Model-based development of critical software is a major topic of our research. In particular we are focussing on
technologies such as cloud computing and mobile computing, in which "best practices" for secure development do not
exist yet. These are in particular:
The following presentations give an overview on some of our research:
Overview on the Fraunhofer Attract project "Architectures for Auditable Business Process Engineering (APEX)": slides (in German)
UMLsec is an extension of UML for modeling security properties. The corresponding tool support enables different
analyses. The original definition of the UMLsec notation can be found in Jan Jürjens: "Secure Systems Development with UML", Springer-Verlag. The notation is
continually being improved and extended. More information on UMLsec can be found here.
There is extensive tool-support available for the automated analysis of security properties specified with UMLsec or domain-specific languages (e.g. BPMN). See here for more information.
Our research has been supported over the last few years with more than 5 Mio. EUR by funding bodies including the following:
An overview of current and past projects can be found here.