Skip to content
View SimonAdrian's full-sized avatar
4 followers · 3 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Block or report SimonAdrian

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
SimonAdrian/README.md

What I do

I am a researcher in IT Security, currently finalizing my PhD on automated architectural security analysis techniques for microservice applications. My work involves the creation of tools that can support developers and analysts in security-related software engineering tasks.

This profile holds all code, data, and replication packages for the roughly dozen publications that I (co-)authored. The publications are listed on my Google Scholar.

Main projects

The following repositories are the most important outcomes of my PhD:

  • Code2DFD - automatically extracts security-enriched dataflow diagrams (DFDs) from the source code of java microservice applications. The DFDs improve the persormance of manual security analysis tasks (as shown in this publication) and are the input to the MicroCertiSec tool described below. We have compared Code2DFD to similar tools in this publiation and found, that it outperforms all comparable tools.

  • MicroCertiSec - automatically checks architectural security rules of microservice applications via the DFDs extracted with Code2DFD or other architecture recovery tools. Rules can be expressed with a dedicated rule specification language I created for this purpose. The tool produces a binary rule verdict as well as explainability for its analysis, i.e., evidence for the decision process that led to the verdict.

  • microSecEnD - is a dataset of manually created DFDs of microservice applications. Creating the models is an important preliminary for research in the domain of model-based security analysis. Me and other researchers rely on this data to test our newly created tools.

Replication packages

The following are replication packages of other papers I (co-)authored:

  • SANER 2024 - How Dataflow Diagrams Impact Software Security Analysis: an Empirical Experiment

  • SecDev 2024 - Designing Secure AI-based Systems: a Multi-Vocal Literature Review

  • ICSE Demonstrations 2024 - CATMA: Conformance Analysis Tool for Microserivce Applications

  • EMSE 2025 - Comparison of Static Analysis Architecture Recovery Tools for Microservice Applications

Contact

Feel free to contact me if you have questions, suggestions, collaborations, or anything else:

Mail: s***n.sch***[email protected] (fill in my name)
LinkedIn: Simon Schneider

Pinned Loading

  1. tuhh-softsec/code2DFD tuhh-softsec/code2DFD Public

    Tool for the automatic extraction of dataflow diagrams from source code of microservices

    Python 8 5

  2. tuhh-softsec/microSecEnD tuhh-softsec/microSecEnD Public

    A dataset of dataflow diagrams (DFDs) for microservice applications in Java. The DFDs contain extensive security annotations, full traceability from model to code, and a mapping to a list of archit…

    Python 6 3

  3. tuhh-softsec/microCertiSec tuhh-softsec/microCertiSec Public

    Replication package

    Python 2 2

  4. tudelft-cda-lab/CATMA tudelft-cda-lab/CATMA Public

    Conformance Analysis Tool For Microservice Applications

    Python 1