Many potential security vulnerabilities exist and are known to security experts. But developers often fail to avoid these vulnerabilities: the same mistakes are repeated over and over again. The core reason for this is that information on vulnerabilities is not available to developers in a form conveniently accessible to them while they work on software design and development.
At the same time there is an increasing desire amongst software developers, their customers, and society at large to avoid security vulnerabilities.
The main objective of SHIELDS is to bridge the gap between security experts and software developers and thereby reduce the occurrence of security vulnerabilities. The project will:
- Make it easier and faster for security experts to make information about identified security vulnerabilities known to the developer community, in a form directly accessible via widely used design and development tools.
- Help individual developers to detect and remove security vulnerabilities from directly within the development tools they normally use.
- Increase awareness amongst developers about known security vulnerabilities.
- Help software development organisations to verify (internally and to their customers) that they have successfully reduced security vulnerabilities in their products.
Shields is an EU-FP7 ICT-project (STREP) coordinated by Professor Nahid Shahmehri, Linköping University . Partners are: Linköping University (Sweden), SINTEF (Norway), European Software Institute (Spain), Fraunhofer IESE (Germany), Institut National des Télécommunications (France), Montimage (France), SEARCH-LAB (Hungary) and TXT e-Solutions (Italy ). The project duration is: January 1, 2008 to June 30, 2010.
For more information, visit the project homepage: SHIELDS
Contact in SINTEF:
Per Håkon Meland