builds partial proofs for each evolving feature and then reuses the resulting partial proofs in verifying feature interactions, yielding a full verification of the complete software system. Moreover, to investigate whether a combination of both strategies is fruitful, we present the first empirical study for the verification of evolving features implemented by means of feature-oriented programming and by comparing Fefalution with another five family-based approaches varying in a set of optimizations. Our results indicate that partial proofs based on abstract contracts exhibit huge reuse potential, but also come with a substantial overhead for smaller evolution scenarios.\r\n" author: - first_name: Alexander full_name: Knüppel, Alexander last_name: Knüppel - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger - first_name: Thomas full_name: Thüm, Thomas last_name: Thüm - first_name: Richard full_name: Bubel, Richard last_name: Bubel - first_name: Sebastian full_name: Krieter, Sebastian last_name: Krieter - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Ina full_name: Schaefer, Ina last_name: Schaefer citation: ama: 'Knüppel A, Krüger S, Thüm T, et al. Using Abstract Contracts for Verifying Evolving Features and Their Interactions. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-64354-6_5' apa: Knüppel, A., Krüger, S., Thüm, T., Bubel, R., Krieter, S., Bodden, E., & Schaefer, I. (2020). Using Abstract Contracts for Verifying Evolving Features and Their Interactions. In Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-030-64354-6_5 bibtex: '@inbook{Knüppel_Krüger_Thüm_Bubel_Krieter_Bodden_Schaefer_2020, place={Cham}, title={Using Abstract Contracts for Verifying Evolving Features and Their Interactions}, DOI={10.1007/978-3-030-64354-6_5}, booktitle={Lecture Notes in Computer Science}, author={Knüppel, Alexander and Krüger, Stefan and Thüm, Thomas and Bubel, Richard and Krieter, Sebastian and Bodden, Eric and Schaefer, Ina}, year={2020} }' chicago: Knüppel, Alexander, Stefan Krüger, Thomas Thüm, Richard Bubel, Sebastian Krieter, Eric Bodden, and Ina Schaefer. “Using Abstract Contracts for Verifying Evolving Features and Their Interactions.” In Lecture Notes in Computer Science. Cham, 2020. https://doi.org/10.1007/978-3-030-64354-6_5. ieee: A. Knüppel et al., “Using Abstract Contracts for Verifying Evolving Features and Their Interactions,” in Lecture Notes in Computer Science, Cham, 2020. mla: Knüppel, Alexander, et al. “Using Abstract Contracts for Verifying Evolving Features and Their Interactions.” Lecture Notes in Computer Science, 2020, doi:10.1007/978-3-030-64354-6_5. short: 'A. Knüppel, S. Krüger, T. Thüm, R. Bubel, S. Krieter, E. Bodden, I. Schaefer, in: Lecture Notes in Computer Science, Cham, 2020.' date_created: 2021-01-11T09:15:41Z date_updated: 2022-01-06T06:54:41Z department: - _id: '76' doi: 10.1007/978-3-030-64354-6_5 language: - iso: eng place: Cham publication: Lecture Notes in Computer Science publication_identifier: isbn: - '9783030643539' - '9783030643546' issn: - 0302-9743 - 1611-3349 publication_status: published status: public title: Using Abstract Contracts for Verifying Evolving Features and Their Interactions type: book_chapter user_id: '5786' year: '2020' ... --- _id: '23376' author: - first_name: Goran full_name: Piskachev, Goran last_name: Piskachev - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Oshando full_name: Johnson, Oshando last_name: Johnson - first_name: Eric full_name: Bodden, Eric last_name: Bodden citation: ama: 'Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. In: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). ; 2020. doi:10.1109/ase.2019.00110' apa: 'Piskachev, G., Nguyen Quang Do, L., Johnson, O., & Bodden, E. (2020). SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). https://doi.org/10.1109/ase.2019.00110' bibtex: '@inproceedings{Piskachev_Nguyen Quang Do_Johnson_Bodden_2020, title={SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods}, DOI={10.1109/ase.2019.00110}, booktitle={2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Johnson, Oshando and Bodden, Eric}, year={2020} }' chicago: 'Piskachev, Goran, Lisa Nguyen Quang Do, Oshando Johnson, and Eric Bodden. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.” In 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2020. https://doi.org/10.1109/ase.2019.00110.' ieee: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, and E. Bodden, “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods,” 2020, doi: 10.1109/ase.2019.00110.' mla: 'Piskachev, Goran, et al. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.” 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2020, doi:10.1109/ase.2019.00110.' short: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2020.' date_created: 2021-08-09T12:03:30Z date_updated: 2022-01-06T06:55:50Z department: - _id: '241' - _id: '662' - _id: '76' doi: 10.1109/ase.2019.00110 language: - iso: eng publication: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE) publication_status: published status: public title: 'SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods' type: conference user_id: '5786' year: '2020' ... --- _id: '23377' author: - first_name: Goran full_name: Piskachev, Goran last_name: Piskachev - first_name: Tobias full_name: Petrasch, Tobias last_name: Petrasch - first_name: Johannes full_name: Späth, Johannes last_name: Späth - first_name: Eric full_name: Bodden, Eric last_name: Bodden citation: ama: 'Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-State Analysis for Access-Control Vulnerabilities. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-54997-8_34' apa: 'Piskachev, G., Petrasch, T., Späth, J., & Bodden, E. (2020). AuthCheck: Program-State Analysis for Access-Control Vulnerabilities. In Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-030-54997-8_34' bibtex: '@inbook{Piskachev_Petrasch_Späth_Bodden_2020, place={Cham}, title={AuthCheck: Program-State Analysis for Access-Control Vulnerabilities}, DOI={10.1007/978-3-030-54997-8_34}, booktitle={Lecture Notes in Computer Science}, author={Piskachev, Goran and Petrasch, Tobias and Späth, Johannes and Bodden, Eric}, year={2020} }' chicago: 'Piskachev, Goran, Tobias Petrasch, Johannes Späth, and Eric Bodden. “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities.” In Lecture Notes in Computer Science. Cham, 2020. https://doi.org/10.1007/978-3-030-54997-8_34.' ieee: 'G. Piskachev, T. Petrasch, J. Späth, and E. Bodden, “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities,” in Lecture Notes in Computer Science, Cham, 2020.' mla: 'Piskachev, Goran, et al. “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities.” Lecture Notes in Computer Science, 2020, doi:10.1007/978-3-030-54997-8_34.' short: 'G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: Lecture Notes in Computer Science, Cham, 2020.' date_created: 2021-08-09T12:05:09Z date_updated: 2022-01-06T06:55:50Z department: - _id: '241' - _id: '662' - _id: '76' doi: 10.1007/978-3-030-54997-8_34 language: - iso: eng place: Cham publication: Lecture Notes in Computer Science publication_identifier: issn: - 0302-9743 - 1611-3349 publication_status: published status: public title: 'AuthCheck: Program-State Analysis for Access-Control Vulnerabilities' type: book_chapter user_id: '5786' year: '2020' ... --- _id: '20522' author: - first_name: Philipp full_name: Holzinger, Philipp last_name: Holzinger citation: ama: Holzinger P. A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn; 2019. apa: Holzinger, P. (2019). A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn. bibtex: '@book{Holzinger_2019, title={A Systematic Analysis and Hardening of the Java Security Architecture}, publisher={Universität Paderborn}, author={Holzinger, Philipp}, year={2019} }' chicago: Holzinger, Philipp. A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn, 2019. ieee: P. Holzinger, A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn, 2019. mla: Holzinger, Philipp. A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn, 2019. short: P. Holzinger, A Systematic Analysis and Hardening of the Java Security Architecture, Universität Paderborn, 2019. date_created: 2020-11-26T10:44:52Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/phdHolzinger.pdf publisher: Universität Paderborn status: public supervisor: - first_name: Eric full_name: Bodden, Eric last_name: Bodden title: A Systematic Analysis and Hardening of the Java Security Architecture type: dissertation user_id: '5786' year: '2019' ... --- _id: '20524' author: - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do citation: ama: Nguyen Quang Do L. User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn; 2019. apa: Nguyen Quang Do, L. (2019). User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn. bibtex: '@book{Nguyen Quang Do_2019, title={User-Centered Tool Design for Data-Flow Analysis}, publisher={Universität Paderborn}, author={Nguyen Quang Do, Lisa}, year={2019} }' chicago: Nguyen Quang Do, Lisa. User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn, 2019. ieee: L. Nguyen Quang Do, User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn, 2019. mla: Nguyen Quang Do, Lisa. User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn, 2019. short: L. Nguyen Quang Do, User-Centered Tool Design for Data-Flow Analysis, Universität Paderborn, 2019. date_created: 2020-11-26T10:47:51Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng publisher: Universität Paderborn status: public supervisor: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 title: User-Centered Tool Design for Data-Flow Analysis type: dissertation user_id: '5786' year: '2019' ... --- _id: '20525' author: - first_name: Lars full_name: Stockmann, Lars id: '48144' last_name: Stockmann - first_name: Sven full_name: Laux, Sven last_name: Laux - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Stockmann L, Laux S, Bodden E. Architectural Runtime Verification. In: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C). ; 2019:77-84. doi:10.1109/ICSA-C.2019.00021' apa: Stockmann, L., Laux, S., & Bodden, E. (2019). Architectural Runtime Verification. 