Twitter Linked In Xing Induux


Welcome with your Diploma-, Bachelor-, Master-

Thesis "Security"

Suitability of statical code analysis in terms of security in software systems

Statical code analysis is a well established method in industry to ensure code quality. This does not only impact safety, but also security.

Coding rules like the 'SEI CERT Oracle Coding Standard for Java' explicitly target the security topic and are partly implemented in statical code analysis tools like SonarQube.

The proposed thesis shall mostly consist of theoretical analysis about the suitability of statical code analysis and whether it can improve security properties of software systems.

This examination may be abstract and disconnected from specific statical code analysis tools, but may also include specific tools like SonarQuabe. Similarly, the examination may be language agnostic or focus on a particular language like Java.

The analysis shall examine security coding rules (their implementability, relevance, ...) as well as the boundaries of statical code analysis. Ideally, the result of the thesis would give concrete information about the question whether statical code analysis is a useful method for security measures in software systems and, possibly, how to apply them.

What we expect from you:

  • You are interested in security topics in the field of programming
  • You have advanced experience in coding rules
  • You have a high level of analytical, methematical and methodical skills

What you can expect from us:

  • Support from our team
  • Insight in our departments
  • Opportunities for a permanent employment with individual career perspectives

We look forward to receiving your application, via E-Mail.

Begin: as of now / Duration: 6 months (scalable)  // Work location: Stuttgart

Keyword: ABA-CR3-Security

Human Resources
Postfach 10 24 31 · 70020 Stuttgart
T +49 711 21037-00 · F 21037-53

Information about applicant data protection can be found in our privacy policy under point 7 ff.