The Faculty of Computer Science cordially invites all those interested to Prof. Borgolte’s inaugural lecture “Trustworthy and Secure Software on the Internet?!”. Borgolte joined the faculty in May 2021 as Professor for Software Security. In his inaugural lecture, he introduces himself and his research on detecting vulnerabilities and attacks, protecting users and applications (from each other), assessing the impact of software and network protocols on security, privacy, and trustworthiness, and analyzing their use in practice, as well as outlines future work.

When? 22nd of June, 2022, 2-3 p.m. with a get-together afterwards (drinks and fingerfood will be provided

Open Space (ground floor) of building MC

Abstract:

Software security means understanding how to build trustworthy and secure software-based systems, and assessing if existing software is actually trustworthy and secure. Today, this especially means networked client/server software, and, more often than not plain “Internet software.” Requiring an active Internet connection, like almost all apps on your smartphone, has become the new normal over the last years.

This Internet exposure, however, can also pose (severe) threats, through security and privacy issues arising from unintended protocol interactions between different software, as well as through more traditional software vulnerabilities that are now being exposed to the entire Internet. Albeit companies have started to focus on improving their security posture, incidents continue to plague us. Users have become less trusting, more privacy-conscious, and fearful of these issues, in addition to being anxious about the “Datenkraken,” but practically they also have little to no choice to say no and convenience remains top dog. This prompts the need for automated analysis techniques to identify and mitigate the threats we face.

In this talk, we first take a deeper look at some of my research on identifying vulnerabilities and attacks, protecting users and applications (from each other), assessing how software and network protocols affect security, privacy, and trustworthiness, and analyzing how they are used in practice. We conclude by discussing some of the research challenges in automatic identification of privacy threats and automatic vulnerability discovery, and we sketch out some future work.

Please register for the event. The registration form can be found on the german version of this page.