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 77–84. https://doi.org/10.1109/ICSA-C.2019.00021 bibtex: '@inproceedings{Stockmann_Laux_Bodden_2019, title={Architectural Runtime Verification}, DOI={10.1109/ICSA-C.2019.00021}, booktitle={2019 IEEE International Conference on Software Architecture Companion (ICSA-C)}, author={Stockmann, Lars and Laux, Sven and Bodden, Eric}, year={2019}, pages={77–84} }' chicago: Stockmann, Lars, Sven Laux, and Eric Bodden. “Architectural Runtime Verification.” In 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 77–84, 2019. https://doi.org/10.1109/ICSA-C.2019.00021. ieee: 'L. Stockmann, S. Laux, and E. Bodden, “Architectural Runtime Verification,” in 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 2019, pp. 77–84, doi: 10.1109/ICSA-C.2019.00021.' mla: Stockmann, Lars, et al. “Architectural Runtime Verification.” 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 2019, pp. 77–84, doi:10.1109/ICSA-C.2019.00021. short: 'L. Stockmann, S. Laux, E. Bodden, in: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 2019, pp. 77–84.' date_created: 2020-11-27T10:16:59Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1109/ICSA-C.2019.00021 language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/stockmann19architectural.pdf page: 77-84 publication: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C) status: public title: Architectural Runtime Verification type: conference user_id: '5786' year: '2019' ... --- _id: '20527' author: - first_name: Mohammadreza full_name: Hazhirpasand, Mohammadreza last_name: Hazhirpasand - first_name: Mohammad full_name: Ghafari, Mohammad last_name: Ghafari - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Oskar full_name: Nierstrasz, Oskar last_name: Nierstrasz citation: ama: 'Hazhirpasand M, Ghafari M, Krüger S, Bodden E, Nierstrasz O. The Impact of Developer Experience in Using Java Cryptography. In: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). ; 2019:1-6. doi:10.1109/ESEM.2019.8870184' apa: Hazhirpasand, M., Ghafari, M., Krüger, S., Bodden, E., & Nierstrasz, O. (2019). The Impact of Developer Experience in Using Java Cryptography. 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 1–6. https://doi.org/10.1109/ESEM.2019.8870184 bibtex: '@inproceedings{Hazhirpasand_Ghafari_Krüger_Bodden_Nierstrasz_2019, title={The Impact of Developer Experience in Using Java Cryptography}, DOI={10.1109/ESEM.2019.8870184}, booktitle={2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)}, author={Hazhirpasand, Mohammadreza and Ghafari, Mohammad and Krüger, Stefan and Bodden, Eric and Nierstrasz, Oskar}, year={2019}, pages={1–6} }' chicago: Hazhirpasand, Mohammadreza, Mohammad Ghafari, Stefan Krüger, Eric Bodden, and Oskar Nierstrasz. “The Impact of Developer Experience in Using Java Cryptography.” In 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 1–6, 2019. https://doi.org/10.1109/ESEM.2019.8870184. ieee: 'M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, and O. Nierstrasz, “The Impact of Developer Experience in Using Java Cryptography,” in 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019, pp. 1–6, doi: 10.1109/ESEM.2019.8870184.' mla: Hazhirpasand, Mohammadreza, et al. “The Impact of Developer Experience in Using Java Cryptography.” 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019, pp. 1–6, doi:10.1109/ESEM.2019.8870184. short: 'M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, O. Nierstrasz, in: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019, pp. 1–6.' date_created: 2020-11-27T10:20:37Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1109/ESEM.2019.8870184 language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/hazhirpasand19impact.pdf page: 1-6 publication: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM) publication_identifier: issn: - 1949-3770 status: public title: The Impact of Developer Experience in Using Java Cryptography type: conference user_id: '5786' year: '2019' ... --- _id: '20528' author: - first_name: Goran full_name: Piskachev, Goran last_name: Piskachev - first_name: Tobias full_name: Petrasch, Tobias last_name: Petrasch - first_name: Johannes full_name: Späth, Johannes last_name: Späth - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-state Analysis for Access-control Vulnerabilities. In: 10th Workshop on Tools for Automatic Program Analysis (TAPAS). ; 2019.' apa: 'Piskachev, G., Petrasch, T., Späth, J., & Bodden, E. (2019). AuthCheck: Program-state Analysis for Access-control Vulnerabilities. 10th Workshop on Tools for Automatic Program Analysis (TAPAS).' bibtex: '@inproceedings{Piskachev_Petrasch_Späth_Bodden_2019, title={AuthCheck: Program-state Analysis for Access-control Vulnerabilities}, booktitle={10th Workshop on Tools for Automatic Program Analysis (TAPAS)}, author={Piskachev, Goran and Petrasch, Tobias and Späth, Johannes and Bodden, Eric}, year={2019} }' chicago: 'Piskachev, Goran, Tobias Petrasch, Johannes Späth, and Eric Bodden. “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities.” In 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.' ieee: 'G. Piskachev, T. Petrasch, J. Späth, and E. Bodden, “AuthCheck: Program-state Analysis for Access-control Vulnerabilities,” 2019.' mla: 'Piskachev, Goran, et al. “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities.” 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.' short: 'G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.' date_created: 2020-11-27T10:21:19Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' - _id: '241' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/piskachev19authcheck.pdf publication: 10th Workshop on Tools for Automatic Program Analysis (TAPAS) status: public title: 'AuthCheck: Program-state Analysis for Access-control Vulnerabilities' type: conference user_id: '5786' year: '2019' ... --- _id: '20529' author: - first_name: Marcus full_name: Nachtigall, Marcus id: '41213' last_name: Nachtigall - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Nachtigall M, Nguyen Quang Do L, Bodden E. Explaining Static Analysis -- A Perspective. In: 1st International Workshop on Explainable Software (EXPLAIN) at ASE. ; 2019.' apa: Nachtigall, M., Nguyen Quang Do, L., & Bodden, E. (2019). Explaining Static Analysis -- A Perspective. 1st International Workshop on Explainable Software (EXPLAIN) at ASE. bibtex: '@inproceedings{Nachtigall_Nguyen Quang Do_Bodden_2019, title={Explaining Static Analysis -- A Perspective}, booktitle={1st International Workshop on Explainable Software (EXPLAIN) at ASE}, author={Nachtigall, Marcus and Nguyen Quang Do, Lisa and Bodden, Eric}, year={2019} }' chicago: Nachtigall, Marcus, Lisa Nguyen Quang Do, and Eric Bodden. “Explaining Static Analysis -- A Perspective.” In 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019. ieee: M. Nachtigall, L. Nguyen Quang Do, and E. Bodden, “Explaining Static Analysis -- A Perspective,” 2019. mla: Nachtigall, Marcus, et al. “Explaining Static Analysis -- A Perspective.” 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019. short: 'M. Nachtigall, L. Nguyen Quang Do, E. Bodden, in: 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019.' date_created: 2020-11-27T10:22:38Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/nachtigall19explaining.pdf publication: 1st International Workshop on Explainable Software (EXPLAIN) at ASE status: public title: Explaining Static Analysis -- A Perspective type: conference user_id: '5786' year: '2019' ... --- _id: '20531' author: - first_name: Linghui full_name: Luo, Linghui last_name: Luo - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Johannes full_name: Späth, Johannes last_name: Späth citation: ama: 'Luo L, Bodden E, Späth J. A Qualitative Analysis of Android Taint-Analysis Results. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019). ; 2019.' apa: Luo, L., Bodden, E., & Späth, J. (2019). A Qualitative Analysis of Android Taint-Analysis Results. IEEE/ACM International Conference on Automated Software Engineering (ASE 2019). bibtex: '@inproceedings{Luo_Bodden_Späth_2019, title={A Qualitative Analysis of Android Taint-Analysis Results}, booktitle={IEEE/ACM International Conference on Automated Software Engineering (ASE 2019)}, author={Luo, Linghui and Bodden, Eric and Späth, Johannes}, year={2019} }' chicago: Luo, Linghui, Eric Bodden, and Johannes Späth. “A Qualitative Analysis of Android Taint-Analysis Results.” In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019. ieee: L. Luo, E. Bodden, and J. Späth, “A Qualitative Analysis of Android Taint-Analysis Results,” 2019. mla: Luo, Linghui, et al. “A Qualitative Analysis of Android Taint-Analysis Results.” IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019. short: 'L. Luo, E. Bodden, J. Späth, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019.' date_created: 2020-11-27T10:25:40Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/ase19qualitative.pdf publication: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019) status: public title: A Qualitative Analysis of Android Taint-Analysis Results type: conference user_id: '5786' year: '2019' ... --- _id: '20532' author: - first_name: Goran full_name: Piskachev, Goran last_name: Piskachev - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Oshando full_name: Johnson, Oshando last_name: Johnson - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track. ; 2019.' apa: 'Piskachev, G., Nguyen Quang Do, L., Johnson, O., & Bodden, E. (2019). SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track.' bibtex: '@inproceedings{Piskachev_Nguyen Quang Do_Johnson_Bodden_2019, title={SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods}, booktitle={IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Johnson, Oshando and Bodden, Eric}, year={2019} }' chicago: 'Piskachev, Goran, Lisa Nguyen Quang Do, Oshando Johnson, and Eric Bodden. