Why SecuCheck?

Static code analysis is a technology to detect various security vulnerabilities at implementation time. However, as studies show, developers reject static analysis tools, as they find them hard to configure such that they can operate efficiently in their application context. With their default parameters, most tools produce a high number of false warnings, while missing vulnerabilities that may be important. This demotivates the developers. The goal of this project is to reduce the gap between static analysis and software development, thereby improving the user experience of static analysis tools.

Learn More

Results

Team

Goran Piskachev

Project Lead

Ranjith Krishnamurthy

Developer

Prof. Dr. Eric Bodden

Research Advisor

Oshando Johnson

Developer

Alumni

Ingo Budde

Developer

Ashish Shukla

Developer

Dr. Johannes Späth

Research Advisor

Partners

Funded by

Contact

Goran Piskachev
Fraunhofer IEM Institute for Mechatronic Systems Design
Department Software Engineering and IT-Security
Zukunftsmeile 1
33102 Paderborn

e-Mail: