For the 9th German IT Security Awards, a total of 54 projects were submitted. Two projects of CROSSING-PIs were selected for the finals:

“CodeShield – Cloud-Native Application Security”
by Andreas Dann, Manuel Benz, Joahnnes Späth, and Eric Bodden
Project description: Secure configuration of largescale cloud applications is almost impossible. However, the risk of a vulnerability depends to a large extent on this configuration, as it determines what privileges an attacker can acquire and what data he can access. CodeShield enables organizations to efficiently increase cloud security by identifying attack paths to and from a vulnerability using a novel, graph-based cloud data flow analysis.

“CoCoS: Secure Development of Smart Contracts”
by Jens-Rene Giesen, Sebastien Andreina, Michael Rodler, Ghassan Karame, and Lucas Davi
Project description: Security vulnerabilities in smart contracts led to massive losses. CoCoS (Contracts Compiled Securely) is the first method that automatically protects smart contracts against different classes of attacks. CoCoS supports many smart contract platforms and programming languages to enable secure execution of contracts in different blockchain technologies.

Eric Bodden and team were awarded with the first place in the 2006 competition with the analysis tool Harvester, which enables the fully automated extraction of security-relevant information from Android apps to detect malicious apps on the web faster and reduce the theft of personal data. In the 8th German IT Security Award competition, all three awards went towards teams that included CROSSING-PIs . Among them also Lucas Davi, who reached 3rd place with his team for the project TeeRex, an automated analysis tool to search vulnarabilities in Trust Execution Environments (TEEs).

German IT Security Award

On November 10, the jury will announce three award winners for 2022. They will receive their prize in an award ceremony during the Bitkom “Innovationskonferenz Cybersicherheit 2022” at the event center of Ruhr-University Bochum. The 1st prize is endowed with 100,000 euros, the 2nd prize with 40,000 euros, and the 3rd prize with 20,000 euros. German Federal Minister of the Interior and Community, Nancy Faeser, is the patron of the event. The format is intended to promote IT security in order to strengthen the innovative potential of the German economy, to support highly innovative young IT researchers in Germany, and to intensify the exchange with the business community.