When talking about security of IT systems, best-practices for the development of secure systems or mechanisms for the protection of systems against illegal access of valuable assets play a major role. With this focus systems are called "secure" when the security appears substantiated by the used design processes and the deployed security mechanisms. This focus does not allow an objective assessment of the security properties the IT system does actually satisfy. To enable such an assessment, it is a necessity to make the desired security properties explicit with the necessary level of precision, to provide a view on the system appropriate to analyze the security of a system wrt. the desired requirements and to come up with analysis techniques to ease the process of judging the security of a system.

The course gives an overview on formal approaches to: 

  • formal modeling of security-critical systems
  • formal specification of security requirements
  • formal security analysis of systems
  • theoretical foundations for developing secure software by stepwise refinement and composition.


The enrollment key will be provided in the first lecture.