Andrea Continella, Associate Professor at the Semantics, Cybersecurity and Services (SCS) group at the faculty EEMCS has been awarded one of seven NWO OTP Grants.
The Open Technology Programme provides funding for excellent research, with a view to the potential application of the results. The programme gives companies and other organisations a low-threshold way to join scientific research that should lead to applicable knowledge.
P6: Prioritization for Prompt Patching of Programs with Pernicious Problems
Software used in everyday life is vulnerable to attacks from cybercriminals. Researchers and companies adopt techniques to discover vulnerabilities in production software and fix them. However, current tools detect more potential flaws than organizations can fix, leaving services still highly vulnerable. In this project, we design and develop automated techniques to analyse discovered vulnerabilities, assess their risk, prioritize the critical ones, and generate patches. Unlike prior work, we consider vulnerabilities in their context, including interactions between vulnerabilities and defences, allowing for prompt mitigation and reducing costs.
Significance of the NWO OTP Grant
This project is a big step forward for the ongoing research in automated software security and the recognition of a hardworking team. Software is everywhere in our lives, and its vulnerabilities can be extremely harmful. The project shifts the focus from just finding these weaknesses to figuring out how to analyse them, understand their risk, prioritize the most important ones, and automatically fix them. This will help organisations manage all the vulnerabilities in their systems, fix them quickly, and save money.
For this project, Dr. Continella and his team are teaming up with the Vrije Universiteit Amsterdam, TNO, and several industry partners. They will hire PhDs and experts to study better ways to analyse vulnerabilities and turn novel approaches into practical tools. This grant lets Dr. Continella push his research in a direction he's been passionate about for a long time, making software more secure.
About the NWO OTP Grant
Every year, the board of NWO Domain Applied and Engineering Sciences awards funding to several research projects through the Open Technology Programme. In 2023, NWO funds these projects with 5.8 million euros, while companies and other organisations invest 950 thousand euros in these projects.
