Skip to main content

Computer Science

Photo of Prof Achim D. Brucker

Prof Achim D. Brucker

Chair in Cybersecurity and Trustworthy Systems

 A.Brucker@exeter.ac.uk

 (Streatham) 4569

 01392 724569

Visit personal website


Overview

Group Website | Blog | Mastodon | X/Twitter | LinkedIn | Google Scholar | DBLP | ORCID

Book a Meeting:

Short Bio

Achim is a full Professor in Computer Science (Chair in Cybersecurity) and Head of the Cybersecurity Group at the University of Exeter, UK, and a leading expert in secure software engineering, cybersecurity, and formal methods. He is the head of the Cybersecurity Group at Exeter and leads the Software Assurance & Security Research Team. From December 2015 to May 2019, he was a Senior Lecturer and Consultant at the Computer Science Department of The University of Sheffield, UK.

Until December 2015, Achim was a Research Expert (Architect), Security Testing Strategist, and Project Lead in the Global Security Team of SAP SE, where, among others, he defined the risk-based security testing strategy of SAP. This strategy combines static, dynamic, and interactive security testing methods and integrates them deeply into SAP’s Secure Software Development Life Cycle. He was involved in rolling out static and dynamic application security testing tools to the world-wide development organization of SAP. Moreover, he represented SAP in OCL standardization process of the OMG.

Want to Work with Me

Industry and Academic Collaborations

I am always excited to connect with new collaborators in areas of my research (e.g., cybersecurity, information security, high-integrity systems, formal methods, software development/engineering, etc.). Collaboration can range from informal collaborations to consultancy or adivisory roles, to contracted research,  to publicly (co-)funded project to direct industry engagements. Please email me to discuss details, or book a short meeting. Within the umbrella of the university, usually short term consultancy work (a few days) or long-term project (at least three, preferably six months) or co-funded PhD studentships seem to work best. But other collaboration models can also work. Do not hesitate to contact me!

Prospective PhD Students

Please see the section on PhD Supervision.

Advisory Roles

Professional Activities and Achievements

  • Expert at the European Commission (EU).
  • Member of the EPSRC Peer Review College.
  • Member of the EPSRC Future Leadership Peer Review College.
  • Member of the Tests and Proofs (TAP) conference steering committee.
  • Speaker on professional security conferences such as OWASP AppSecEU.

Qualifications

Academic Management and Administrative Roles

Research

Achim’s research interests include cybersecurity, formal methods, security/safety engineering, and software engineering. His aim is to build secure, reliable, resilient software (and hardware systems). He works on using formal methods, verification, static analysis, and testing techniques both on the source and binary level as well as on the level of specifications and abstract models.

Examples of his work include the Isabelle/HOL-based tools HOL-OCL (a formal specification environment and theorem prover for UML/OCL specifications) and HOL-TestGen (a theorem prover-based testing environment), model-driven engineering tools (e.g., in the context of SecureUML and SecureBPMN), security testing, work in access control, mobile security and browser security, verification of security protocols, or the security of business-process-driven systems.  More recently, he started to work on applying formal methods to the safety and security of deep learning systems. For a more complete overview of his research achievements, please visit his personal web page and the software assurance & security research page.

PhD Supervision

I always welcome applications from self-funded PhD students in all areas of security, safety, trustworthiness, or reliability. This includes, but is not limited to, topics in one or more of the following ares: formal methods, information security, software security, security engineering (both, software and hardware), verification, testing, and combinations thereof.

For more information about pursuing a PhD in Computer Science at the University of Exeter, please visit the postgraduate research page of the department. Each year there are also a number of studentships available, e.g., offered by the UK Research Council, the China Scholarship Council (CSC), or by the Commonwealth Scholarships Programme.

