Upcoming talk on Software Ecosystems – The Silver Bullet for Efficient Software Development that Comes at a Price

Symbolic picture for the article. The link opens the image in a large view.
2025-09-01

We will be hosting a research talk on “Software Ecosystems – The Silver Bullet for Efficient Software Development that Comes at a Price” in the colloquium of the computer science department of FAU. The talk is free and open to the public.

  • by: Prof. Dr. Ben Hermann, TU Dortmund
  • about: Software Ecosystems – The Silver Bullet for Efficient Software Development that Comes at a Price
  • on: September 15th, 2025, 16:00 Uhr (s.t.)
  • at: Room 12801.01.253 – Felix Klein-Gebäude (1st floor) – Erlangen Südgelände
  • as part of: Kolloquium des Department Informatik

Abstract: Two, three clicks, a few lines of glue code… Tadaa! We’ve got a new feature in our software system. Software development has become easier than ever with the advent of large software component ecosystems such as Maven Central. For every problem there is a solution packaged as a software component that other people prepared for us. Surely, we don’t have to worry about bugs and vulnerabilities, because a lot of people use this, right? Think again! With every new dependency to a software component there comes an obligation to follow all updates. Otherwise, we will open our software to the same vulnerabilities as these components. In this talk, I will show why it is a bad idea to rely blindly on software ecosystems and which strategies we can chose individually and globally to minimize the risk involved. I will show our results and contributions from various research projects: How these ecosystems are constructed and how to rate this from a security standpoint, how to keep our software project up to date without loosing your cool. Furthermore, as current methods only look at snapshots of software systems and therefore miss out on their evolution, I will outline how an evolutionary stance towards software can actually help us to anticipate problems before the manifest.

Speaker: Ben Hermann is currently head of the Secure Software Engineering research group at the Faculty of Computer Science at TU Dortmund University as a junior professor with tenure track. Formerly, he was interim professor at Paderborn University after a short post-doc period at Heinz Nixdorf Institute Paderborn. He achieved his doctorate at TU Darmstadt on the topic of Java platform security.

Category: 5 Events and Talks, 5.1 Event and Talk Announcements