Staff

Dr.-Ing. Dominik Helm

Software Technology Group

Contact

work +49 6151 16-21369

Work S2|02 A216
Hochschulstr. 10
64289 Darmstadt

I am currently an interim professor at the University of Duisburg-Essen. Thus I cannot accept any new theses at the moment. If you are looking for a thesis on OPAL or static analysis in general, please contact Julius Näumann , Tobias Roth , or Sven Keidel .

I am a (post-)doctoral researcher at the Software Technology Group at TU Darmstadt since 2018. I work on modularization and automatic parallelization of collaborative static analyses in order to improve the precision, soundness, and performance of static analyses. In particular, I work on the OPAL static analysis framework for Java VM bytecode in order to improve analyses to find bugs and security vulnerabilities. Analyses I have been working on include purity and immutability analyses as well as modular, feature-rich call graphs.

I am currently the lead maintainer of the OPAL static analysis framework.

Projects

I am a member of ATHENE. ATHENE accompanies and supports the digital transformation of society, business and the public sector to improve cybersecurity and data protection.

ATHENE develops security solutions, regularly advises business and public administration, and supports company founders and startups. In doing so, the knowledge gained from basic research at universities flows into further application-oriented research. With its research and development work, ATHENE covers a very wide range of expertise relevant to various technologies and application areas, such as the security of systems, software, applications, processes, hardware, data or the Internet infrastructures. The research center works in an agile and efficient manner and is thus able to respond to new challenges and changing threat situations even at short notice.

ATHENE is a research facility of the Fraunhofer-Gesellschaft with the participation of the Fraunhofer Institutes SIT and IGD as well as the universities TU Darmstadt and Hochschule Darmstadt. The center is funded by the German Federal Ministry of Education and Research (BMBF) and the Hessian Ministry of Science and the Arts (HMWK) and is located in the city of science Darmstadt, Germany's premier address for cybersecurity research.

I am a member of CRISP. The core focus of CRISP is the topic “Security at Large”.

Through this, CRISP is pursuing an entirely new objective and redefining the focus of research conducted at Darmstadt, taking developments in diverse fields of application into account.

Cybersecurity research to date has generally only considered isolated characteristics and moderately sized systems. CRISP sets out to research security for large systems – from their individual components all the way up to their interaction within comprehensive security solutions.

OPAL is a next-generation, highly configurable and scalable static analysis platform that supports developers in systematically chosing the best tradeoffs between precision, soundness and performance of static analyses. It does so by hosting a wide and extensible collection of modular analyses modules that can be automatically composed in a case-by-case manner to collaboratively reason about a particular software at hand. OPAL manages the execution of analysis modules and adjusts it as needed for scalability.

OPAL can be used for Java bytecode processing, engineering, manipulation and analysis. It is written in Scala 2.12.x and supports Java 21 Bytecode; OPAL in particular provides support to facilitate the analysis of Java 8 lambda expressions (Invokedynamic instructions) and Java 15 dynamic constants.

Teaching

Term Courses
Winter 2023/24
  • Lecturer for 'Software Engineering'
  • Project Management Workshop in 'Software Engineering Project'
  • Advisor for the team Cockpit Crew in 'Software Engineering Project'
  • Topic instructor 'Call-Graph Challenges in Dynamic Languages' in 'Foundations of Static Analysis'
  • Topic instructor 'String analysis for the JVM' in 'Implementation of Modern Programming Languages'
Summer 2023
  • Topic instructor 'Flexible analyses for OPAL data structures' in 'Software Development Tools'
Winter 2022/23
  • Project Management Workshop in 'Software Engineering Project'
  • Advisor for the team re:Place in 'Software Engineering Project'
Winter 2021/22
  • Lecturer for 'Program Analysis'
  • Project Management Workshop in 'Software Engineering Project'
  • Advisor for the team Seresy in 'Software Engineering Project'
  • Topic instructor 'Java 17 Support for OPAL' in 'Software Development Tools'
Winter 2020/21
  • Advisor for the team Megaphone Technologies in 'Software Engineering Project'
Winter 2019/20
  • Lecturer for 'Applied Static Analysis'
  • Advisor for the team Die ConTrolle in 'Software Engineering Project'
  • Teaching Assistant 'Software Engineering'
Winter 2018/19
  • Teaching Assistant 'Software Engineering'

Reviewing

  • Open Analyses Library

    2022/03/01

    Bachelor Thesis, Master Thesis

    OPAL is a comprehensive library for static analyses that is developed in Scala to facilitate the writing of a wide range of different kinds of analyses. OPAL supports the development of analyses ranging from bug/bug pattern detection up to full-scale data-flow analyses.

    In the context of this project we are always searching for students who are interested in static analysis and want to implement them using Scala. Topics of interest are, e.g., to develop needed base static analyses such as Call Graph Algorithm, analyses to find security issues or to visualize software.

    If you are interested in OPAL, do not hesitate to contact Dominik Helm. For further information, you can also go to The OPAL Project

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Supervisors: Dr.-Ing. Dominik Helm, Tobias Roth, M.Sc.

  • A Call-Graph Comparison Framework for Dynamic Languages

    2024/03/15

    Master Thesis

    The goal of this thesis is to study challenges in constructing call graphs in dynamic programming languages such as Python and JavaScript and to implement a framework to study the soundness of call graphs for such languages.

    Call graphs are foundational static analyses and a prerequisite for any interprocedural analysis. Constructing sound call graphs is hard for real-world programs due to challenging features of programming languages and ecosystems.

