Johannes Späth

Researcher of Program Analysis

University Paderborn

Biography

Johannes Späth holds a PhD in computer science from University of Paderborn. He prepares for the start-up CodeShield, a novel static security testing tool based on some of the technology of his dissertation. His research interests include static data-flow analysis, pointer analysis and automated detection of security vulnerabilities. In his PhD thesis he presented highly precise and efficient static data-flow algorithms. His PhD was advised by Eric Bodden and Karim Ali.

Interests

Program Analysis
Pointer and Data-Flow Analysis
Applied Cryptography and Security

Education

PhD in Computer Science, 2019

University of Paderborn, Germany
M.Sc. in Mathematics, 2013

Technical University of Darmstadt, Germany
B.Sc. in Mathematics, 2011

Johannes-Gutenberg University of Mainz, Germany

Skills

Mathematics

Software Development (Java)

Web Development (JavaScript, SQL)

Data Analytics (Python, R)

Photography

Piano

Experience

March 2017 – October 2019

Paderborn, Germany

Research Associate

Fraunhofer IEM

Projects:

CogniCrypt (Sponsored by an Oracle Collaborative Research Grant)
Implementation of Data-Flow Analysis
Threat-Analysis
Mathematical Risk-Analysis

August 2016 – January 2017

Brisbane, Australia

Research Intern

Oracle Labs

Project:

Modular Points-To Analysis implemented in Datalog (DOOP and souffle).

March 2014 – July 2016

Darmstadt, Germany

Research Associate

Fraunhofer SIT

Projects:

Pentesting of Web Applications
Teaching “Designing Static Code Analysis for Large Scale”
Security Audit TrueCrypt for the German Federal Office for Information Security (BSI)

Selected Publications

Context-, Flow- and Field-Sensitive Data-Flow Analysis using Synchronized Pushdown Systems

Johannes Späth, Karim Ali, Eric Bodden

46th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2019, January 16-18, 2019, Lisbon, Portugal, 2018

PDF

Recent & Upcoming Talks

Context-, Flow- and Field-Sensitive Data-Flow Analysis using Synchronized Pushdown Systems

Jan 17, 2019 POPL 2019

Johannes Späth

Project

You forgot to changeit - CogniCrypt knows it!

Jun 18, 2018 EclipseCon France 2018

Johannes Späth, Stefan Krüger

Video Code Project

IDEal: Efficient and Precise Alias-aware Data-Flow Analysis

Oct 27, 2017 OOPSLA 2017

Johannes Späth

PDF Video Code Project

Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysisfor Java

Jul 22, 2016 ECOOP 2016

Johannes Späth

PDF Video Code Project

Johannes Späth

Researcher of Program Analysis

University Paderborn

Biography

Interests

Education

Skills

Mathematics

Software Development (Java)

Web Development (JavaScript, SQL)

Data Analytics (Python, R)

Photography

Piano

Experience

Research Associate

Fraunhofer IEM

Research Intern

Oracle Labs

Research Associate

Fraunhofer SIT

Selected Publications

Context-, Flow- and Field-Sensitive Data-Flow Analysis using Synchronized Pushdown Systems

Publications

Synchronized Pushdown Systems for Pointer and Data-Flow Analysis (PhD Dissertation)

Context-, Flow- and Field-Sensitive Data-Flow Analysis using Synchronized Pushdown Systems

CrySL: An Extensible Approach to Validating the Correct Usage of CryptographicAPIs

IDEal: Efficient and Precise Alias-Aware Data-Flow Analysis

Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysisfor Java

Access-Path Abstraction: Scaling Field-Sensitive Data-Flow Analysiswith Unbounded Access Paths

Recent & Upcoming Talks

Context-, Flow- and Field-Sensitive Data-Flow Analysis using Synchronized Pushdown Systems

You forgot to changeit - CogniCrypt knows it!

IDEal: Efficient and Precise Alias-aware Data-Flow Analysis

Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysisfor Java

Projects

Synchronized Pushdown Systems

Data-Flow Framework IDEal

CogniCrypt

Pointer Analysis Boomerang

Contact