NWO OTP Proposal Granted!

I am thrilled to announce that the NWO (Nederlandse Organisatie voor Wetenschappelijk Onderzoek) awards funding for a 6-year joint effort with University of Twente, Vrije Universiteit Amsterdam (VU Amsterdam) and TNO through their Open Technology Programme. On behalf of TNO, I will act as the lead of the user committee.

What makes this project unique, you may ask? Unlike other automated software for vulnerability analysis and handling, P6 - Prioritization for Prompt Patching of Programs with Pernicious Problems – considers vulnerabilities in their context.

Open Technology Programme¶

The Open Technology Programme provides funding for excellent research, with a view to potential application of the results. The programme gives companies and other organisations a low-threshold way to join scientific research that should lead to applicable knowledge.

Public summary¶

Software used in everyday life is vulnerable to attacks from cybercriminals. Researchers and companies adopt techniques to discover vulnerabilities in production software and fix them. However, current tools detect more potential flaws than organizations can fix, leaving services still highly vulnerable. In this project, we design and develop automated techniques to analyze discovered vulnerabilities, assess their risk, prioritize the critical ones, and generate patches. Unlike prior work, we consider vulnerabilities in their context, including interactions between vulnerabilities and defenses, allowing for prompt mitigation and reducing costs.