Vulnerabilities in software are increasingly becoming a great problem. There is a growing trend of incidents compromising software and information for large organisations, as well as ordinary citizens. There are several reasons for this development, such as more connectivity, complexity, advanced attacks and new motivation factors, e.g. related to profit or political views.

The traditional way of protecting the software is by relying on network security solutions, but merely trusting firewalls and anti-virus applications will not hold in the long run – security must be an integrated part of every software product. At the same time, security should not clog normal usage and give a bad user experience.We are conducting research on how to improve software security and create robust services through use of efficient development methods and tools.

Projects:

• SODA - Security-Oriented Software Development Framework
• SHIELDS - Detecting known security vulnerabilities from within design and development tools
• Aniketos -  Secure and Trustworthy Composite Services

News:

• SecSE 2011 - workshop on secure software engineering