Reliably Secure Software Systems (RS3) –
DFG Priority Programme 1496

September 2017: The final event of RS3 took place in Darmstadt on September 4–6.
August 2016: Heise online, the most frequently visited German-language IT news website, published a report about an 18-year-old vulnerability in the pseudo-random number generator of GnuPG that has been uncovered by RS3 researchers from the project DeduSec.
August 2016: Posters and demonstrators of the reference scenarios of RS3 were presented at the USENIX Security Symposium 2016 in Austin on August 11.
July 2016: Selected slides and pictures from the RS3 Practitioner Event are now online on the webpage of the event.
June 2016: The RS3 Practitioner Event took place on June 7–8, 2016 in Darmstadt.
April 2016: RS3 was presented by its coordinator Prof. Heiko Mantel in two talks on April 4 and 7 at the Royal Society Scientific Meeting on "Verified Trustworthy Software Systems" in London.

  • RS3 publications: Projects within RS3 in sum have more than 140 reviewed publications so far! See the full publication list for details!
  • Tools: A number of useful new security tools are being developed within RS3. See the tool list for details!

About

The Priority Programme at a Glance

Motivation

This Priority Programme assumed that a paradigm shift in IT-security is necessary in order to reliably guarantee the security of complex software systems. The current trust-based and mechanism-centric approaches to IT-security were to be complemented by property-oriented solutions. This paradigm shift was to enable a trustworthy certification of system-wide, technical security guarantees that adequately respects the semantics of programs and of security requirements. Bridging the gap from security in-the-small to security in-the-large involved the improvement of conceptual foundations, the development of analysis and engineering tools, and their migration into practice. Collaborations between multiple sub-disciplines of Computer Science, primarily formal methods, IT-security, and programming languages, were necessary to achieve the objectives of the programme.