Everybody seems to talk about the disruption Blockchains (or, more general, Distributed Ledger Technology) brings. Still, the number of really convincing applications outside cryptocurrencies is not always clear. In a research project together with the Transport Systems Catapult and the Management School, we looked at the use of Blockchains in transport scenarios.

It is already the time of the year when you should prepare your submission to the International Workshop on OCL and Textual Modeling. The Call for Paper is already published.

We program computers since over 50 years. Still, we are - sad but true - used to insecure, crashing, or otherwise non-working computer systems. Gerald Weinberg, an American computer scientist, once said: “If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.”

Last month, we got interviewed by Hakin9 about one of our “side-projects”: DVHMA - The Damn Vulnerable Hybrid Mobile App. DVHMA is a hybrid mobile app (for Android) that intentionally contains vulnerabilities. Its purpose is to enable security professionals to test their tools and techniques legally, help developers better understand the common pitfalls in developing hybrid mobile apps securely.

Luckily, an increasing number of publishers allows authors of (academic) papers to publish a pre-print of their accepted papers on their personal website or their institutional website. This eases access to those papers significantly, as the “official” version on the publishers’ website is often behind a paywall. Most publishers require that the pre-prints published by the author contain a statement referring to the official version.

Thus, the only remaining question is: how to produce a pre-print containing this reference with as little effort as possible. If you are using LaTeX for writing your papers, authorarchive package might be the solution.

Enforcing the secure execution of BPMN-based service composition required a flexible monitoring and enforcement approach that allows to control the compliance of the highly dynamic system during run-time.

Apache Cordova is a widely used framework for writing mobile apps that follows the “hybrid app” paradigm. A hybrid app is a mobile app that is partly implemented in platform-neutral HTML5/JavaScript and partly in platform specific languages (e.g., Java or Objective C).

Static (data flow) analysis of hybrid apps that supports the analysis of both the platform independent and the platform specific parts in a unified way (e.g., for finding injection attacks) is an unsolved problem.

Analyzing data is an important part of evaluating the effectiveness and efficiency of activities to improve the security of software or to understand the security risk of software systems. Thus, everybody involved in secure software development should have at least a basic understanding of data science techniques.

If you want to learn more about using data science for analyzing your secure software development process, have a look at our book chapter on “Data Analytics for Software Security” [1].