Skip to main content
An official website of the European UnionAn official EU website
Go to the home page of the European Commission (opens in new window)
English English
CORDIS - EU research results
CORDIS
Content archived on 2024-06-18

Detecting known security vulnerabilities from within design and development tools

Project description


Secure, dependable and trusted Infrastructures

The main objective of SHIELDS is to increase software security by bridging the gap between security experts and software practitioners and by providing the software developers with the means to effectively prevent occurrences of known vulnerabilities when building software.


Software systems continue to be crippled by security vulnerabilities. One of the reasons for this is that information on known vulnerabilities is not easily available to software developers, or integrated into the tools they use.
The main objective of SHIELDS is to increase software security by bridging the gap between security experts and software practitioners and by providing the software developers with the means to effectively prevent occurrences of known vulnerabilities when building software.
We will achieve this objective by developing novel formalisms for representing security information, such as known vulnerabilities, in a form directly usable by development tools, and accessible to software developers. This information will be stored in an internet-based Security Vulnerabilities Repository Service (SVRS) that facilitates fast dissemination of vulnerability information from security experts to software developers. We will also present a new breed of security methods and tools (some open source, some commercial) that are constantly kept up-to-date by using the information stored in the SVRS.
In addition to the SVRS, and new security tools, we will create a SHIELDS Compliant certification for tools and a SHIELDS Verified logo program for software developers that will offer an affordable and yet technically effective evaluation and certification method in the fight against common security vulnerabilities. Commercial exploitation will be through these programs, the tools, and through subscriptions to the repository (parts will be free).
The consortium consists of two universities and three major research institutes, with complementary leading expertise in the technical areas of the project, one large software developer, and two SMEs that specialise in security consulting, security evaluations and development of secure software.
The project duration will be 30 months, with an overall budget of 4.9M euro and requested grant of 3.6 M euro

Fields of science (EuroSciVoc)

CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.

You need to log in or register to use this function

Call for proposal

FP7-ICT-2007-1
See other projects for this call

Coordinator

Linköping University
EU contribution
€ 671 036,00
Total cost
No data

Participants (8)

My booklet 0 0