SESAM – Secure software engineering through Sensible AutoMation
SESAM – Secure software engineering through Sensible AutoMation
Project status
Ongoing
Project Manager
Category/Area
Research in Software Engineering
The rising complexity and sophistication of cyber threats necessitate proactive security measures in software development. Traditional methods, which often incorporate security checks late in the Software Development Life Cycle (SDLC), are inadequate due to their high cost and inefficiency. There are several barriers to integrate security measures early in the development—such as supporting developers in understanding and implementing security measures, integrating security into existing workflows, avoid productivity disruptions. The project will empower developers with tools and practices to seamlessly integrate security.
SESAM aims to develop a comprehensive framework that enhances key development practices—such as automated testing, code reviews, and technical debt management—by integrating security seamlessly and sensibly. The project will focus on minimizing the disruption to developers’ workflows through automation and intelligent tool support. Activities include designing and evaluating security-augmented development practices, conducting case studies, and performing controlled experiments to assess the framework’s effectiveness and practicality. The ultimate goal is to empower developers to address security concerns proactively, thus ensuring more secure software releases.