If you want to be supervised by me, please contact me at least four weeks before you apply (and before the deadline). This allows us to discuss (and maybe adapt) your research proposal. In your email (cover letter), please provide a short explanation why you want to be supervised by me, e.g.,

  • For topics proposed by me: provide a brief explanation why you are interested in my proposal and what prior-knowledge of the area you have. Areas I am currently particularly interested in include (but are not limited to):
    • Cyber-physical Systems for safety- or security-critical applications.
    • Formal approaches to web browser security.
    • Security testing or reverse engineering.
    • Program analysis or fuzzing for improving the security, safety, correctness of software applications.
    • Open source security and secure software supply chains.
    • Theorem prover-based testing.
    • Verification or testing of security or correctness properties for non-standard computing architectures (e.g., quantum computing, FPGA, GPGPU).
    • Integrating Formal and Semi-Formal Aspects of System Development for Certification Processes
    • Formal approaches to security and privacy.
    • Trustworthy ML/AI for high-assurance Systems.
  • For topics proposed by you: provide a brief explanation why I am the right person to supervise you, i.e., how does your proposal fit in my research (and where is my expertise beneficial). I also strongly recommend having a look on my publications and research. This should give you a good idea of the type of research I am interested in.

Ongoing PhD Projects

Completed PhD Projects

Back to top


Publications

Copyright Notice: Any articles made available for download are for personal use only. Any other use requires prior permission of the author and the copyright holder.

| 2024 | 2023 | 2022 | 2021 | 2020 | 2019 | 2018 | 2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | Patents |

2024

  • Brucker AD, Méric N, Wolff B. (2024) Isabelle/DOF, Archive of Formal Proofs. [PDF]
  • Brucker AD, Cameron-burke T, Stell A. (2024) Formally Verified Interval Arithmetic and Its Application to Program Verification, FormaliSE 2024, Lisbon, Portugal, 14th - 15th Apr 2024, 13th IEEE/ACM International Conference on Formal Methods in Software Engineering (FormaliSE 2024), DOI:10.1145/3644033.3644370.
  • Brucker AD, Stell A. (2024) (Extended) Interval Analysis, Archive of Formal Proofs. [PDF]

2023

  • Yalman S. (2023) Improving Confidentiality in Inter-Organizational Collaborations.
  • Brucker AD, Ait-Sadoune I, Méric N, Wolff B. (2023) Using Deep Ontologies in Formal Software Engineering, International Conference on Rigorous State Based Methods (ABZ 2023), Springer-Verlag. [PDF]
  • Hess AV, Mödersheim SA, Brucker AD. (2023) Stateful Protocol Composition in Isabelle/HOL, ACM Transactions on Privacy and Security, DOI:10.1145/3577020. [PDF]
  • Brucker AD, Stell A. (2023) Verifying Feedforward Neural Networks for Classification in Isabelle/HOL, Formal Methods (FM 2023), Springer. [PDF]

2022

  • Marmsoler D, Brucker AD. (2022) Isabelle/Solidity: A deep Embedding of Solidity in Isabelle/HOL, Archive of Formal Proofs. [PDF]
  • Brucker AD. (2022) Nano JSON: Working with JSON formatted data in Isabelle/HOL and Isabelle/ML, Archive of Formal Proofs. [PDF]
  • Brucker A, Wolff B. (2022) Isabelle/DOF 1.3.0/2021-1. [PDF]
  • Marmsoler D, Brucker AD. (2022) Conformance Testing of Formal Semantics using Grammar-based Fuzzing, TAP 2022: Tests And Proofs, Springer-Verlag. [PDF]

2021

  • Marmsoler D, Brucker AD. (2021) A Denotational Semantics of Solidity in Isabelle/HOL, Software Engineering and Formal Methods (SEFM), Springer-Verlag. [PDF]
  • Brucker AD, Yalman S. (2021) Confidentiality Enhanced Life-Cycle Assessment, BPMN 2021 Workshops. [PDF]
  • Hess AV, Mödersheim S, Brucker AD, Schlichtkrull A. (2021) Performing Security Proofs of Stateful Protocols, 34th IEEE Computer Security Foundations Symposium (CSF), DOI:10.1109/CSF51468.2021.00006. [PDF]

