Research of the Software Engineering Research Group
The Software Engineering Research Group wants to deliver contributions to software engineering which are applicable to the real world and also used in the real world. At the same time we do not ask external partners to apply software engineering procedures we do not follow ourselves daily. Thus we are our own, not always successful, laboratory animals.
Scope of Work
- Empirical software engineering
- Software quality assurance and measurement
- Requirements engineering
- Software security and safety
- Agile/continuous/lean software engineering
- Behavioural software engineering
Projects of the Software Engineering Research Group
- System-Theoretic Analysis of Dependable Systems in the Automotive Domain (MISTI Global Seed Fund)
Responsible Researcher: Dr. Asim Abdulkhaleq
In collaboration with: Prof. Dr. Nancy Leveson, Dr. John Thomas (MIT)
The software-based functions in cars are increasing and becoming more complex at a breathtaking speed. We already have electronic/software components controlling safety-critical functions such as the anti-lock braking system. Yet, so far, these components individually were comparably small and classical embedded systems. With the two major new developments in the automotive domain to let cars communicate via wireless networks („connected car“) and to let them drive fully automatically („autonomous driving“), the software will reach a new dimension of complexity. Traditional methods to analyse safety in automobiles assume electromechanical systems and do not apply to software nor do they scale up to the complexity starting to emerge in these systems. Furthermore, new degrees of requirements on security and privacy will be needed for those future cars. The recent Tesla accidents involving what they call their “autopilot” is just the beginning.
This project aims at building on the promising results with a system-theoretic approach to safety analysis and developing and evaluating an integrated analysis approach to safety, security and privacy for this new generation of automotive systems. System theory is especially suitable for identifying problems in the interaction of different components instead of individual component faults. Furthermore, system theory allows us to take the whole socio-technical system into account including humans. Similarly, security and privacy relies on a suitable interaction of system components and humans.
The further potential application areas are far beyond automotive systems, but we want to be focused in this collaboration.
- Hazard Analysis in highly automated driving (funded by Continental Teves AG & Co. oHG)
- Research project PATRON (patronresearch.de, funded by the Baden-Württemberg Stiftung). Concealing Patterns - Privacy in Stream Processing
- Responsible research assistant: Kai Mindermann M.Sc.
- This research project focuses on the development of approaches for the concealing of information from datastreams of sensors of various devices from the internet of things (IoT). The goal is to find a balance between the protection of data and the quality of service (QoS). It is relevant as can be seen by a simple example. Activity trackers sense for example your heart rate which, if tracked over time and analyzed, can reveal very sensitive information about you.
- Research topic by Dipl. Ing. Jan-Peter Ostberg: "Improvement of static code analysis"
- Static code analysis is an inexpensive way to increase software quality. Todays tools can provide valid and helpful warnings to the developers. Still these tools are underused. One problem leading to this is the lack of usability. In my research I am focusing on the helping of an individual developer gaining the best experience from the tool. The underlaying concept is based on psychological models. Also I want to explorer the connections between removal of issues of static analysis and their impact on software metrics.
- Research topic by Kai Mindermann M.Sc.: "Improvement of the usability of security in software engineering"
- The realization of profound mathematical techniques through the modern cryptography is able to greatly improve information security. Many implementations lack easy usage; they are complicated to operate in general, their implementations are flawed and it is often hard to keep them up to date. In my research I want to reduce these problems within software technology by using software technology approaches themselves.
- Research topic by Daniel Kulesz, M.Sc.: "Inspection and assessment of spreadsheet programs"
- Today, a world without Spreadsheet programs is hard to imagine. Compared to traditional programs, spreadsheet programs provide a higher flexibility and allow end-users to develop the programs themselves. Unfortunately, anomalies in spreadsheet programs are very commong and can lead to severe damage. My research focuses on the inspection and assessment of spreadsheet programs.
- Research topic by Yang Wang: "Safety and Security Analysis in Agile development Processes" (funded with a stipend of the state of Baden-Württemberg)
- Agile development methodologies are becoming a tendency in today’s changing software development. However, due to a lack of quality assurance activities, especially safety and security analysis, agile methods are criticized for being inadequate for the development of safe and security critical software. To apply agile methodologies into safety and security critical systems, most research prefers combining agile methods with traditional development processes relying on standards. However, little emphysis is put on the nature of agile techniques. On the other side, safety and security are two interrelated quality aspects. Due to the growing trend of Internet of Things, more and more security vulnerabilities will also cause safety hazards. Thus, in my research, these two quality aspects would be taken into consideration in agile development processes.
- Research topic by Dipl. math. oec. Erica Weilemann: "In which way is software quality influenced by the personality of a software engineer?"
- During the whole software engineering process, human beings are involved and thus influence the software product, also concerning different aspects of software quality. In my research I investigate, in which way the personality of every single participant in a software engineering process has an influence on the quality of the product of this process – the software. In a first step, I focus on the influence of the personality of a programmer on the maintainability of the software.
- Research topic by Rainer Niedermayr: "Evaluation and Improvement of Software Tests"
- Automated and manual software tests are used in the quality assurance to discover faults in a software product at an early stage. In practice, code-coverage criteria are used to determine the effectiveness of the tests. However, code coverage only expresses which code chunks were executed by tests, but not, how effective the tests are in detecting faults. This work investigates, how the effectiveness of tests can be determined in a more meaningful way, and how ineffective tested areas can be prioritized.
- Application of STPA to the Daimler Environment (funded by Daimler AG)
- Research topic by Ivan Bogicevic, Dipl.-Inf.: "Specification of Software Modules"
If a software is not subdivided into precisely delimited parts, it is hard to maintain. Therefore, it is both essential and common practice to break the system down into modules. A well-documented software design contains precise module specifications that are up-to-date. But in practice, the quality of documents on this level is insufficient. The documents are outdated, or their state is unknown. This work investigates how developers can specify and document modules effectively. It presents a new process model that helps to describe modules under real-life conditions. A catalogue of module specifications that describe the modules of a software is a key element of the technique.
- Experimentelle Verbesserung des Lernens von Software Engineering, EVELIN (Subcontractor of HS Neu-ULM, founded by the BMBF)
- Research topic by Asim Abdulkhaleq, M.Sc.: "STPA Swiss: Software Safety Engineering Approach based on STPA for Software-Intensive Systems"
Software’s safety becomes a critical aspect in the development process of modern systems. However, safety is a system property and, hence, needs to be analysed in a system context to identify all potential hazardous software behaviours. The complexity of software makes defining appropriate software safety requirements with traditional safety analysis techniques difficult. STPA (Systems-Theoretic Processes Analysis) is a unique safety analysis approach which has been developed to identify system hazards, including the software-related hazards as well. Formal verification and testing are complementary approaches which are used in the development process to verify the functional correctness of software. However, the correctness of software cannot ensure the safe operation of safety-critical software systems. The software must be verified against its safety requirements which are identified by safety analysis to ensure potential hazardous causes cannot occur. My research focuses on developing a comprehensive safety engineering approach based on STPA including software testing and model checking approaches for the purpose of developing a safe software. The proposed approach can be embedded within a defined software engineering process or applied on existing software systems to help software and safety engineers to recognize the software risks.