Fallzahl Standort Koblenz: 0 (Warnstufe Grün) Maßnahmenkonzept

Sven Peldszus

Mitarbeiter der Arbeitsgruppe Jürjens
Sprechzeiten: Nach Vereinbarung

Sven Peldszus - RGSE - Institute for Software Technology - Universität Koblenz Landau

PGP Key Fingerprint: 57A9 099E 0718 0C0F 87B9 20A1 DAB5 56B7 69E2 37C9

Research Subjects

Today’s software systems tend to be used on a long-term basis, are highly interconnected, share many common parts and often process security-critical data, so that keeping up with ever-changing security precautions, attacks and mitigations is vital for preserving a system’s security. Model-based system development enables us to address security issues already in the early phases of the software design, as in UML models. The continuous changes in the security assumptions and the design of software systems —for instance, due to structural decay— have to be reflected in both the system models (e.g. UML models) and the system’s implementation (including program models). The detection of which change is necessary where has currently to be performed manually by developers.

My main research directions are to study approaches for automatically detecting and performing necessary changes on a single representation of the system and to keep all other representations synchronized with this changed representation. Allowing developers to develop systems in a model-based manner and dealing with the structural decay of long-living systems.

Therefore, I am proposing a model-based approach in which design models (e.g. specified in UML), source code (e.g. written in Java), and a program model (PM) for performing sophisticated analyses are continuously synchronized for covering the different phases of software development. Security, as well as variability, is introduced into the different artifacts as annotations. E.g. on UML models we can the UMLsec profile proposed by Jürjens for security annotations and for variability annotations Antenna preprocessor-like statements as defined in Antenna.

Selected Publications

  • Sven Peldszus, Katja Tuma, Daniel Strüber, Jan Jürjens, Riccardo ScandariatoSecure Data-Flow Compliance Checks between Models and Code based on Automated Mappings. In: Proceedings of the 22nd ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS), 2019. preprint, doi=10.1109/MODELS.2019.00-18
  • Sven Peldszus, Daniel Strüber, Jan JürjensModel-Based Security Analysis of Feature-Oriented Software Product Lines. In: Proceedings of the 17th ACM SIGPLAN International Conference on Generative Programming: Concepts and Experiences (GPCE), 2018. preprint, doi=10.1145/3278122.3278126
  • Sven Peldszus, Géza Kulcsár, Malte Lochau, Sandro SchulzeContinuous Detection of Design Flaws in Evolving Object-Oriented Programs using Incremental Multi-pattern Matching. In: Proceedings of the 31st International Conference on Automated Software Engineering (ASE), September 2016. preprint, doi=10.1145/2970276.2970338
  • Sven Peldszus, Géza Kulcsár, Malte Lochau, Sandro SchulzeIncremental Co-Evolution of Java Programs based on Bidirectional Graph Transformation. In: Proceedings of the Principles and Practices of Programming on The Java Platform (PPPJ), ACM, pp. 138-151, 2015. doi=10.1145/2807426.2807438

For all publications please look here.


  • Reviews for:
    • International Journal on Empirical Software Engineering (EMSE)
  • Subreviews for:
    • International Conference on Model Driven Engineering Languages and Systems (MODELS)
    • International Conference on Advanced Information Systems Engineering (CAISE)
    • Journal of Systems & Software (JSS)
    • IEEE International Conference on Blockchain (BLOCKCHAIN)
    • Software Quality Journal
    • IEEE Transactions on Reliability

Selected Supervised Theses


WiSe 2020/21
SoSe 2020
WiSe 2019/20
SoSe 2019
WiSe 2018/19
SoSe 2018
WiSe 2017/18
SoSe 2017
WiSe 2016/17

Externe Plattformen für Publikationen