2020

  • Brucker AD, Herzberg M. (2020) A Formal Model of the Safely Composable Document Object Model with Shadow Roots, Archive of Formal Proofs. [PDF]
  • Brucker AD, Herzberg M. (2020) A Formalization of Safely Composable Web Components, Archive of Formal Proofs. [PDF]
  • Brucker AD, Herzberg M. (2020) The Safely Composable DOM, Archive of Formal Proofs. [PDF]
  • Foster M, Brucker AD, Taylor RG, Derrick J. (2020) A Formal Model of Extended Finite State Machines, Archive of Formal Proofs.
  • Foster M, Brucker AD, Taylor RG, Derrick J. (2020) Inference of Extended Finite State Machines, Archive of Formal Proofs.
  • Brucker AD, Tuong F, Wolff B. (2020) Model Transformation as Conservative Theory-Transformation, J. Object Technol, pages 1-1, DOI:10.5381/jot.2020.19.3.a3. [PDF]
  • Hess AV, Mödersheim S, Brucker AD, Schlichtkrull A. (2020) Automated Stateful Protocol Verification, Archive of Formal Proofs.
  • Hess AV, Mödersheim S, Brucker AD. (2020) Stateful Protocol Composition and Typing, Archive of Formal Proofs.
  • Brucker AD, Herzberg M. (2020) A Formally Verified Model of Web Components, Formal Aspects of Component Software (FACS), Springer-Verlag, DOI:10.1007/978-3-030-40914-2_3. [PDF]

2019

  • . (2019) 19th International Workshop on OCL and Textual Modeling, OCL 2019, Munich, Ottawa, Canada, September 16, 2019. Proceedings.
  • Brucker AD, Daniel G, Gogolla M, Jouault F, Ponsard C, Ramon V, Willink ED. (2019) Emerging Topics in Textual Modelling, OCL 2019, volume 2513, pages 91-104. [PDF]
  • Brucker AD, Wolff B. (2019) Using Ontologies in Formal Developments Targeting Certification, Integrated Formal Methods (iFM), Springer-Verlag, DOI:10.1007/978-3-030-34968-4_4. [PDF]
  • Brucker AD, Wolff B. (2019) Isabelle/DOF. User and Implementation Manual, DOI:10.5281/zenodo.3370483. [PDF]
  • Foster M, Brucker AD, Taylor RG, North S, Derrick J. (2019) Incorporating Data into EFSM Inference, Software Engineering and Formal Methods (SEFM), Springer-Verlag. [PDF]
  • Brucker AD, Wolff B. (2019) Isabelle/DOF: Design and Implementation, Software Engineering and Formal Methods (SEFM), Springer-Verlag. [PDF]
  • Dashevskyi S, Brucker AD, Massacci F. (2019) A Screening Test for Disclosed Vulnerabilities in FOSS Components, IEEE Transactions on Software Engineering, volume 45, no. 10, pages 945-966, DOI:10.1109/TSE.2018.2816033.

2018

  • Botana F, Brucker A, Hasek R, Maric F, Neuper W, Pech P, Quaresma P, Santos V, Schreiner W, Wolff B. (2018) Preface, ELECTRONIC PROCEEDINGS IN THEORETICAL COMPUTER SCIENCE, no. 267. [PDF]
  • Hess AV, Mödersheim SA, Brucker AD. (2018) Stateful Protocol Composition (Extended Version). [PDF]
  • Brucker AD, Herzberg M. (2018) A Formal Semantics of the Core DOM in Isabelle/HOL, DOI:10.1145/3184558.3185980.
  • Brucker AD, Herzberg M. (2018) A formal model of the Document Object Model, Archive of Formal Proofs. [PDF]
  • Brucker AD, Clarisó R, Wu H. (2018) 18th International Workshop on OCL and Textual Modeling (OCL 2018), CEUR Workshop Proceedings, volume 2245, pages 87-88.
  • Asim M, Yautsiukhin A, Brucker AD, Baker T, Shi Q, Lempereur B. (2018) Security policy monitoring of BPMN-based service compositions, Journal of Software: Evolution and Process, volume 30, no. 9, DOI:10.1002/smr.1944.
  • Bill R, Brucker AD, Cabot J, Gogolla M, Vallecillo A, Willink ED. (2018) Workshop in OCL and Textual Modelling: Report on Recent Trends and Panel Discussions, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 10748 LNCS, pages 297-301, DOI:10.1007/978-3-319-74730-9_26.
  • Brucker AD, Herzberg M. (2018) Formalizing (web) standards: An application of test and proof, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 10889 LNCS, pages 159-166, DOI:10.1007/978-3-319-92994-1_9.
  • Brucker AD, Ait-Sadoune I, Crisafulli P, Wolff B. (2018) Using the isabelle ontology framework: Linking the formal with the informal, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 11006 LNAI, pages 23-38, DOI:10.1007/978-3-319-96812-4_3.
  • Hess AV, Mödersheim SA, Brucker AD. (2018) Stateful protocol composition, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 11098 LNCS, pages 427-446, DOI:10.1007/978-3-319-99073-6_21.
  • Foster M, Taylor RG, Brucker AD, Derrick J. (2018) Formalising extended finite state machine transition merging, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 11232 LNCS, pages 373-387, DOI:10.1007/978-3-030-02450-5_22.