    The thesis should study the challenges that dynamic languages pose to call-graph construction. Based upon this study, a benchmark of test cases for individual challenges shall be created and a framework implemented that uses these benchmarks to study the soundness of existing call-graph implementations in various tools. This framework could be incorporated in our existing JCG tool, that performs similar tasks for Java Bytecode programs.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Institute Software Technology Group

    Supervisor: Dr.-Ing. Dominik Helm

  • IDE Solver for OPAL: Integration, Interaction, and Performance

    2024/03/15

    Master Thesis

    The goal of this thesis is to implement a solver for IDE in our OPAL static analysis framework.

    IDE is a graph-based data-flow framework upon which data-flow analyses can be built. In the past, IDE has been used to implement, e.g., constant propagation or alias analyses.

    The thesis should integrate IDE in OPAL based on the existing IFDS solver. It should explore possible interactions between IDE analyses and other analyses implemented in OPAL. A focus of the evaluation should be the runtime and memory performance of the implemented solver.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Institute Software Technology Group

    Supervisor: Dr.-Ing. Dominik Helm

  • Alias Analysis for Java Programs

    2023/11/01

    Bachelor Thesis

    The goal of this thesis is to develop foundations for alias analyses in our OPAL static analysis framework.

    Alias analyses reason about whether two locations such as local variables, method parameters, or fields, may, may not, or must refer to the same object(s). They are the foundation for many advanced static analyses.

    The thesis should design lattices that describe alias information and develop first alias analyses. Further, the thesis should look into applications of alias analyses within OPAL.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Institute Software Technology Group

    Supervisor: Dr.-Ing. Dominik Helm

  • Hybrid Taint Analysis

    2021/05/26

    Bachelor Thesis

    The goal of this thesis is to develop a hybrid taint analysis of Java and JavaScript based programs.

    Taint analyses are (static) analyses that track the flow of 'tainted' values, such as unsanitized user inputs or private data. With more and more hybrid software built using two or more programming languages, taint analysis must be extended to handle such applications.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Supervisors: Tobias Roth, M.Sc., Dr.-Ing. Dominik Helm

  • Modular Immutability Analyses

    2020/04/16

    Master Thesis

    The goal of this thesis is to develop a set of modular immutability analyses using ourOPAL static analysis framework.

    Immutability covers a wide range of different programming language constructs, including fields and classes. These different kinds of immutability interact and depend on each other, making them a prime target for modularly collaborating analyses.

    The thesis should provide unifying definitions of different kinds of immutability and develop corresponding modular analyses for Java bytecode.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Supervisors: Dr.-Ing. Dominik Helm, Dr.-Ing. Michael Reif

  • New Implementation Strategy for IFDS-based Dataflow Analyses

    2019/08/29

    Master Thesis

    The goal of this thesis is to develop a new implementation strategy for IFDS analyses using the OPAL static analysis framework.

    IFDS (or interprocedural, finite, distributive, subset problems) is a graph-reachability based algorithm for dataflow analysis that has gained popularity in recent years.

    In this thesis, a new implementation strategy is to be developed and evaluated that can be efficiently parallelized using OPAL's fixed-point solver.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Supervisors: Dr.-Ing. Dominik Helm, Prof. Dr. Michael Eichberg

  • String Analysis for Java Bytecode

    2019/05/06

    Master Thesis

    The goal of this thesis is to develop a static analysis to describe the contents and shapes of Strings in Java Bytecode based programs.

    String contents play an important role, e.g., in determining the targets of reflective method calls or the usage of cryptographic APIs.

    The analysis will be developed as a part of OPAL, a static analysis framework developed at the Software Technology group. It will provide a basis for other analyses in OPAL, such as reflection analyses.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Supervisors: Prof. Dr. Michael Eichberg, Dr.-Ing. Dominik Helm

  • Reactive Async for Static Analyses

    2019/01/31

    Master Thesis

    The goal of this thesis is to extend the Reactive Async programming model to support static analyses.

    Static analyses performance can benefit greatly from parallelization, but static analyses pose specific requirements to be easily and efficiently parallelized. Reactive Async is a programming model for parallel computations. This thesis should develop extensions to this programming model that ease the implementation of static analyses using Reactive Async. Additionally, different strategies for scheduling individual parallel tasks should be evaluated in order to increase static analysis performance further.

    Examiner: Prof. Dr.-Ing. Mira Mezini

    Supervisors: Prof. Dr. Michael Eichberg, Dr.-Ing. Dominik Helm

Publications

Loading...
Loading data from TUbiblio…

Error on loading data

An error has occured when loading publications data from TUbiblio. Please try again later.

  • {{ year }}

    • ({{ publication.date.toString().substring(0,4) }}):
      {{ publication.title }}.
      In: {{ publication.series }}, {{ publication.volume }}, In: {{ publication.book_title }}, In: {{ publication.publication }}, {{ publication.journal_volume}} ({{ publication.number }}), ppp. {{ publication.pagerange }}, {{ publication.place_of_pub }}, {{ publication.publisher }}, {{ publication.institution }}, {{ publication.event_location }}, {{ publication.event_dates }}, ISSN {{ publication.issn }}, e-ISSN {{ publication.eissn }}, ISBN {{ publication.isbn }}, {{ labels[publication.type]?labels[publication.type]:publication.type }}
    • […]

Number of items in this list: {{ publicationsList.length }}
Only the {{publicationsList.length}} latest publications are displayed here.

View complete list at TUbiblio View this list at TUbiblio