idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Erweiterte Suche ?
Home > Pressemitteilung: Oracle honors IT security research at ...
Science Video Project
idw-Abo
idw-News App:

AppStore

Google Play Store

Instanz:
Teilen: 
23.01.2018 11:29

Oracle honors IT security research at Fraunhofer IEM

Fraunhofer IEM Kommunikation
Fraunhofer-Institut für Entwurfstechnik Mechatronik

    Software manufacturer awards „Collaborative Research Award” again to the german research institute

    From Paderborn to Silicon Valley: Detecting security vulnerabilities in software pro-grams way before they cause damage. The Fraunhofer Institute for Mechatronic Sys-tems Design IEM researches methods to detect and correct software vulnerabilities early in the software development process. The institute’s scientists work together with Oracle, one of the world's largest software manufacturers located in Silicon Val-ley. This is the second time that extensive funding, the "Oracle Collaborative Re-search Award", has been awarded to the Paderborn research institute.

    Nowadays, software is protected against attacks and hackers with various tech-niques, such as complex encryption methods. With regard to the increasing net-working of private devices as well as industrial machines, IT security is an essential aspect of every engineering project. In spite of that, even experienced engineers reach their limits when it comes to secure programming of software and its subse-quent implementation. Studies reveal that correct and secure software implementa-tion is not a matter of course. A major current problem here is the insecure use of cryptography. Recent studies also reveal that, for example, the vast majority of smartphone applications use cryptographic functions in an insecure manner.

    “Grammar check“ for software

    In order to support software engineers in the secure implementation of programs, Fraunhofer IEM is working on analysis tools that directly detect incorrect implemen-tation. Similar to spelling and grammar checks in word processing programs, the software developer receives hints to vulnerable code. The analysis tools provide direct and precise feedback, ensuring, for example, the correct use of encryption algorithms in the software. "This way we detect software vulnerabilities long before they can cause damage. Companies benefit from faster and more efficient devel-opment and can offer their customers secure products from the very first version.", states senior expert Dr. Claudia Priesterjahn, explaining the method called Static Code Analysis.

    Fraunhofer IEM's work is currently being applied in a concrete project with Oracle. Focal point is the security of the Java Runtime Library developed by Oracle, which is installed on several billion devices worldwide. In order to eliminate vulnerabilities from the Java Runtime, researchers are redesigning parts of the software architec-ture. With the help of the "grammar check", they then identify vulnerabilities here as well and develop automatic analyses that reveal other similar vulnerabilities. This way, they minimize the probability of attacks on this widely used software.

    Fraunhofer IEM wins Oracle Collaborative Research Award a second time

    The software and hardware manufacturer Oracle, based in the Silicon Valley, is supporting the work of Fraunhofer IEM since mid-2017. Now the scientists receive a second of the prestigious Oracle Collaborative Research Awards, again endowed with 100,000 US dollars. “Oracle allows us applied research and deep insights into the software development processes of a global player. It is a rewarding experience for us to work on the security of the Java Runtime. Millions of users will benefit from our results.", says Prof. Eric Bodden, Director of Software Engineering at Fraunhofer IEM and head of the Software Engineering Chair at the Heinz Nixdorf Institute of the University of Paderborn.

    Static Code Analyse at Fraunhofer IEM

    Fraunhofer IEM supports companies with the following services:

    • Protection of IT systems against cyber attacks Absicherung von Systemen gegen Cyberangriffe
    • Support for adequate encryption methods
    • Tools for software developers to verify secure software implemen-tationsCustomized secure software solutions

    Weitere Informationen:

    https://www.iem.fraunhofer.de/en/press/it-security-oracle-collaborative-research...
    http://www.iem.fraunhofer.de/security-by-design

    Bilder

    Johannes Späth and Dr. Claudia Priesterjahn at Fraunhofer IEM are developing tools with Oracle that systematically find software errors.
    Johannes Späth and Dr. Claudia Priesterjahn at Fraunhofer IEM are developing tools with Oracle that ...
    Fraunhofer IEM
    None

    Merkmale dieser Pressemitteilung:
    Journalisten, Wirtschaftsvertreter, Wissenschaftler
    Informationstechnik
    überregional
    Forschungs- / Wissenstransfer, Wettbewerbe / Auszeichnungen
    Englisch

     

    Johannes Späth and Dr. Claudia Priesterjahn at Fraunhofer IEM are developing tools with Oracle that systematically find software errors.


    Zum Download

    x

    Hilfe

    Die Suche / Erweiterte Suche im idw-Archiv
    Verknüpfungen

    Sie können Suchbegriffe mit und, oder und / oder nicht verknüpfen, z. B. Philo nicht logie.

    Klammern

    Verknüpfungen können Sie mit Klammern voneinander trennen, z. B. (Philo nicht logie) oder (Psycho und logie).

    Wortgruppen

    Zusammenhängende Worte werden als Wortgruppe gesucht, wenn Sie sie in Anführungsstriche setzen, z. B. „Bundesrepublik Deutschland“.

    Auswahlkriterien

    Die Erweiterte Suche können Sie auch nutzen, ohne Suchbegriffe einzugeben. Sie orientiert sich dann an den Kriterien, die Sie ausgewählt haben (z. B. nach dem Land oder dem Sachgebiet).

    Haben Sie in einer Kategorie kein Kriterium ausgewählt, wird die gesamte Kategorie durchsucht (z.B. alle Sachgebiete oder alle Länder).