2017

2016

  • Felderer M, Büchlein M, Johns M, Brucker AD, Breu R, Pretschner A. (2016) Security Testing: A Survey, Advances in Computers, volume 101, pages 1-51, DOI:10.1016/bs.adcom.2015.11.003. [PDF]
  • Brucker AD, Brügger L, Feliachi A, Keller C, Krieger MP, Longuet D, Nemouchi Y, Tuong F, Wolff B. (2016) HOL-TestGen 1.8.0 User Guide, CNRS – Université de Paris Sud, CNRS – Université de Paris Sud. [PDF]
  • Brucker AD. (2016) Sicherheitstests für Secure DevOps (SecDevOps), OBJEKTspektrum. [PDF]
  • . (2016) 16th International Workshop on OCL and Textual Modeling, OCL 2016, Saint-Malo, France, October 2, 2016. Proceedings. [PDF]
  • Felderer M, Büchler M, Johns M, Brucker AD, Breu R, Pretschner A. (2016) Security Testing: A Survey, Advances in Computers, 1-51, DOI:10.1016/bs.adcom.2015.11.003.
  • Brucker AD, Havle O, Nemouchi Y, Wolff B. (2016) Testing the IPC protocol for a real-time operating system, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 9593, pages 40-60, DOI:10.1007/978-3-319-29613-5_3.
  • Dashevskyi S, Brucker AD, Massacci F. (2016) On the security cost of using a free and open source component in a proprietary product, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 9639, pages 190-206, DOI:10.1007/978-3-319-30806-7_12.
  • Brucker AD, Herzberg M. (2016) On the static analysis of hybrid mobile apps: A report on the state of Apache Cordova nation, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 9639, pages 72-88, DOI:10.1007/978-3-319-30806-7_5.
  • Brucker AD, Wolff B. (2016) Monadic sequence testing and explicit test-refinements, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 9762, pages 17-36, DOI:10.1007/978-3-319-41135-4_2.
  • Brucker AD, Cabot J, Daniel G, Gogolla M, Herrera ASB, Hilken F, Tuong F, Willink ED, Wolff B. (2016) Recent developments in OCL and textual modelling, CEUR Workshop Proceedings, volume 1756, pages 157-165.
  • Brucker AD, Cabot J, Herrera ASB. (2016) CEUR Workshop Proceedings: Preface, CEUR Workshop Proceedings, volume 1756, pages 1-2.

