idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Advanced Search ?
Home > Press release: Oracle honors IT security research at ...
Science Video Project
idw-Abo
idw-News App:

AppStore

Google Play Store

Instance:
Share on: 
01/23/2018 11:29

Oracle honors IT security research at Fraunhofer IEM

Fraunhofer IEM Kommunikation
Fraunhofer-Institut für Entwurfstechnik Mechatronik

    Software manufacturer awards „Collaborative Research Award” again to the german research institute

    From Paderborn to Silicon Valley: Detecting security vulnerabilities in software pro-grams way before they cause damage. The Fraunhofer Institute for Mechatronic Sys-tems Design IEM researches methods to detect and correct software vulnerabilities early in the software development process. The institute’s scientists work together with Oracle, one of the world's largest software manufacturers located in Silicon Val-ley. This is the second time that extensive funding, the "Oracle Collaborative Re-search Award", has been awarded to the Paderborn research institute.

    Nowadays, software is protected against attacks and hackers with various tech-niques, such as complex encryption methods. With regard to the increasing net-working of private devices as well as industrial machines, IT security is an essential aspect of every engineering project. In spite of that, even experienced engineers reach their limits when it comes to secure programming of software and its subse-quent implementation. Studies reveal that correct and secure software implementa-tion is not a matter of course. A major current problem here is the insecure use of cryptography. Recent studies also reveal that, for example, the vast majority of smartphone applications use cryptographic functions in an insecure manner.

    “Grammar check“ for software

    In order to support software engineers in the secure implementation of programs, Fraunhofer IEM is working on analysis tools that directly detect incorrect implemen-tation. Similar to spelling and grammar checks in word processing programs, the software developer receives hints to vulnerable code. The analysis tools provide direct and precise feedback, ensuring, for example, the correct use of encryption algorithms in the software. "This way we detect software vulnerabilities long before they can cause damage. Companies benefit from faster and more efficient devel-opment and can offer their customers secure products from the very first version.", states senior expert Dr. Claudia Priesterjahn, explaining the method called Static Code Analysis.

    Fraunhofer IEM's work is currently being applied in a concrete project with Oracle. Focal point is the security of the Java Runtime Library developed by Oracle, which is installed on several billion devices worldwide. In order to eliminate vulnerabilities from the Java Runtime, researchers are redesigning parts of the software architec-ture. With the help of the "grammar check", they then identify vulnerabilities here as well and develop automatic analyses that reveal other similar vulnerabilities. This way, they minimize the probability of attacks on this widely used software.

    Fraunhofer IEM wins Oracle Collaborative Research Award a second time

    The software and hardware manufacturer Oracle, based in the Silicon Valley, is supporting the work of Fraunhofer IEM since mid-2017. Now the scientists receive a second of the prestigious Oracle Collaborative Research Awards, again endowed with 100,000 US dollars. “Oracle allows us applied research and deep insights into the software development processes of a global player. It is a rewarding experience for us to work on the security of the Java Runtime. Millions of users will benefit from our results.", says Prof. Eric Bodden, Director of Software Engineering at Fraunhofer IEM and head of the Software Engineering Chair at the Heinz Nixdorf Institute of the University of Paderborn.

    Static Code Analyse at Fraunhofer IEM

    Fraunhofer IEM supports companies with the following services:

    • Protection of IT systems against cyber attacks Absicherung von Systemen gegen Cyberangriffe
    • Support for adequate encryption methods
    • Tools for software developers to verify secure software implemen-tationsCustomized secure software solutions

    More information:

    https://www.iem.fraunhofer.de/en/press/it-security-oracle-collaborative-research...
    http://www.iem.fraunhofer.de/security-by-design

    Images

    Johannes Späth and Dr. Claudia Priesterjahn at Fraunhofer IEM are developing tools with Oracle that systematically find software errors.
    Johannes Späth and Dr. Claudia Priesterjahn at Fraunhofer IEM are developing tools with Oracle that ...
    Fraunhofer IEM
    None

    Criteria of this press release:
    Business and commerce, Journalists, Scientists and scholars
    Information technology
    transregional, national
    Contests / awards, Transfer of Science or Research
    English

     

    Johannes Späth and Dr. Claudia Priesterjahn at Fraunhofer IEM are developing tools with Oracle that systematically find software errors.


    For download

    x

    Help

    Search / advanced search of the idw archives
    Combination of search terms

    You can combine search terms with and, or and/or not, e.g. Philo not logy.

    Brackets

    You can use brackets to separate combinations from each other, e.g. (Philo not logy) or (Psycho and logy).

    Phrases

    Coherent groups of words will be located as complete phrases if you put them into quotation marks, e.g. “Federal Republic of Germany”.

    Selection criteria

    You can also use the advanced search without entering search terms. It will then follow the criteria you have selected (e.g. country or subject area).

    If you have not selected any criteria in a given category, the entire category will be searched (e.g. all subject areas or all countries).