The research goal of the Software Technology Group at TU Darmstadt is to contribute to the development of high-quality and especially secure software. An important means for this are powerful intelligent methods and algorithms of program analysis, which automate the detection of different kinds of problems, rule violations and especially security vulnerabilities. Automated analysis or automated understanding of program code is a very difficult task (for example, the simultaneous assurance of precision and correctness is generally an unsolvable problem; abstraction and approximation, as well as the systematic deviation between the two goals are required). The analysis is made even more difficult if the code is obfuscated – for example, if obfuscated code is integrated into third-party software libraries.
The Software Technology Group’s research addresses the above mentioned challenges. On the one hand, we investigate architectural models of artificial intelligence in order to facilitate the systematic assessment between different objective functions (precision, correctness, performance). Specifically, we are developing a software analysis platform called OPAL, the core of which is a “blackboard system”, in which a common knowledge base, the “blackboard”, is iteratively updated by a diverse group of expertise sources (individual code analyses), starting with a problem specification and ending with a solution. On the other hand, we develop learning analysis algorithms based on machine learning methods, which learn patterns from large code bases that encode knowledge about the code. In particular, we have developed methods and learning program analysis to automate the verification of security vulnerabilities in code and data protection specifications, i.e. without specific expert knowledge, or to support developers in the correct use of programming interfaces and libraries and thus contribute to the correct use of programming interfaces and prevent the occurence of faulty code or security holes.