European Center for Security and Privacy by Design

European Center for Security and Privacy by Design (EC SPRIDE)
	; Logo of EC SPRIDE
Category:	research Institute
Participating institutions:	TU Darmstadt (lead) in cooperation with Fraunhofer SIT
Facility location:	Darmstadt
Type of research:	Basic research with application relevance
Subjects:	Computer science
Areas of expertise:	IT security
Basic funding:	BMBF
Overall management:	Michael Waidner
Head of Administration:	Michael Kreutzer
Homepage:	www.ec-spride.de
Address:	Mornewegstrasse 30 ; 64293 Darmstadt

The European Center for Security and Privacy by Design ( EC SPRIDE ) at the Technical University of Darmstadt is one of three competence centers for IT security research that the Federal Ministry of Education and Research (BMBF) has been promoting as part of its high-tech strategy since October 2011 . The center builds on the infrastructure of the Darmstadt LOEWE center CASED for IT security research and works closely with the Fraunhofer Institute for Secure Information Technology (SIT).

Other centers are the Competence Center for Applied Security Technology (KASTEL) at the Karlsruhe Institute of Technology (KIT) and the Center for IT Security, Privacy and Accountability (CISPA) at Saarland University .

With the competence centers, the BMBF pursues the defense against attacks, the targeted development of suitable methods and tools in various projects of the IT security focus of the BMBF as well as the forward-looking further development of knowledge and skills.

The European Center for Security and Privacy by Design merged with the Center for Advanced Security Research Darmstadt (CASED) into the Center for Research in Security and Privacy .

Research goal

With new standards, procedures and tools, EC SPRIDE wants to help ensure that IT security is taken into account early on in the software development process.

IT security and privacy protection are currently mainly being integrated into the software at a later date, which leads to high effort and costs.
There are hardly any standardized procedures or supporting tools for programmers.

Research priorities

The research of the competence center can be summarized in three main areas, the projects of which will be intertwined:

In the main area of “engineering”, scientists develop specific solutions and tools for programmers.
The Blueprint area will analyze technical and social developments and the resulting requirements for IT security. The results flow into the work of the other areas.
In the Building Blocks area, cryptographic module components are developed. The modules should be able to be exchanged and expanded seamlessly over the entire service life of a software.
At the same time, the variety of cryptographic protocols is to be increased and thereby the dependency on a few protocols reduced.

organization

EC SPRIDE is divided into research groups led by Claude-Shannon Fellows. The Claude Shannon program is based on the Emmy Noether funding program of the DFG and promotes independent research by young junior researchers.

EC SPRIDE currently comprises the Secure Software Engineering Group and the Engineering Cryptographic Protocols Group.

The center is headed by the TU Darmstadt and cooperates with the Fraunhofer SIT.

Scientists involved

Michael Waidner , overall management and co-director engineering
Johannes Buchmann , Director Building Blocks
Ahmad-Reza Sadeghi, Director Blue Print
Mira Mezini, Director Engineering
Marc Fischlin
Matthias Hollick
Stefan Katzenbeisser
Heiko coat
Mark Manulis
Eric Bodden, Claude Shannon Fellow and Head of the Secure Software Engineering Group, Head of the Emmy Noether Group RUNSECURE
Thomas Schneider, Claude Shannon Fellow and Head of the Engineering Cryptographic Protocols Group

Developed tools

RefaFlex, a tool for securing refactorings for programs that use Reflection
Join Point Interfaces, a programming language for disciplined, type-safe aspect-oriented programming
TamiFlex, a tool for better static analysis of programs that use reflection
Clara, a tool for the (partial) static evaluation of runtime monitors
FlowDroid, a tool for static information flow analysis of Android apps
SuSi, a tool for the partially automated identification of relevant sources and sinks for the information flow analysis of Android apps

Research location Darmstadt

More than 200 scientists research in the field of IT security in Darmstadt, including 16 IT security professorships and 24 postdocs. The TU Darmstadt, the Fraunhofer SIT and the Darmstadt University of Applied Sciences bundle their research activities in the LOEWE Center of Excellence CASED. The universities offer a master's degree in IT security at the TU Darmstadt and a major in IT security at the computer science department at Darmstadt University of Applied Sciences (as of January 2012). EC SPRIDE is integrated into the CASED infrastructure and complements the existing research with its focus on the design process.

Individual evidence

↑ ^a ^b ^c Three cybersecurity research centers. BMBF press release. ( bmbf.de ( Memento from October 4, 2013 in the Internet Archive ))
↑ EC SPRIDE website
↑ Cybersecurity profile area: CRISP - Center for Research in Security and Privacy.
↑ profile cyber security: CASED - Center for Advanced Security Research Darmstadt.
↑ Cybersecurity profile area: EC SPRIDE - European Center for Security and Privacy by Design. Accessed July 31, 2019 .
↑ Presentation "IBM Rational Application Security" from 2010
^ Page of the Secure Software Engineering Group ( Memento from March 4, 2016 in the Internet Archive )
^ Page of the Engineering Cryptographic Protocols Group
^ Page of the Emmy Noether group RUNSECURE ( Memento from December 18, 2014 in the Internet Archive )
↑ RefaFlex
↑ Join Point Interfaces
↑ TamiFlex. ( Page no longer available , search in web archives )@1@ 2

↑ Clara

↑ FlowDroid ( Memento from December 2, 2013 in the Internet Archive )

↑ SuSi ( Memento from November 23, 2013 in the Internet Archive )

↑ ^a ^b Department of Computer Science at TU Darmstadt ( Memento from February 21, 2015 in the Internet Archive )

↑ ^a ^b IT security department at Darmstadt University of Applied Sciences

Web links

[BMBF-1] Three cybersecurity research centers. BMBF press release. ( bmbf.de ( Memento from October 4, 2013 in the Internet Archive ))

[EC_SPRIDE-2] EC SPRIDE website

[3] Cybersecurity profile area: CRISP - Center for Research in Security and Privacy.

[4] rofile cyber security: CASED - Center for Advanced Security Research Darmstadt.

[5] Cybersecurity profile area: EC SPRIDE - European Center for Security and Privacy by Design. Accessed July 31, 2019 .

[IBM-6] Presentation "IBM Rational Application Security" from 2010

[7] Page of the Secure Software Engineering Group ( Memento from March 4, 2016 in the Internet Archive )

[8] Page of the Engineering Cryptographic Protocols Group

[9] Page of the Emmy Noether group RUNSECURE ( Memento from December 18, 2014 in the Internet Archive )

[10] RefaFlex

[11] Join Point Interfaces

[12] TamiFlex. ( Page no longer available , search in web archives )@1@ 2

[13] Clara

[14] FlowDroid ( Memento from December 2, 2013 in the Internet Archive )

[15] SuSi ( Memento from November 23, 2013 in the Internet Archive )

[fb-16] Department of Computer Science at TU Darmstadt ( Memento from February 21, 2015 in the Internet Archive )

[h_da-17] IT security department at Darmstadt University of Applied Sciences

European Center for Security and Privacy by Design (EC SPRIDE)
Logo of EC SPRIDE
Category:	research Institute
Participating institutions:	TU Darmstadt (lead) in cooperation with Fraunhofer SIT
Facility location:	Darmstadt
Type of research:	Basic research with application relevance
Subjects:	Computer science
Areas of expertise:	IT security
Basic funding:	BMBF
Overall management:	Michael Waidner
Head of Administration:	Michael Kreutzer
Homepage:	www.ec-spride.de
Address:	Mornewegstrasse 30 64293 Darmstadt