2015

2014

  • Brucker AD, Chiorean D, Clark T, Demuth B, Gogolla M, Plotnikov D, Rumpe B, Willink ED, Wolff B. (2014) Report on the Aachen OCL Meeting, DOI:10.48550/arxiv.1408.5698.
  • . (2014) 14th International Workshop on OCL and Textual Modeling, OCL 2014, Valencia, Spain, September 30, 2014. Proceedings. [PDF]
  • Brucker AD, Compagna L, Guilleminot P. (2014) Compliance validation of secure service compositions, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 136-149.
  • Brucker AD, Tuong F, Wolff B. (2014) Featherweight OCL: A Proposal for a Machine-Checked Formal Semantics for OCL 2.5, Archive of Formal Proofs. [PDF]
  • Asim M, Yautsiukhin A, Brucker AD, Lempereur B, Shi Q. (2014) Security policy monitoring of composite services, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 192-202.
  • Meland PH, Rios E, Tountopoulos V, Brucker AD. (2014) The aniketos platform, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 50-62.
  • Brucker AD, Malmignati F, Merabti M, Shi Q, Zhou B. (2014) The Aniketos Service Composition Framework, Secure and Trustworthy Service Composition, 121-135, DOI:10.1007/978-3-319-13518-2_9.
  • Brucker AD. (2014) Using secureBPMN for modelling security-aware service compositions, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 110-120.
  • Sohr K, Bartsch S, Volkamer M, Berger BJ, Bodden E, Brucker AD, Maseberg S, Kus M, Heider J. (2014) Zertifizierte Datensicherheit für mobile Anwendungen, GI Sicherheit 2014, volume 228, pages 283-291. [PDF]
  • Bachmann R, Brucker AD. (2014) Developing secure software, Datenschutz und Datensicherheit - DuD, volume 38, no. 4, pages 257-261, DOI:10.1007/s11623-014-0102-0.
  • Brucker AD, Wolff LBB. (2014) The Unified Policy Framework (UPF), Archive of Formal Proofs. [PDF]
  • Brucker A. (2014) Service compositions: Curse or blessing for security?, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8368 LNCS.
  • Brucker AD, Julliand J. (2014) Editorial for the special issue of STVR on tests and proofs volume 1: Tests and proofs in model-based testing, Software Testing Verification and Reliability, volume 24, no. 7, pages 497-498, DOI:10.1002/stvr.1560.
  • Brucker AD, Dania C, Georg G, Gogolla M. (2014) Preface, CEUR Workshop Proceedings, volume 1285.
  • Brucker AD, Clark T, Dania C, Georg G, Gogolla M, Jouault F, Teniente E, Wolff B. (2014) Panel discussion: Proposals for improving OCL, CEUR Workshop Proceedings, volume 1285, pages 83-99.
  • Brucker AD, Julliand J. (2014) Editorial: Editorial for the special issue of STVR on tests and proofs volume 2: Tests and proofs for improving the generation time and quality of test data suites, Software Testing Verification and Reliability, volume 24, no. 8, pages 591-592, DOI:10.1002/stvr.1558.
  • Brucker AD, Dalpiaz F, Giorgini P, Meland PH, Rios E. (2014) Preface.
  • Brucker AD, Dalpiaz F, Giorgini P, Meland PH, Rios E. (2014) Secure and Trustworthy Service Composition: The Aniketos Approach, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, DOI:10.1007/978-3-319-13518-2.
  • Bartsch S, Berger BJ, Bodden E, Brucker AD, Heider J, Kus M, Maseberg S, Sohr K, Volkamer M. (2014) Certified data security for Android applications based on static program analyses, Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI), volume P-228, pages 283-291.
  • Brucker AD, Sodan U. (2014) Deploying static application security testing on a large scale, Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI), volume P-228, pages 91-101.
  • Brucker AD, Malmignati F, Merabti M, Shi Q, Zhou B. (2014) The Aniketos Service Composition Framework: Analysing and ranking of secure services, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 121-135, DOI:10.1007/978-3-319-13518-2_9.
  • Brucker AD, Compagna L, Guilleminot P. (2014) Compliance validation of secure service compositions, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 136-149, DOI:10.1007/978-3-319-13518-2_10.
  • Meland PH, Rios E, Tountopoulos V, Brucker AD. (2014) The aniketos platform, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 50-62, DOI:10.1007/978-3-319-13518-2_4.
  • Brucker AD. (2014) Using secureBPMN for modelling security-aware service compositions, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 110-120, DOI:10.1007/978-3-319-13518-2_8.
  • Asim M, Yautsiukhin A, Brucker AD, Lempereur B, Shi Q. (2014) Security policy monitoring of composite services, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8900, pages 192-202, DOI:10.1007/978-3-319-13518-2_13.

