About the Institute

The Institute of Software Security provides a dynamic and multidisciplinary research environment with the aim of creating new fundamental knowledge through innovation. Our research covers a wide range of activities related to the design and implementation of secure and privacy-friendly applications, particularly in the realms of micro-services, IoT ecosystems, and cyber-physical systems.

The overall mission of the institute is to build round-trip security & privacy engineering methods, which are based on lightweight design models and connect the design models with the implementation code, in the context of fast-paced, continuous, and decentralized development ecosystems. In this research agenda, an important role is played by the use of ML/AI, as well as the adoption of other emerging trends, like dev-bots, i.e., security-oriented intelligent agents that seamlessly collaborate with human developers.

The work at the institute is also characterized by the systematic use of empirical methods for security and privacy, including controlled experiments and mining software repositories.

Prof. Dr.-Ing. Riccardo Scandariato

Prof. Scandariato received the PhD in Computer Science in 2004 from Politecnico di Torino, Italy. In his academic career he had the opportunity to work in several countries, including the United States (University of Virginia, 2003), Italy (Politecnico di Torino, 2004-2005), Belgium (KU Leuven, 2006-2014) and Sweden (University of Gothenburg, 2014-2020). Since late 2020, he is the head of the Institute of Software Security at the Hamburg University of Technology (TUHH), in Germany.


The institute is located on the 6th floor in Hamburg Innovative Port (HIP) building.

Institute of Software Security (E-22)
Hamburg University of Technology (TUHH)
Blohmstraße 15
21079 Hamburg

The institute's email: softsec@tuhh.de

Telephone: +49 (0)40 428 78 5001