Modeling and Analysis of Information Systems

Research

The aim of our research is to make software-based systems more trustworthy (i.e. secure, safe, and correct) than they are today. As software engineering is a complex and error-prone task, we employ formal methods for reasoning about information systems and critical system properties. We investigate software systems on the level of code (source code and machine code) as well as on the level of more abstract system specifications. This allows us to provide support for different stages of software development.

The current research topics of MAIS are grouped under the following four research areas:

• Information-Flow Security
• Monitoring and Dynamic Enforcement
• Side-Channel Analysis and Mitigation
• Sound Re-Engineering and Parallelization
  

We coordinate the LOEWE Research Focus SF4.0 (Software-Factory 4.0) that started in January 2018. The timely availability of high-quality software is a crucial success criterion for companies and economic areas. The drastic changes in industrial production (Industrie 4.0) and the electronic processing of information (Big Data) require the development of suitable software. The approach of SF4.0 is the targeted and automated adaptation of existing software to new requirements and altered technical infrastructures. This opens up the possibility to provide suitable software more quickly. 

From 2010 to 2017, we coordinated the DFG priority program RS³ (Reliably Secure Software Systems). This involves the organization of multiple events each year, most prominently the annual meeting and the staff meeting. Within RS³, our scientific focus was on driving forward research on information-flow security for concurrent programs, on a security-certifying app store for Android devices, and the security-requirement specification language RIFL.

We are involved in further third-party funded research projects involving multiple principle investigators. Within the DFG collaborative research center CROSSING, we are developing techniques and tools for detecting, assessing, and mitigating timing-side channels in cryptographic implementations.  Within Athene, we are creating solutions for static and dynamic security analysis of software-based systems. Parts of our research are funded by the BMBF (German Federal Ministry of Education and Research), by the DFG (German Research Foundation), by the EU (European Union), by the HMWK (Hessen State Ministry for Higher Education, Research and the Arts) within LOEWE (Landes-Offensive zur Entwicklung Wissenschaftlich-ökonomischer Exzellenz), and by industry.

More details can be found in the Research and Projects sections. You can access and read our publications here.

Teaching

We are offering a portfolio of lectures, integrated courses, lab courses, and seminars. Find out more about our teaching in the Teaching section.

If you are interested in writing a Master or Bachelor thesis with us, you can find more information in the Theses section.

News

22.04.22

Alexandra Weber has successfully defended her PhD thesis

We are proud to announce that Alexandra Weber has successfully defended her PhD
thesis on "Semantics-Based Cache-Side-Channel Quantification in Cryptographic Implementations".