2013

  • Brucker AD, Hang I. (2013) Secure and Compliant Implementation of Business Process-Driven Systems, Business Process Management Workshops, Springer Berlin Heidelberg, 662-674, DOI:10.1007/978-3-642-36285-9_66. [PDF]
  • Brucker AD, Brügger L, Wolff B. (2013) hol-TestGen/fw, Theoretical Aspects of Computing – ICTAC 2013, 112-121, DOI:10.1007/978-3-642-39718-9_7.
  • Brucker AD. (2013) Integrating Security Aspects into Business Process Models, it - Information Technology, volume 55, no. 6, pages 239-246, DOI:10.1515/itit.2013.2004.
  • Brucker AD, Longuet D, Tuong F, Wolff B. (2013) On the Semantics of Object-oriented Data Structures and Path Expressions (Extended Version). [PDF]
  • Brucker AD. (2013) Integrating Security Aspects into Business Process Models, it - Information Technology, volume 55, no. 6, DOI:10.1524/itit.2013.2004.
  • Brucker AD, Hang I. (2013) Secure and compliant implementation of business process-driven systems, Lecture Notes in Business Information Processing, volume 132 LNBIP, pages 662-674, DOI:10.1007/978-3-642-36285-9_66.
  • Brucker AD, Wolff B. (2013) On theorem prover-based testing, Formal Aspects of Computing, volume 25, no. 5, pages 683-721, DOI:10.1007/s00165-012-0222-y.
  • Compagna L, Guilleminot P, Brucker AD. (2013) Business process compliance via security validation as a service, Proceedings - IEEE 6th International Conference on Software Testing, Verification and Validation, ICST 2013, pages 455-462, DOI:10.1109/ICST.2013.63.
  • Brucker AD, Feliachi A, Nemouchi Y, Wolff B. (2013) Test program generation for a microprocessor: A case-study, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 7942 LNCS, pages 76-95, DOI:10.1007/978-3-642-38916-0_5.
  • Brucker AD, Brügger L, Wolff B. (2013) Hol-testgen/fw an environment for specification-based firewall conformance testing, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 8049 LNCS, pages 112-121, DOI:10.1007/978-3-642-39718-9_7.
  • Brucker AD, Malmignati F, Merabti M, Shi Q, Zhou B. (2013) A framework for secure service composition, Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013, pages 647-652, DOI:10.1109/SocialCom.2013.97.
  • Brucker AD, Chiorean D, Clark T, Demuth B, Gogolla M, Plotnikov D, Rumpe B, Willink E, Wolff B. (2013) Report on the Aachen OCL meeting, CEUR Workshop Proceedings, volume 1092, pages 103-111.
  • Brucker AD, Longuet D, Tuong F, Wolff B. (2013) On the semantics of object-oriented data structures and path expressions, CEUR Workshop Proceedings, volume 1092, pages 23-32.
  • Brucker AD, Malmignati F, Merabti M, Shi Q, Zhou B. (2013) Abstract, pages 647-652, DOI:10.1109/socialcom.2013.97.
  • Morelli V, Gregory AJM. (2013) Preface, Primary Care - Clinics in Office Practice.

2012

  • . (2012) Tests and Proofs, DOI:10.1007/978-3-642-30473-6.
  • Brucker AD, Brügger L, Krieger MP, Wolff B. (2012) HOL-TestGen 1.7.0 User Guide. [PDF]
  • Brucker AD, Julliand J. (2012) Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics): Preface.
  • Monakova G, Brucker AD, Schaad A. (2012) Security and safety of assets in business processes, Proceedings of the ACM Symposium on Applied Computing, pages 1667-1673, DOI:10.1145/2245276.2232045.
  • Brucker AD, Hang I, Lückemeyer G, Ruparel R. (2012) SecureBPMN: Modeling and enforcing access control requirements in business processes, Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, pages 123-125, DOI:10.1145/2295136.2295160.
  • Monakova G, Severin C, Brucker AD, Flegel U, Schaad A. (2012) Monitoring security and safety of assets in supply chains, Communications in Computer and Information Science, volume 318 CCIS, pages 9-20, DOI:10.1007/978-3-642-33161-9_3.
  • Brucker AD, Wolff B. (2012) Featherweight OCL: A study for the consistent semantics of OCL 2.3 in HOL, Proceedings of the 12th Workshop on OCL and Textual Modelling, OCL 2012 - Being Part of the ACM/IEEE 15th International Conference on Model Driven Engineering Languages and Systems, MODELS 2012, pages 19-24, DOI:10.1145/2428516.2428520.
  • Marienfeld F, Hofig E, Bezzi M, Flügge M, Pattberg J, Serme G, Brucker AD, Robinson P, Dawson S, Theilmann W. (2012) Service levels, security, and trust, Handbook of Service Description: USDL and Its Methods, 295-326, DOI:10.1007/978-1-4614-1864-1_12.
  • Laforet S. (2012) Preface, DOI:10.4337/9781781004180.00004.