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.” In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.' ieee: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, and E. Bodden, “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods,” 2019.' mla: 'Piskachev, Goran, et al. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.” IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.' short: 'G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.' date_created: 2020-11-27T10:37:17Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/ase19swanAssist.pdf publication: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track status: public title: 'SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods' type: conference user_id: '5786' year: '2019' ... --- _id: '20533' author: - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger - first_name: Johannes full_name: Späth, Johannes last_name: Späth - first_name: Karim full_name: Ali, Karim last_name: Ali - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Mira full_name: Mezini, Mira last_name: Mezini citation: ama: 'Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on Software Engineering. Published online 2019:1-1. doi:10.1109/TSE.2019.2948910' apa: 'Krüger, S., Späth, J., Ali, K., Bodden, E., & Mezini, M. (2019). CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on Software Engineering, 1–1. https://doi.org/10.1109/TSE.2019.2948910' bibtex: '@article{Krüger_Späth_Ali_Bodden_Mezini_2019, title={CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}, DOI={10.1109/TSE.2019.2948910}, journal={IEEE Transactions on Software Engineering}, author={Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2019}, pages={1–1} }' chicago: 'Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs.” IEEE Transactions on Software Engineering, 2019, 1–1. https://doi.org/10.1109/TSE.2019.2948910.' ieee: 'S. Krüger, J. Späth, K. Ali, E. Bodden, and M. Mezini, “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs,” IEEE Transactions on Software Engineering, pp. 1–1, 2019, doi: 10.1109/TSE.2019.2948910.' mla: 'Krüger, Stefan, et al. “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs.” IEEE Transactions on Software Engineering, 2019, pp. 1–1, doi:10.1109/TSE.2019.2948910.' short: S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, IEEE Transactions on Software Engineering (2019) 1–1. date_created: 2020-11-27T10:48:38Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1109/TSE.2019.2948910 keyword: - Java - Encryption - Static analysis - Tools - Ciphers - Semantics - cryptography - domain-specific language - static analysis language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/tse19CrySL.pdf page: 1-1 publication: IEEE Transactions on Software Engineering publication_identifier: issn: - 2326-3881 status: public title: 'CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs' type: journal_article user_id: '5786' year: '2019' ... --- _id: '20534' author: - first_name: Goran full_name: Piskachev, Goran last_name: Piskachev - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Piskachev G, Nguyen Quang Do L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods. In: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA). ; 2019.' apa: Piskachev, G., Nguyen Quang Do, L., & Bodden, E. (2019). Codebase-Adaptive Detection of Security-Relevant Methods. ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA). bibtex: '@inproceedings{Piskachev_Nguyen Quang Do_Bodden_2019, title={Codebase-Adaptive Detection of Security-Relevant Methods}, booktitle={ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA)}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Bodden, Eric}, year={2019} }' chicago: Piskachev, Goran, Lisa Nguyen Quang Do, and Eric Bodden. “Codebase-Adaptive Detection of Security-Relevant Methods.” In ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019. ieee: G. Piskachev, L. Nguyen Quang Do, and E. Bodden, “Codebase-Adaptive Detection of Security-Relevant Methods,” 2019. mla: Piskachev, Goran, et al. “Codebase-Adaptive Detection of Security-Relevant Methods.” ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019. short: 'G. Piskachev, L. Nguyen Quang Do, E. Bodden, in: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019.' date_created: 2020-11-27T10:49:33Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/issta19swan.pdf publication: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA) status: public title: Codebase-Adaptive Detection of Security-Relevant Methods type: conference user_id: '5786' year: '2019' ... --- _id: '20535' author: - first_name: Linghui full_name: Luo, Linghui last_name: Luo - first_name: Julian full_name: Dolby, Julian last_name: Dolby - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Luo L, Dolby J, Bodden E. MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors. In: European Conference on Object-Oriented Programming (ECOOP). ; 2019.' apa: 'Luo, L., Dolby, J., & Bodden, E. (2019). MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors. European Conference on Object-Oriented Programming (ECOOP).' bibtex: '@inproceedings{Luo_Dolby_Bodden_2019, title={MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Luo, Linghui and Dolby, Julian and Bodden, Eric}, year={2019} }' chicago: 'Luo, Linghui, Julian Dolby, and Eric Bodden. “MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors.” In European Conference on Object-Oriented Programming (ECOOP), 2019.' ieee: 'L. Luo, J. Dolby, and E. Bodden, “MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors,” 2019.' mla: 'Luo, Linghui, et al. “MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors.” European Conference on Object-Oriented Programming (ECOOP), 2019.' short: 'L. Luo, J. Dolby, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2019.' date_created: 2020-11-27T10:50:07Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/ldb19magpiebridge.pdf publication: European Conference on Object-Oriented Programming (ECOOP) status: public title: 'MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors' type: conference user_id: '5786' year: '2019' ... --- _id: '20536' author: - first_name: Johannes full_name: Späth, Johannes last_name: Späth citation: ama: Späth J. Synchronized Pushdown Systems for Pointer and Data-Flow Analysis. Universität Paderborn; 2019. apa: Späth, J. (2019). Synchronized Pushdown Systems for Pointer and Data-Flow Analysis. Universität Paderborn. bibtex: '@book{Späth_2019, title={Synchronized Pushdown Systems for Pointer and Data-Flow Analysis}, publisher={Universität Paderborn}, author={Späth, Johannes}, year={2019} }' chicago: Späth, Johannes. Synchronized Pushdown Systems for Pointer and Data-Flow Analysis. Universität Paderborn, 2019. ieee: J. Späth, Synchronized Pushdown Systems for Pointer and Data-Flow Analysis. Universität Paderborn, 2019. mla: Späth, Johannes. Synchronized Pushdown Systems for Pointer and Data-Flow Analysis. Universität Paderborn, 2019. short: J. Späth, Synchronized Pushdown Systems for Pointer and Data-Flow Analysis, Universität Paderborn, 2019. date_created: 2020-11-27T10:50:55Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/phdSpaeth.pdf publisher: Universität Paderborn status: public supervisor: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 title: Synchronized Pushdown Systems for Pointer and Data-Flow Analysis type: dissertation user_id: '5786' year: '2019' ... --- _id: '20537' author: - first_name: Goran full_name: Piskachev, Goran last_name: Piskachev - first_name: Lisa full_name: Nguyen, Lisa last_name: Nguyen - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Piskachev G, Nguyen L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods.; 2019. apa: Piskachev, G., Nguyen, L., & Bodden, E. (2019). Codebase-Adaptive Detection of Security-Relevant Methods. bibtex: '@book{Piskachev_Nguyen_Bodden_2019, title={Codebase-Adaptive Detection of Security-Relevant Methods}, author={Piskachev, Goran and Nguyen, Lisa and Bodden, Eric}, year={2019} }' chicago: Piskachev, Goran, Lisa Nguyen, and Eric Bodden. Codebase-Adaptive Detection of Security-Relevant Methods, 2019. ieee: G. Piskachev, L. Nguyen, and E. Bodden, Codebase-Adaptive Detection of Security-Relevant Methods. 2019. mla: Piskachev, Goran, et al. Codebase-Adaptive Detection of Security-Relevant Methods. 