Software development is the outcome of complex processes involving a large number of people. Bridging the gap from architecture and specifications to the final implementation is only one of the challenging tasks that developers have to face. In addition, the interaction and communication between the diverse players has to be mastered throughout the engineering process. Languages, methods, and tools in the engineering process need to support the variety of perspectives of the players involved. Fraunhofer SIT develops and optimizes standardized engineering methods that can guarantee a defined level of IT security. The focus is on support for stakeholders who are not experts in IT security, yet need to be equipped to take the right IT-security design decisions.
Together with partners in industry, Fraunhofer SIT develops new engineering approaches and optimizes software development processes in regard to IT security. The Institute can draw on rich experience when it comes to analyizing and evaluating software. IT supports software manufacturers over the complete software life cycle and offers:
- Security design decisions / application-specific threat models
- Definition of protection goals
- Test methods for different software products
- Training programs for developers
- Evaluation and productive use of test tools
- Development of tools for specific applications