2011

2010

2009

  • Brucker AD, Wolff B. (2009) HOL ESTGEN An Interactive Test ase Generation Framework, FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING, PROCEEDINGS, volume 5503, pages 417-+. [PDF]
  • Brucker AD, Mödersheim SA. (2009) Integrating Automated and Interactive Protocol Verification (Extended Version). [PDF]
  • Kohler M, Brucker AD, Schaad A. (2009) Abstract, DOI:10.1109/cse.2009.177.
  • Brucker AD, Schaad A, Wolter C. (2009) Prozessmodellierung: Einbinden von Sicherheitsregeln in Geschäftsprozesse, iX, volume 3, pages 118-121. [PDF]
  • Brucker AD, Wolff B. (2009) HOL-TestGen an interactive test-case generation framework, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 5503, pages 417-420, DOI:10.1007/978-3-642-00593-0_28.
  • Brucker AD, Wolff B. (2009) Semantics, calculi, and analysis for object-oriented specifications, Acta Informatica, volume 46, no. 4, pages 255-284, DOI:10.1007/s00236-009-0093-8.
  • Brucker AD, Petritsch H. (2009) Extending access control models with break-glass, Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, pages 197-206, DOI:10.1145/1542207.1542239.
  • Brucker AD, Petritsch H, Schaad A. (2009) Delegation assistance, Proceedings - 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009, pages 84-91, DOI:10.1109/POLICY.2009.35.
  • Kohler M, Brucker AD, Schaad A. (2009) ProActive Caching: Generating caching heuristics for business process environments, Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009, volume 3, pages 297-304, DOI:10.1109/CSE.2009.177.
  • Vanneschi L, Gustafson S, Moraglio A, De Falco I, Ebner M. (2009) Preface, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 5481 LNCS.

2008

2007

  • Brucker AD. (2007) An Interactive Proof Environment for Object-oriented Specifications. [PDF]
  • Brucker AD, Doser J. (2007) Metamodel-based UML Notations for Domain-specific Languages, 4th International Workshop on Software Language Engineering (ATEM 2007). [PDF]
  • Brucker AD, Wolff B. (2007) Test-sequence generation with Hol-TestGen with an application to firewall testing, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 4454 LNCS, pages 149-168, DOI:10.1007/978-3-540-73770-4_9.

2006

  • Brucker AD, Doser J, Wolff B. (2006) A Model Transformation Semantics and Analysis Methodology for SecureUML. [PDF]
  • Brucker AD, Wolff B. (2006) The HOL-OCL Book. [PDF]
  • Brucker AD, Wolff B. (2006) A Package for Extensible Object-Oriented Data Models with an Application to IMP++, International Workshop on Software Verification and Validation (SVV 2006). [PDF]
  • Brucker AD, Wolff B. (2006) Interactive testing with HOL-testGen, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 3997 LNCS, pages 87-102, DOI:10.1007/11759744_7.
  • Brucker AD, Doser J, Wolff B. (2006) A model transformation semantics and analysis methodology for Secure UML, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 4199 LNCS, pages 306-320, DOI:10.1007/11880240_22.
  • Brucker AD, Doser J, Wolff B. (2006) Semantic issues of OCL: Past, present, and future, Electronic Communications of the EASST, volume 5, DOI:10.14279/tuj.eceasst.5.46.72.
  • Brucker AD, Doser J, Wolff B. (2006) An MDA framework supporting OCL, Electronic Communications of the EASST, volume 5, DOI:10.14279/tuj.eceasst.5.45.71.
  • Wahler M, Koehler J, Brucker AD. (2006) Model-driven constraint engineering, Electronic Communications of the EASST, volume 5, DOI:10.14279/tuj.eceasst.5.44.70.

