Dr. Achim Brucker is a Senior Lecturer (Associate Professor) and Consultant (e.g., for software security) at the Computer Science Department of The University of Sheffield, UK. He drives the security initiative and is a member of the Verification and Testing Groups.
Until December 2015, he was a Research Expert (Architect), Security Testing Strategist, and Project Lead in the Global Security Team of SAP SE, where, among others, he defined the risk-based security testing strategy of SAP that combines static, dynamic, and interactive security testing methods and integrates them deeply into SAP's Secure Software Development Lifecycle. He was involved in rolling out static and dynamic application security testing tools to the world-wide development organisation of SAP. Moreover, he represented SAP in OCL standardization process of the OMG.
He received his master's degree in computer science from University Freiburg, Germany and his Ph.D. from ETH Zurich, Switzerland. His research interests include information security, software engineering, security engineering, and formal methods. In particular, he is interested in tools and methods for modeling, building and validating secure and reliable systems, i.e., software assurance or, more broadly, system assurance.
His current work includes the research on security aspects of distributed, e.g., service-oriented, systems. This includes research in applied security aspects such as access control or business-process modeling as well as in fundamental aspects such as novel techniques in the area of static and dynamic approaches for ensuring the security of applications. Moreover, he is participating in the development of interactive theorem proving environments for Z (HOL-Z) and UML/OCL (HOL-OCL, which is integrated into a formal MDE toolchain) and a model-based test-case generator (HOL-TestGen).