2019. short: G. Piskachev, L. Nguyen, E. Bodden, Codebase-Adaptive Detection of Security-Relevant Methods, 2019. date_created: 2020-11-27T10:51:53Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng status: public title: Codebase-Adaptive Detection of Security-Relevant Methods type: report user_id: '5786' year: '2019' ... --- _id: '20538' author: - first_name: Sigmund full_name: Albert Gorski Iii, Sigmund last_name: Albert Gorski Iii - first_name: Benjamin full_name: Andow, Benjamin last_name: Andow - first_name: Adwait full_name: Nadkarni, Adwait last_name: Nadkarni - first_name: Sunil full_name: Manandhar, Sunil last_name: Manandhar - first_name: William full_name: Enck, William last_name: Enck - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Alexandre full_name: Bartel, Alexandre last_name: Bartel citation: ama: 'Albert Gorski Iii S, Andow B, Nadkarni A, et al. ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware. In: ACM Conference on Data and Application Security and Privacy (CODASPY 2019). ; 2019.' apa: 'Albert Gorski Iii, S., Andow, B., Nadkarni, A., Manandhar, S., Enck, W., Bodden, E., & Bartel, A. (2019). ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware. ACM Conference on Data and Application Security and Privacy (CODASPY 2019).' bibtex: '@inproceedings{Albert Gorski Iii_Andow_Nadkarni_Manandhar_Enck_Bodden_Bartel_2019, title={ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware}, booktitle={ACM Conference on Data and Application Security and Privacy (CODASPY 2019)}, author={Albert Gorski Iii, Sigmund and Andow, Benjamin and Nadkarni, Adwait and Manandhar, Sunil and Enck, William and Bodden, Eric and Bartel, Alexandre}, year={2019} }' chicago: 'Albert Gorski Iii, Sigmund, Benjamin Andow, Adwait Nadkarni, Sunil Manandhar, William Enck, Eric Bodden, and Alexandre Bartel. “ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware.” In ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.' ieee: 'S. Albert Gorski Iii et al., “ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware,” 2019.' mla: 'Albert Gorski Iii, Sigmund, et al. “ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware.” ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.' short: 'S. Albert Gorski Iii, B. Andow, A. Nadkarni, S. Manandhar, W. Enck, E. Bodden, A. Bartel, in: ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.' date_created: 2020-11-27T10:52:59Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' keyword: - ITSECWEBSITE - CROSSING language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/gan19acminer.pdf publication: ACM Conference on Data and Application Security and Privacy (CODASPY 2019) status: public title: 'ACMiner: Extraction and Analysis of Authorization Checks in Android''s Middleware' type: conference user_id: '5786' year: '2019' ... --- _id: '20539' author: - first_name: Johannes full_name: Späth, Johannes last_name: Späth - first_name: Karim full_name: Ali, Karim last_name: Ali - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Späth J, Ali K, Bodden E. Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems. Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages. 2019;3(POPL):48:1-48:29. doi:10.1145/3290361 apa: Späth, J., Ali, K., & Bodden, E. (2019). Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems. Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages, 3(POPL), 48:1-48:29. https://doi.org/10.1145/3290361 bibtex: '@article{Späth_Ali_Bodden_2019, title={Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems}, volume={3}, DOI={10.1145/3290361}, number={POPL}, journal={Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages}, publisher={ACM}, author={Späth, Johannes and Ali, Karim and Bodden, Eric}, year={2019}, pages={48:1-48:29} }' chicago: 'Späth, Johannes, Karim Ali, and Eric Bodden. “Context-, Flow-, and Field-Sensitive Data-Flow Analysis Using Synchronized Pushdown Systems.” Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages 3, no. POPL (2019): 48:1-48:29. https://doi.org/10.1145/3290361.' ieee: 'J. Späth, K. Ali, and E. Bodden, “Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems,” Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages, vol. 3, no. POPL, p. 48:1-48:29, 2019, doi: 10.1145/3290361.' mla: Späth, Johannes, et al. “Context-, Flow-, and Field-Sensitive Data-Flow Analysis Using Synchronized Pushdown Systems.” Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages, vol. 3, no. POPL, ACM, 2019, p. 48:1-48:29, doi:10.1145/3290361. short: J. Späth, K. Ali, E. Bodden, Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages 3 (2019) 48:1-48:29. date_created: 2020-11-27T10:53:57Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1145/3290361 intvolume: ' 3' issue: POPL keyword: - ATTRACT - ITSECWEBSITE - CROSSING language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/sab19context.pdf page: 48:1-48:29 publication: Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages publication_identifier: issn: - 2475-1421 publisher: ACM status: public title: Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems type: journal_article user_id: '5786' volume: 3 year: '2019' ... --- _id: '20759' author: - first_name: Christopher full_name: Gerking, Christopher last_name: Gerking - first_name: David full_name: Schubert, David id: '9106' last_name: Schubert citation: ama: 'Gerking C, Schubert D. Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures. In: International Conference on Software Architecture (ICSA 2019). ; 2019.' apa: Gerking, C., & Schubert, D. (2019). Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures. International Conference on Software Architecture (ICSA 2019). bibtex: '@inproceedings{Gerking_Schubert_2019, title={Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures}, booktitle={International Conference on Software Architecture (ICSA 2019)}, author={Gerking, Christopher and Schubert, David}, year={2019} }' chicago: Gerking, Christopher, and David Schubert. “Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures.” In International Conference on Software Architecture (ICSA 2019), 2019. ieee: C. Gerking and D. Schubert, “Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures,” 2019. mla: Gerking, Christopher, and David Schubert. “Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures.” International Conference on Software Architecture (ICSA 2019), 2019. short: 'C. Gerking, D. Schubert, in: International Conference on Software Architecture (ICSA 2019), 2019.' date_created: 2020-12-16T14:03:44Z date_updated: 2022-01-06T06:54:36Z department: - _id: '76' - _id: '241' language: - iso: eng publication: International Conference on Software Architecture (ICSA 2019) status: public title: Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures type: conference user_id: '5786' year: '2019' ... --- _id: '23378' author: - first_name: Goran full_name: Piskachev, Goran last_name: Piskachev - first_name: Lisa Nguyen Quang full_name: Do, Lisa Nguyen Quang last_name: Do - first_name: Eric full_name: Bodden, Eric last_name: Bodden citation: ama: 'Piskachev G, Do LNQ, Bodden E. Codebase-adaptive detection of security-relevant methods. In: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. ; 2019. doi:10.1145/3293882.3330556' apa: Piskachev, G., Do, L. N. Q., & Bodden, E. (2019). Codebase-adaptive detection of security-relevant methods. Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. https://doi.org/10.1145/3293882.3330556 bibtex: '@inproceedings{Piskachev_Do_Bodden_2019, title={Codebase-adaptive detection of security-relevant methods}, DOI={10.1145/3293882.3330556}, booktitle={Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis}, author={Piskachev, Goran and Do, Lisa Nguyen Quang and Bodden, Eric}, year={2019} }' chicago: Piskachev, Goran, Lisa Nguyen Quang Do, and Eric Bodden. “Codebase-Adaptive Detection of Security-Relevant Methods.” In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2019. https://doi.org/10.1145/3293882.3330556. ieee: 'G. Piskachev, L. N. Q. Do, and E. Bodden, “Codebase-adaptive detection of security-relevant methods,” 2019, doi: 10.1145/3293882.3330556.' mla: Piskachev, Goran, et al. “Codebase-Adaptive Detection of Security-Relevant Methods.” Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2019, doi:10.1145/3293882.3330556. short: 'G. Piskachev, L.N.Q. Do, E. Bodden, in: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2019.' date_created: 2021-08-09T12:06:52Z date_updated: 2022-01-06T06:55:50Z department: - _id: '241' - _id: '662' - _id: '76' doi: 10.1145/3293882.3330556 language: - iso: eng publication: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis publication_status: published status: public title: Codebase-adaptive detection of security-relevant methods type: conference user_id: '5786' year: '2019' ... --- _id: '7628' author: - first_name: Nils full_name: Selbach, Nils last_name: Selbach citation: ama: Selbach N. Modeling Crypto API Usages in OpenSSL’s EVP Library. Universität Paderborn; 2019. apa: Selbach, N. (2019). Modeling Crypto API usages in OpenSSL’s EVP library. Universität Paderborn. bibtex: '@book{Selbach_2019, title={Modeling Crypto API usages in OpenSSL’s EVP library}, publisher={Universität Paderborn}, author={Selbach, Nils}, year={2019} }' chicago: Selbach, Nils. Modeling Crypto API Usages in OpenSSL’s EVP Library. Universität Paderborn, 2019. ieee: N. Selbach, Modeling Crypto API usages in OpenSSL’s EVP library. Universität Paderborn, 2019. mla: Selbach, Nils. Modeling Crypto API Usages in OpenSSL’s EVP Library. Universität Paderborn, 2019. short: N. Selbach, Modeling Crypto API Usages in OpenSSL’s EVP Library, Universität Paderborn, 2019. date_created: 2019-02-12T07:28:12Z date_updated: 2022-01-06T07:03:41Z department: - _id: '76' language: - iso: eng project: - _id: '12' name: SFB 901 - Subproject B4 - _id: '1' name: SFB 901 - _id: '3' name: SFB 901 - Project Area B publisher: Universität Paderborn status: public supervisor: - first_name: Philipp full_name: Schubert, Philipp id: '60543' last_name: Schubert orcid: 0000-0002-8674-1859 title: Modeling Crypto API usages in OpenSSL's EVP library type: bachelorsthesis user_id: '477' year: '2019' ... --- _id: '14896' author: - first_name: Andreas full_name: Dann, Andreas last_name: Dann - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Dann A, Hermann B, Bodden E. ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules. IEEE Transactions on Software Engineering. Published online 2019:1-1. doi:10.1109/tse.2019.2931331' apa: 'Dann, A., Hermann, B., & Bodden, E. (2019). ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules. IEEE Transactions on Software Engineering, 1–1. https://doi.org/10.1109/tse.2019.2931331' bibtex: '@article{Dann_Hermann_Bodden_2019, title={ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules}, DOI={10.1109/tse.2019.2931331}, journal={IEEE Transactions on Software Engineering}, author={Dann, Andreas and Hermann, Ben and Bodden, Eric}, year={2019}, pages={1–1} }' chicago: 'Dann, Andreas, Ben Hermann, and Eric Bodden. “ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules.” IEEE Transactions on Software Engineering, 2019, 1–1. https://doi.org/10.1109/tse.2019.2931331.' ieee: 'A. Dann, B. Hermann, and E. Bodden, “ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules,” IEEE Transactions on Software Engineering, pp. 1–1, 2019, doi: 10.1109/tse.2019.2931331.' mla: 'Dann, Andreas, et al. “ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules.” IEEE Transactions on Software Engineering, 2019, pp. 1–1, doi:10.1109/tse.2019.2931331.' short: A. Dann, B. Hermann, E. Bodden, IEEE Transactions on Software Engineering (2019) 1–1. date_created: 2019-11-12T12:20:56Z date_updated: 2022-01-06T06:52:10Z department: - _id: '76' - _id: '34' - _id: '26' doi: 10.1109/tse.2019.2931331 language: - iso: eng page: 1-1 project: - _id: '1' name: SFB 901 - _id: '3' name: SFB 901 - Project Area B - _id: '12' name: SFB 901 - Subproject B4 publication: IEEE Transactions on Software Engineering publication_identifier: issn: - 0098-5589 - 1939-3520 - 2326-3881 publication_status: published status: public title: 'ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules' type: journal_article user_id: '5786' year: '2019' ... --- _id: '14897' author: - first_name: Andreas full_name: Dann, Andreas last_name: Dann - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Dann A, Hermann B, Bodden E. SootDiff: bytecode comparison across different Java compilers. In: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019. ; 2019. doi:10.1145/3315568.3329966' apa: 'Dann, A., Hermann, B., & Bodden, E. (2019). SootDiff: bytecode comparison across different Java compilers. Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019. https://doi.org/10.1145/3315568.3329966' bibtex: '@inproceedings{Dann_Hermann_Bodden_2019, title={SootDiff: bytecode comparison across different Java compilers}, DOI={10.1145/3315568.3329966}, booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019}, author={Dann, Andreas and Hermann, Ben and Bodden, Eric}, year={2019} }' chicago: 'Dann, Andreas, Ben Hermann, and Eric Bodden. “SootDiff: Bytecode Comparison across Different Java Compilers.” In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329966.' ieee: 'A. Dann, B. Hermann, and E. Bodden, “SootDiff: bytecode comparison across different Java compilers,” 2019, doi: 10.1145/3315568.3329966.' mla: 'Dann, Andreas, et al. “SootDiff: Bytecode Comparison across Different Java Compilers.” Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019, doi:10.1145/3315568.3329966.' short: 'A. Dann, B. Hermann, E. Bodden, in: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019.' date_created: 2019-11-12T12:21:11Z date_updated: 2022-01-06T06:52:10Z department: - _id: '76' - _id: '34' - _id: '26' doi: 10.1145/3315568.3329966 language: - iso: eng main_file_link: - url: https://thewhitespace.de/publications/dhb19-sootdiff.pdf publication: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019 publication_identifier: isbn: - '9781450367202' publication_status: published status: public title: 'SootDiff: bytecode comparison across different Java compilers' type: conference user_id: '5786' year: '2019' ... --- _id: '14899' author: - first_name: Stefan full_name: Kruger, Stefan last_name: Kruger - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 citation: ama: 'Kruger S, Hermann B. Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts. In: 2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE). ; 2019. doi:10.1109/ge.2019.00012' apa: Kruger, S., & Hermann, B. (2019). Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts. 2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE). https://doi.org/10.1109/ge.2019.00012 bibtex: '@inproceedings{Kruger_Hermann_2019, title={Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts}, DOI={10.1109/ge.2019.00012}, booktitle={2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE)}, author={Kruger, Stefan and Hermann, Ben}, year={2019} }' chicago: Kruger, Stefan, and Ben Hermann. “Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts.” In 2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE), 2019. https://doi.org/10.1109/ge.2019.00012. ieee: 'S. Kruger and B. Hermann, “Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts,” 2019, doi: 10.1109/ge.2019.00012.' mla: Kruger, Stefan, and Ben Hermann. “Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts.” 2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE), 2019, doi:10.1109/ge.2019.00012. short: 'S. Kruger, B. Hermann, in: 2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE), 2019.' date_created: 2019-11-12T12:22:48Z date_updated: 2022-01-06T06:52:10Z department: - _id: '76' - _id: '34' - _id: '26' doi: 10.1109/ge.2019.00012 language: - iso: eng publication: 2019 IEEE/ACM 2nd International Workshop on Gender Equality in Software Engineering (GE) publication_identifier: isbn: - '9781728122458' publication_status: published status: public title: Can an Online Service Predict Gender? On the State-of-the-Art in Gender Identification from Texts type: conference user_id: '5786' year: '2019' ... --- _id: '7626' author: - first_name: Philipp full_name: Schubert, Philipp id: '60543' last_name: Schubert orcid: 0000-0002-8674-1859 - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Schubert P, Hermann B, Bodden E. PhASAR: An Inter-Procedural Static Analysis Framework for C/C++. In: Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019). Vol II. ; 2019:393-410. doi:10.1007/978-3-030-17465-1_22' apa: 'Schubert, P., Hermann, B., & Bodden, E. (2019). PhASAR: An Inter-Procedural Static Analysis Framework for C/C++. Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), II, 393–410. https://doi.org/10.1007/978-3-030-17465-1_22' bibtex: '@inproceedings{Schubert_Hermann_Bodden_2019, title={PhASAR: An Inter-Procedural Static Analysis Framework for C/C++}, volume={II}, DOI={10.1007/978-3-030-17465-1_22}, booktitle={Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric}, year={2019}, pages={393–410} }' chicago: 'Schubert, Philipp, Ben Hermann, and Eric Bodden. “PhASAR: An Inter-Procedural Static Analysis Framework for C/C++.” In Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), II:393–410, 2019. https://doi.org/10.1007/978-3-030-17465-1_22.' ieee: 'P. Schubert, B. Hermann, and E. Bodden, “PhASAR: An Inter-Procedural Static Analysis Framework for C/C++,” in Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), Prague, Czech Republic, 2019, vol. II, pp. 393–410, doi: 10.1007/978-3-030-17465-1_22.' mla: 'Schubert, Philipp, et al. “PhASAR: An Inter-Procedural Static Analysis Framework for C/C++.” Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), vol. II, 2019, pp. 393–410, doi:10.1007/978-3-030-17465-1_22.' short: 'P. Schubert, B. Hermann, E. Bodden, in: Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), 2019, pp. 393–410.' conference: end_date: 2019-04-11 location: Prague, Czech Republic name: 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS) start_date: 2019-04-08 date_created: 2019-02-12T07:20:07Z date_updated: 2022-03-25T07:48:36Z ddc: - '000' department: - _id: '76' doi: 10.1007/978-3-030-17465-1_22 file: - access_level: closed content_type: application/pdf creator: pdschbrt date_created: 2019-02-12T07:18:17Z date_updated: 2019-02-12T07:18:17Z file_id: '7627' file_name: main.pdf file_size: 504897 relation: main_file success: 1 file_date_updated: 2019-02-12T07:18:17Z has_accepted_license: '1' language: - iso: eng main_file_link: - open_access: '1' url: https://link.springer.com/chapter/10.1007/978-3-030-17465-1_22 oa: '1' page: 393-410 project: - _id: '1' name: SFB 901 - _id: '12' name: SFB 901 - Subproject B4 - _id: '3' name: SFB 901 - Project Area B publication: Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019) publication_status: published status: public title: 'PhASAR: An Inter-Procedural Static Analysis Framework for C/C++' type: conference user_id: '60543' volume: II year: '2019' ... --- _id: '14898' author: - first_name: Philipp full_name: Schubert, Philipp id: '60543' last_name: Schubert orcid: 0000-0002-8674-1859 - first_name: Richard full_name: Leer, Richard last_name: Leer - first_name: Ben full_name: Hermann, Ben id: '66173' last_name: Hermann orcid: 0000-0001-9848-2017 - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Schubert P, Leer R, Hermann B, Bodden E. Know your analysis: how instrumentation aids understanding static analysis. In: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019. ; 2019. doi:10.1145/3315568.3329965' apa: 'Schubert, P., Leer, R., Hermann, B., & Bodden, E. (2019). Know your analysis: how instrumentation aids understanding static analysis. Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019. https://doi.org/10.1145/3315568.3329965' bibtex: '@inproceedings{Schubert_Leer_Hermann_Bodden_2019, title={Know your analysis: how instrumentation aids understanding static analysis}, DOI={10.1145/3315568.3329965}, booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019}, author={Schubert, Philipp and Leer, Richard and Hermann, Ben and Bodden, Eric}, year={2019} }' chicago: 'Schubert, Philipp, Richard Leer, Ben Hermann, and Eric Bodden. “Know Your Analysis: How Instrumentation Aids Understanding Static Analysis.” In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329965.' ieee: 'P. Schubert, R. Leer, B. Hermann, and E. Bodden, “Know your analysis: how instrumentation aids understanding static analysis,” 2019, doi: 10.1145/3315568.3329965.' mla: 'Schubert, Philipp, et al. “Know Your Analysis: How Instrumentation Aids Understanding Static Analysis.” Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019, doi:10.1145/3315568.3329965.' short: 'P. Schubert, R. Leer, B. Hermann, E. Bodden, in: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019.' date_created: 2019-11-12T12:22:16Z date_updated: 2023-06-15T08:52:37Z department: - _id: '76' - _id: '34' - _id: '26' doi: 10.1145/3315568.3329965 language: - iso: eng project: - _id: '12' name: 'SFB 901 - B4: SFB 901 - Subproject B4' - _id: '3' name: 'SFB 901 - B: SFB 901 - Project Area B' - _id: '1' grant_number: '160364472' name: 'SFB 901: SFB 901: On-The-Fly Computing - Individualisierte IT-Dienstleistungen in dynamischen Märkten ' publication: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019 publication_identifier: isbn: - '9781450367202' publication_status: published status: public title: 'Know your analysis: how instrumentation aids understanding static analysis' type: conference user_id: '15249' year: '2019' ... --- _id: '2711' abstract: - lang: eng text: "In recent years, researchers have developed a number of tools to conduct\r\ntaint analysis of Android applications. While all the respective papers aim at\r\nproviding a thorough empirical evaluation, comparability is hindered by varying\r\nor unclear evaluation targets. Sometimes, the apps used for evaluation are not\r\nprecisely described. In other cases, authors use an established benchmark but\r\ncover it only partially. In yet other cases, the evaluations differ in terms of\r\nthe data leaks searched for, or lack a ground truth to compare against. All\r\nthose limitations make it impossible to truly compare the tools based on those\r\npublished evaluations.\r\n We thus present ReproDroid, a framework allowing the accurate comparison of\r\nAndroid taint analysis tools. ReproDroid supports researchers in inferring the\r\nground truth for data leaks in apps, in automatically applying tools to\r\nbenchmarks, and in evaluating the obtained results. We use ReproDroid to\r\ncomparatively evaluate on equal grounds the six prominent taint analysis tools\r\nAmandroid, DIALDroid, DidFail, DroidSafe, FlowDroid and IccTA. The results are\r\nlargely positive although four tools violate some promises concerning features\r\nand accuracy. Finally, we contribute to the area of unbiased benchmarking with\r\na new and improved version of the open test suite DroidBench." author: - first_name: Felix full_name: Pauck, Felix id: '22398' last_name: Pauck - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Heike full_name: Wehrheim, Heike id: '573' last_name: Wehrheim citation: ama: Pauck F, Bodden E, Wehrheim H. Do Android Taint Analysis Tools Keep their Promises? arXiv:180402903. 2018. apa: Pauck, F., Bodden, E., & Wehrheim, H. (2018). Do Android Taint Analysis Tools Keep their Promises? ArXiv:1804.02903. bibtex: '@article{Pauck_Bodden_Wehrheim_2018, title={Do Android Taint Analysis Tools Keep their Promises?}, journal={arXiv:1804.02903}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, year={2018} }' chicago: Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis Tools Keep Their Promises?” ArXiv:1804.02903, 2018. ieee: F. Pauck, E. Bodden, and H. Wehrheim, “Do Android Taint Analysis Tools Keep their Promises?,” arXiv:1804.02903. 2018. mla: Pauck, Felix, et al. “Do Android Taint Analysis Tools Keep Their Promises?” ArXiv:1804.02903, 2018. short: F. Pauck, E. Bodden, H. Wehrheim, ArXiv:1804.02903 (2018). date_created: 2018-05-09T08:27:11Z date_updated: 2022-01-06T06:57:35Z ddc: - '000' department: - _id: '77' - _id: '76' file: - access_level: closed content_type: application/pdf creator: florida date_created: 2018-11-21T10:49:23Z date_updated: 2018-11-21T10:49:23Z file_id: '5781' file_name: Do Android Taint Analysis Tools Keep their Promises.pdf file_size: 1045861 relation: main_file success: 1 file_date_updated: 2018-11-21T10:49:23Z has_accepted_license: '1' language: - iso: eng project: - _id: '1' name: SFB 901 - _id: '3' name: SFB 901 - Project Area B - _id: '12' name: SFB 901 - Subproject B4 publication: arXiv:1804.02903 status: public title: Do Android Taint Analysis Tools Keep their Promises? type: preprint user_id: '477' year: '2018' ... --- _id: '20530' author: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do citation: ama: 'Bodden E, Nguyen Quang Do L. Explainable Static Analysis. In: Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany. {LNI}. ; 2018:205-208.' apa: Bodden, E., & Nguyen Quang Do, L. (2018). Explainable Static Analysis. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 205–208. bibtex: '@inproceedings{Bodden_Nguyen Quang Do_2018, series={{LNI}}, title={Explainable Static Analysis}, booktitle={Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany.}, author={Bodden, Eric and Nguyen Quang Do, Lisa}, year={2018}, pages={205–208}, collection={{LNI}} }' chicago: Bodden, Eric, and Lisa Nguyen Quang Do. “Explainable Static Analysis.” In Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 205–8. {LNI}, 2018. ieee: E. Bodden and L. Nguyen Quang Do, “Explainable Static Analysis,” in Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 2018, pp. 205–208. mla: Bodden, Eric, and Lisa Nguyen Quang Do. “Explainable Static Analysis.” Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 2018, pp. 205–08. short: 'E. Bodden, L. Nguyen Quang Do, in: Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 2018, pp. 205–208.' date_created: 2020-11-27T10:24:21Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' language: - iso: eng main_file_link: - url: https://dl.gi.de/20.500.12116/16348 page: 205-208 publication: Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany. publication_identifier: isbn: - 978-3-88579-673-2 series_title: '{LNI}' status: public title: Explainable Static Analysis type: conference user_id: '5786' year: '2018' ... --- _id: '20543' author: - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger - first_name: Patrick full_name: Hill, Patrick last_name: Hill - first_name: Karim full_name: Ali, Karim last_name: Ali - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. Debugging Static Analysis. IEEE Transactions on Software Engineering. Published online 2018:1-1. doi:10.1109/TSE.2018.2868349 apa: Nguyen Quang Do, L., Krüger, S., Hill, P., Ali, K., & Bodden, E. (2018). Debugging Static Analysis. IEEE Transactions on Software Engineering, 1–1. https://doi.org/10.1109/TSE.2018.2868349 bibtex: '@article{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={Debugging Static Analysis}, DOI={10.1109/TSE.2018.2868349}, journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}, year={2018}, pages={1–1} }' chicago: Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. “Debugging Static Analysis.” IEEE Transactions on Software Engineering, 2018, 1–1. https://doi.org/10.1109/TSE.2018.2868349. ieee: 'L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, and E. Bodden, “Debugging Static Analysis,” IEEE Transactions on Software Engineering, pp. 1–1, 2018, doi: 10.1109/TSE.2018.2868349.' mla: Nguyen Quang Do, Lisa, et al. “Debugging Static Analysis.” IEEE Transactions on Software Engineering, 2018, pp. 1–1, doi:10.1109/TSE.2018.2868349. short: L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, IEEE Transactions on Software Engineering (2018) 1–1. date_created: 2020-11-30T09:32:12Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1109/TSE.2018.2868349 keyword: - Debugging - Static analysis - Tools - Computer bugs - Standards - Writing - Encoding - Testing and Debugging - Program analysis - Development tools - Integrated environments - Graphical environments - Usability testing language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/tse18debugging.pdf page: 1-1 publication: IEEE Transactions on Software Engineering publication_identifier: issn: - 2326-3881 status: public title: Debugging Static Analysis type: journal_article user_id: '5786' year: '2018' ... --- _id: '20544' citation: ama: Tichy M, Bodden E, Kuhrmann M, Wagner S, Steghöfer J-P, eds. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany. Vol {P-279}. Gesellschaft für Informatik; 2018. apa: 'Tichy, M., Bodden, E., Kuhrmann, M., Wagner, S., & Steghöfer, J.-P. (Eds.). (2018). Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany: Vol. {P-279}. Gesellschaft für Informatik.' bibtex: '@book{Tichy_Bodden_Kuhrmann_Wagner_Steghöfer_2018, series={{LNI}}, title={Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany}, volume={{P-279}}, publisher={Gesellschaft für Informatik}, year={2018}, collection={{LNI}} }' chicago: Tichy, Matthias, Eric Bodden, Marco Kuhrmann, Stefan Wagner, and Jan-Philipp Steghöfer, eds. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany. Vol. {P-279}. {LNI}. Gesellschaft für Informatik, 2018. ieee: M. Tichy, E. Bodden, M. Kuhrmann, S. Wagner, and J.-P. Steghöfer, Eds., Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany, vol. {P-279}. Gesellschaft für Informatik, 2018. mla: Tichy, Matthias, et al., editors. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany. Gesellschaft für Informatik, 2018. short: M. Tichy, E. Bodden, M. Kuhrmann, S. Wagner, J.-P. Steghöfer, eds., Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany, Gesellschaft für Informatik, 2018. date_created: 2020-11-30T09:32:58Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' editor: - first_name: Matthias full_name: Tichy, Matthias last_name: Tichy - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 - first_name: Marco full_name: Kuhrmann, Marco last_name: Kuhrmann - first_name: Stefan full_name: Wagner, Stefan last_name: Wagner - first_name: Jan-Philipp full_name: Steghöfer, Jan-Philipp last_name: Steghöfer language: - iso: eng publication_identifier: isbn: - 978-3-88579-673-2 publisher: Gesellschaft für Informatik series_title: '{LNI}' status: public title: Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany type: conference_editor user_id: '5786' volume: '{P-279}' year: '2018' ... --- _id: '20545' citation: ama: Tip F, Bodden E, eds. Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018. ACM; 2018. apa: Tip, F., & Bodden, E. (Eds.). (2018). Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018. ACM. bibtex: '@book{Tip_Bodden_2018, title={Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018}, publisher={ACM}, year={2018} }' chicago: Tip, Frank, and Eric Bodden, eds. Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018. ACM, 2018. ieee: F. Tip and E. Bodden, Eds., Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018. ACM, 2018. mla: Tip, Frank, and Eric Bodden, editors. Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018. ACM, 2018. short: F. Tip, E. Bodden, eds., Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018, ACM, 2018. date_created: 2020-11-30T09:35:03Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' editor: - first_name: Frank full_name: Tip, Frank last_name: Tip - first_name: Eric full_name: Bodden, Eric last_name: Bodden language: - iso: eng publisher: ACM status: public title: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, Amsterdam, The Netherlands, July 16-21, 2018 type: conference_editor user_id: '5786' year: '2018' ... --- _id: '20546' author: - first_name: Christopher full_name: Gerking, Christopher last_name: Gerking - first_name: David full_name: Schubert, David id: '9106' last_name: Schubert - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Gerking C, Schubert D, Bodden E. Model Checking the Information Flow Security of Real-Time Systems. In: Payer M, Rashid A, Such JM, eds. Engineering Secure Software and Systems. Springer International Publishing; 2018:27-43.' apa: Gerking, C., Schubert, D., & Bodden, E. (2018). Model Checking the Information Flow Security of Real-Time Systems. In M. Payer, A. Rashid, & J. M. Such (Eds.), Engineering Secure Software and Systems (pp. 27–43). Springer International Publishing. bibtex: '@inproceedings{Gerking_Schubert_Bodden_2018, place={Cham}, title={Model Checking the Information Flow Security of Real-Time Systems}, booktitle={Engineering Secure Software and Systems}, publisher={Springer International Publishing}, author={Gerking, Christopher and Schubert, David and Bodden, Eric}, editor={Payer, Mathias and Rashid, Awais and Such, Jose M.}, year={2018}, pages={27–43} }' chicago: 'Gerking, Christopher, David Schubert, and Eric Bodden. “Model Checking the Information Flow Security of Real-Time Systems.” In Engineering Secure Software and Systems, edited by Mathias Payer, Awais Rashid, and Jose M. Such, 27–43. Cham: Springer International Publishing, 2018.' ieee: C. Gerking, D. Schubert, and E. Bodden, “Model Checking the Information Flow Security of Real-Time Systems,” in Engineering Secure Software and Systems, 2018, pp. 27–43. mla: Gerking, Christopher, et al. “Model Checking the Information Flow Security of Real-Time Systems.” Engineering Secure Software and Systems, edited by Mathias Payer et al., Springer International Publishing, 2018, pp. 27–43. short: 'C. Gerking, D. Schubert, E. Bodden, in: M. Payer, A. Rashid, J.M. Such (Eds.), Engineering Secure Software and Systems, Springer International Publishing, Cham, 2018, pp. 27–43.' date_created: 2020-11-30T09:35:55Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' editor: - first_name: Mathias full_name: Payer, Mathias last_name: Payer - first_name: Awais full_name: Rashid, Awais last_name: Rashid - first_name: Jose M. full_name: Such, Jose M. last_name: Such language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/gsb18model.pdf page: 27-43 place: Cham publication: Engineering Secure Software and Systems publisher: Springer International Publishing status: public title: Model Checking the Information Flow Security of Real-Time Systems type: conference user_id: '5786' year: '2018' ... --- _id: '20547' author: - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Nguyen Quang Do L, Bodden E. Gamifying Static Analysis. In: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ESEC/FSE 2018. ACM; 2018:714-718. doi:10.1145/3236024.3264830' apa: Nguyen Quang Do, L., & Bodden, E. (2018). Gamifying Static Analysis. Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 714–718. https://doi.org/10.1145/3236024.3264830 bibtex: '@inproceedings{Nguyen Quang Do_Bodden_2018, place={New York, NY, USA}, series={ESEC/FSE 2018}, title={Gamifying Static Analysis}, DOI={10.1145/3236024.3264830}, booktitle={Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}, publisher={ACM}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2018}, pages={714–718}, collection={ESEC/FSE 2018} }' chicago: 'Nguyen Quang Do, Lisa, and Eric Bodden. “Gamifying Static Analysis.” In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 714–18. ESEC/FSE 2018. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236024.3264830.' ieee: 'L. Nguyen Quang Do and E. Bodden, “Gamifying Static Analysis,” in Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2018, pp. 714–718, doi: 10.1145/3236024.3264830.' mla: Nguyen Quang Do, Lisa, and Eric Bodden. “Gamifying Static Analysis.” Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ACM, 2018, pp. 714–18, doi:10.1145/3236024.3264830. short: 'L. Nguyen Quang Do, E. Bodden, in: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ACM, New York, NY, USA, 2018, pp. 714–718.' date_created: 2020-11-30T09:37:35Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1145/3236024.3264830 keyword: - Gamification - Integrated Environments - Program analysis language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/db18gamifying.pdf page: 714-718 place: New York, NY, USA publication: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering publication_identifier: isbn: - 978-1-4503-5573-5 publisher: ACM series_title: ESEC/FSE 2018 status: public title: Gamifying Static Analysis type: conference user_id: '5786' year: '2018' ... --- _id: '20548' author: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Bodden E. The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them). In: ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018). ISSTA ’18. ACM; 2018:85-93. doi:10.1145/3236454.3236500' apa: 'Bodden, E. (2018). The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them). ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), 85–93. https://doi.org/10.1145/3236454.3236500' bibtex: '@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ISSTA ’18}, title={The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them)}, DOI={10.1145/3236454.3236500}, booktitle={ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018)}, publisher={ACM}, author={Bodden, Eric}, year={2018}, pages={85–93}, collection={ISSTA ’18} }' chicago: 'Bodden, Eric. “The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-Based Static Analyses (and How to Master Them).” In ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), 85–93. ISSTA ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236454.3236500.' ieee: 'E. Bodden, “The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them),” in ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), 2018, pp. 85–93, doi: 10.1145/3236454.3236500.' mla: 'Bodden, Eric. “The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-Based Static Analyses (and How to Master Them).” ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), ACM, 2018, pp. 85–93, doi:10.1145/3236454.3236500.' short: 'E. Bodden, in: ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), ACM, New York, NY, USA, 2018, pp. 85–93.' date_created: 2020-11-30T09:51:05Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1145/3236454.3236500 keyword: - ATTRACT - ITSECWEBSITE language: - iso: eng main_file_link: - url: http://bodden.de/pubs/bodden18secret.pdf page: 85-93 place: New York, NY, USA publication: ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018) publication_identifier: isbn: - 978-1-4503-5939-9 publisher: ACM series_title: ISSTA '18 status: public title: 'The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them)' type: conference user_id: '5786' year: '2018' ... --- _id: '20549' author: - first_name: Johannes full_name: Geismann, Johannes id: '20063' last_name: Geismann orcid: https://orcid.org/0000-0003-2015-2047 - first_name: Christopher full_name: Gerking, Christopher last_name: Gerking - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Geismann J, Gerking C, Bodden E. Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes. In: International Conference on Software and System Processes (ICSSP). ; 2018.' apa: Geismann, J., Gerking, C., & Bodden, E. (2018). Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes. International Conference on Software and System Processes (ICSSP). bibtex: '@inproceedings{Geismann_Gerking_Bodden_2018, title={Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes}, booktitle={International Conference on Software and System Processes (ICSSP)}, author={Geismann, Johannes and Gerking, Christopher and Bodden, Eric}, year={2018} }' chicago: Geismann, Johannes, Christopher Gerking, and Eric Bodden. “Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes.” In International Conference on Software and System Processes (ICSSP), 2018. ieee: J. Geismann, C. Gerking, and E. Bodden, “Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes,” 2018. mla: Geismann, Johannes, et al. “Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes.” International Conference on Software and System Processes (ICSSP), 2018. short: 'J. Geismann, C. Gerking, E. Bodden, in: International Conference on Software and System Processes (ICSSP), 2018.' date_created: 2020-11-30T09:52:21Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' keyword: - ITSECWEBSITE language: - iso: eng publication: International Conference on Software and System Processes (ICSSP) related_material: link: - relation: confirmation url: http://bodden.de/pubs/ggb18towards.pdf status: public title: Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes type: conference user_id: '5786' year: '2018' ... --- _id: '20550' author: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Bodden E. Self-adaptive Static Analysis. In: Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results. ICSE-NIER ’18. ACM; 2018:45-48. doi:10.1145/3183399.3183401' apa: 'Bodden, E. (2018). Self-adaptive Static Analysis. Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, 45–48. https://doi.org/10.1145/3183399.3183401' bibtex: '@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ICSE-NIER ’18}, title={Self-adaptive Static Analysis}, DOI={10.1145/3183399.3183401}, booktitle={Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results}, publisher={ACM}, author={Bodden, Eric}, year={2018}, pages={45–48}, collection={ICSE-NIER ’18} }' chicago: 'Bodden, Eric. “Self-Adaptive Static Analysis.” In Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, 45–48. ICSE-NIER ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3183399.3183401.' ieee: 'E. Bodden, “Self-adaptive Static Analysis,” in Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, 2018, pp. 45–48, doi: 10.1145/3183399.3183401.' mla: 'Bodden, Eric. “Self-Adaptive Static Analysis.” Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, ACM, 2018, pp. 45–48, doi:10.1145/3183399.3183401.' short: 'E. Bodden, in: Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, ACM, New York, NY, USA, 2018, pp. 45–48.' date_created: 2020-11-30T09:54:33Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' doi: 10.1145/3183399.3183401 keyword: - ATTRACT - ITSECWEBSITE language: - iso: eng page: 45-48 place: New York, NY, USA publication: 'Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results' publication_identifier: isbn: - 978-1-4503-5662-6 publisher: ACM related_material: link: - relation: confirmation url: http://bodden.de/pubs/bodden18selfadaptive.pdf series_title: ICSE-NIER '18 status: public title: Self-adaptive Static Analysis type: conference user_id: '5786' year: '2018' ... --- _id: '20551' author: - first_name: Lisa full_name: Nguyen Quang Do, Lisa last_name: Nguyen Quang Do - first_name: Stefan full_name: Krüger, Stefan last_name: Krüger - first_name: Patrick full_name: Hill, Patrick last_name: Hill - first_name: Karim full_name: Ali, Karim last_name: Ali - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 citation: ama: 'Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. VISUFLOW, a Debugging Environment for Static Analyses. In: International Conference for Software Engineering (ICSE), Tool Demonstrations Track. ; 2018.' apa: Nguyen Quang Do, L., Krüger, S., Hill, P., Ali, K., & Bodden, E. (2018). VISUFLOW, a Debugging Environment for Static Analyses. International Conference for Software Engineering (ICSE), Tool Demonstrations Track. bibtex: '@inproceedings{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={VISUFLOW, a Debugging Environment for Static Analyses}, booktitle={International Conference for Software Engineering (ICSE), Tool Demonstrations Track}, author={Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}, year={2018} }' chicago: Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. “VISUFLOW, a Debugging Environment for Static Analyses.” In International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018. ieee: L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, and E. Bodden, “VISUFLOW, a Debugging Environment for Static Analyses,” 2018. mla: Nguyen Quang Do, Lisa, et al. “VISUFLOW, a Debugging Environment for Static Analyses.” International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018. short: 'L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, in: International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018.' date_created: 2020-11-30T09:55:20Z date_updated: 2022-01-06T06:54:29Z department: - _id: '76' keyword: - ATTRACT - ITSECWEBSITE language: - iso: eng main_file_link: - url: http://www.bodden.de/pubs/dkh+18visuflow.pdf publication: International Conference for Software Engineering (ICSE), Tool Demonstrations Track status: public title: VISUFLOW, a Debugging Environment for Static Analyses type: conference user_id: '5786' year: '2018' ... --- _id: '20779' abstract: - lang: eng text: Der hohe Grad an Innovation in mechatronischen Systemen führt zu sogenannten Cyber-Physical Systems (CPS). Diese haben eine komplexe Funktionalität und Kommunikation. Wie sicherheitskritisch solche Systeme sind, wird durch sogenannte Sicherheits-Integritätslevel (SIL) kategorisiert, die durch Normen wie der ISO 26262 definiert werden. Ein bestimmter SIL beschreibt nicht nur die Höhe des Gefährdungsrisikos, sondern diktiert auch den erforderlichen Grad an Sorgfalt bei der Entwicklung des Systems. Ein hoher SIL erfordert die Anwendung von Safety-Maßnahmen mit einem hohen Sorgfaltsgrad in allen Phasen der Entwicklung und impliziert daher einen hohen Safety-Aufwand. SIL-Tailoring ist ein Mittel um den Safety-Aufwand zu reduzieren, indem man Subsystemen geringere SILs zuordnet, falls sie von kritischeren Subsystemen getrennt sind oder redundante Safety-Anforderungen erfüllen. Um den nötigen Safety-Aufwand zu planen, sollten Möglichkeiten für SIL-Tailoring so früh wie möglich identifiziert werden - d.h. bereits in der Anforderungsanalyse. Durch die Komplexität von CPS, ist es schwierig valide SIL-Tailorings zu finden. Die Validität von SIL-Tailorings muss durch Analyse von Fehlerpropagierungspfaden geprüft und durch Argumente im Safety Case begründet werden. Der Beitrag dieser Dissertation ist ein systematischer, tool-unterstützter SIL-Tailoring-Prozess, der im Safety Requirements Engineering angewendet wird. Der Prozess nutzt eine modell-basierte, formale Anforderungsspezifikation und stellt einen Katalog von Anforderungsmustern bereit. Basierend auf diesen Anforderungen werden Fehlerpropagierungsmodelle generiert und Subsystemen automatisch SILs zugeordnet. Das minimiert den Sicherheitsanalyseaufwand. Aus den generierten Ergebnissen wird automatisch ein Safety Case mit Argumenten für die SIL-Tailoring-Validität abgeleitet. author: - first_name: Markus full_name: Fockel, Markus id: '8472' last_name: Fockel orcid: 0000-0002-1269-0702 citation: ama: Fockel M. Safety Requirements Engineering for Early SIL Tailoring. Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn; 2018. doi:10.17619/UNIPB/1-490 apa: Fockel, M. (2018). Safety Requirements Engineering for Early SIL Tailoring. Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn. https://doi.org/10.17619/UNIPB/1-490 bibtex: '@book{Fockel_2018, title={Safety Requirements Engineering for Early SIL Tailoring}, DOI={10.17619/UNIPB/1-490}, publisher={Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn}, author={Fockel, Markus}, year={2018} }' chicago: Fockel, Markus. Safety Requirements Engineering for Early SIL Tailoring. Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn, 2018. https://doi.org/10.17619/UNIPB/1-490. ieee: M. Fockel, Safety Requirements Engineering for Early SIL Tailoring. Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn, 2018. mla: Fockel, Markus. Safety Requirements Engineering for Early SIL Tailoring. Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn, 2018, doi:10.17619/UNIPB/1-490. short: M. Fockel, Safety Requirements Engineering for Early SIL Tailoring, Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn, 2018. date_created: 2020-12-17T11:59:05Z date_updated: 2022-01-06T06:54:38Z department: - _id: '76' - _id: '241' - _id: '662' doi: 10.17619/UNIPB/1-490 language: - iso: eng publisher: Fakultät für Elektrotechnik, Informatik und Mathematik, Universität Paderborn status: public supervisor: - first_name: Eric full_name: Bodden, Eric id: '59256' last_name: Bodden orcid: 0000-0003-3470-3647 title: Safety Requirements Engineering for Early SIL Tailoring type: dissertation user_id: '5786' year: '2018' ...