News

2009-Oct: Preparation Workshop.

2010-Oct: Start of 1st period

2011-Feb: Kick-Off meeting

Priority Programme 1496 “Reliably Secure Software Systems – RS3

The Senate of the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) has announced the establishment of a new Priority Programme, entitled “Reliably Secure Software Systems – RS3”. The programme is designed to run for six years.

This Priority Programme assumes that a paradigm shift in IT-security is necessary in order to reliably guarantee the security of complex software systems. The current trust-based and mechanism-centric approaches to IT-security shall be complemented by property-oriented solutions. This paradigm shift shall enable a trustworthy certification of system-wide, technical security guarantees that adequately respects the semantics of programs and of security requirements. Bridging the gap from security in-the-small to security in-the-large will involve the improvement of conceptual foundations, the development of analysis and engineering tools, and their migration into practice. Collaborations between multiple sub-disciplines of Computer Science, primarily formal methods, IT-security, and programming languages, will be necessary to achieve the objectives of the programme.

  • The first guiding theme is the development of precisely defined (and, thus, verifiable) security properties. This shall enable a property-oriented perspective on security that, on the one hand, abstracts from technical details of implementations and, on the other hand, permits one to model the manifold security requirements and guarantees in an adequate and precise way.
  • The second guiding theme is the development of program analysis methods and tools that target the verification of security properties in a sound, precise, scalable, and usable way. This will create the basis for a semantically substantiated (and, thus, reliable) certification of security guarantees for software systems. Verification tools will be employed to establish security properties of programs as well as to ensure the soundness of security analysis tools.
  • The third guiding theme is the development of concepts for understanding and certifying security aspects even in complex software systems (hence, for security in-the-large). This requires the adaptation of established techniques for abstraction, decomposition and step-wise refinement to the field of security. In particular, it shall become possible to derive abstract security guarantees (e.g., need-to-know or separation-of-duty) from the low-level properties that are typically guaranteed by security mechanisms.

The overall goal of the programme is to support the reliable certification of useful, system-wide security guarantees based on a well-founded understanding of programs and of security aspects.

The priority programme's proposal is available online.

Important Dates

October 2010:
  • start of the 1st period of RS3 (note that 2nd period will start October 2012)
February 2011:
  • Kick-Off meeting in Darmstadt:
    • 21-22 February: Kick-Off meeting (Participation of PIs and PhD students is expected)
    • 23-24 February: Kick-Off meeting for funded and associated PhD students and PostDocs
January 2012:
  • call for proposals for 2nd funding period of RS3 (planned)
April 2012:
  • deadline for submitting interim reports and new proposals for 2nd funding period of RS3 (planned)
October 2012:
  • start of 2nd funding period of RS3 (planned)