2005

2004

2003

  • Brucker AD, Wolff B. (2003) Using theory morphisms for implementing formal methods tools, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 2646, pages 59-77, DOI:10.1007/3-540-39185-1_4.
  • Brucker AD, Ritthiger F, Wolff B. (2003) HOL-Z 2.0: A proof environment for Z-specifications, Journal of Universal Computer Science, volume 9, no. 2, pages 152-172.
  • Brucker AD, Wolff B. (2003) A case study of a formalized security architecture, Electronic Notes in Theoretical Computer Science, volume 80, pages 24-40, DOI:10.1016/S1571-0661(04)80807-7.

2002

  • Brucker AD, Rittinger F, Wolff B. (2002) A CVS-Server Security Architecture — Concepts and Formal Analysis. [PDF]
  • Brucker AD, Wolff B. (2002) A Note on Design Decisions of a Formalization of the OCL. [PDF]
  • Brucker AD, Friedrich S, Rittinger F, Wolff B. (2002) HOL-Z 2.0: A Proof Environment for Z-Specifications, FM-TOOLS 2002, University Augsburg, 33-38. [PDF]
  • Brucker AD, Rittinger F, Wolff B. (2002) The CVS-Server Case Study: A Formalized Security Architecture, FM-TOOLS 2002, University Augsburg, 47-52. [PDF]
  • Brucker AD, Wolff B. (2002) HOL-OCL: Experiences, consequences and design choices, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 2460, pages 196-211, DOI:10.1007/3-540-45800-x_17.
  • Brucker AD, Wolff B. (2002) A proposal for a formal OCL semantics in isabelle/HOL, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 2410, pages 99-114, DOI:10.1007/3-540-45685-6_8.

2001

  • Brucker AD, Wolff B. (2001) Checking OCL Constraints in Distributed Systems Using J2EE/EJB. [PDF]
  • Brucker AD, Wolff B. (2001) Testing Distributed Component Based Systems Using UML/OCL, Österreichische Computer Gesellschaft, Informatik 2001, volume 1, pages 608-614. [PDF]

2000

  • Brucker AD. (2000) Verifikation von Dividierern mit Word-Level-Decision-Diagrams. [PDF]

Patents

  • Hoon-Ywen L, Brown CS, Brucker A. Secure Distributed Private Data Storage Systems, Patent Number: GB2610452, GB, 2023.
  • Brucker AD, Dashevskyi S. Vulnerability analysis of software components, Patent Number: US 10,691,808, US, 2020. [PDF]
  • Brucker AD, Petritsch H. Computing Optimal Fix Locations for Security Vulnerabilities in Computer-Readable Code, Patent Number: 10,318,739, US, 2019. [PDF]
  • Brucker A, Petritsch H. Ensuring compliance regulations in systems with dynamic access control, Patent Number: 10,248,796, US, 2019. [PDF]
  • Brucker AD, Petritsch H. System and method for providing delegation assistance, Patent Number: 8,473,505, US, 2013. [PDF]
  • Brucker AD, Deuster T. Static application security testing, Patent Number: 8,881,293, US, 2014. [PDF]
  • Brucker AD, Herres T. Automated detection and validation of sanitizers, Patent Number: 8,959,646, US, 2017. [PDF]
  • Brucker AD, Petritsch H. Automating post-hoc access control checks and compliance audits, Patent Number: 9,235,716, US, 2016. [PDF]
  • Brucker AD, Petritsch H. Abstract evaluation of access control policies for efficient evaluation of constraints, US, 2017. [PDF]
  • Brucker AD, Petritsch H. Prefetch of Attributes in Evaluating Access Control Requests, US, 2016. [PDF]
  • Brucker AD, Hang I. Static enforcement of process-level security and compliance specifications for cloud-based systems, US, 2016. [PDF]
  • Brucker AD, Deuster T. Modular static application security testing, US, 2016. [PDF]
  • Brucker AD, Petrtisch H. Electronic access controls, US, 2018. [PDF]
  • Brucker A, Herzberg M. Security certification and application categorization for mobile device management, US, 2019. [PDF]
  • Brucker AD, Petritsch H. Grouping access control violations for process-aware systems, US, 2017. [PDF]
  • Brucker AD, Herzberg M. Machine-checkable code-annotations for static application security testing, 2018. [PDF]
  • Brucker AD, Herzberg M. Using Code Similarities for Improving the Auditing and Fixing SAST Findings, US, 2018.

Back to top