Trustworthy Responsible Efficient Engineering of Software

* Click on a project title on the image opposite to view more information.

InnerSource Continuous Accumulation and Refinement of Corporate Software Engineering Capability Monolithic Disentanglement Large-Scale Model Quality Product Trustworthiness Measurement Seamless Concatenation of Design/Development Developer Experience Software Clone Detection Taint Analysis Techniques and Tools AddressSanitizer Works On ARM Linux Assurance Cases for Software Compliance with Security Standards


This project is focused on the development of an open source development paradigm within organizations, moving away from a silo-approach and promoting flexible code ownership, resulting in large-scale code refactoring/improvement, and the sharing of ideas, projects and other artifacts, which can subsequently evolve into new products and services.

Continuous Accumulation and Refinement of Corporate Software Engineering Capability

This project is focused on ensuring that each individual software project in large software-producing organizations should have two outputs:

1) A version of a software product that satisfies customers and also

2) An increase in the company’s software engineering capability, for example, by refining an existing component, evolving the architecture of the platform, reducing the complexity of common assets.

Monolithic Disentanglement

Monolithic software systems suffer from a number of scale and complexity problems that increase their resistance to change. This project will focus on identifying appropriate ‘fracture points’ where monolithic software systems can be partitioned into smaller code units/microservices, thus enabling more rapid delivery of new/enhanced software functionality to the market and serverless computing consumption which holds the promise of significantly lowering hardware costs.

Large-Scale Model Quality

This project focuses on the refinement of the large UML/SysML/DSL models used to represent software systems at various level of abstraction: architectural/design/implementation. The project will work on refining the structure of these models to the use-case contexts of the models in commercial practice.

Product Trustworthiness Measurement

This project focuses on the derivation of measures for trustworthy-software attributes like security, privacy, safety and reliability. It will derive such measures based on a review of academic literature in the area and current standards, subsequently assessing these measurements in-situ and using the data generated to refine the measures.

Seamless Concatenation of Design/Development

This project focuses on heightening the bi-directional consistency between requirements and source code. In high-quality, trustworthy software systems, the software developers should always be able to determine (1) that each requirement is actually implemented in source code and (2) which requirements are implemented by a given piece of code. This project aims at finding techniques and approaches towards achieving these goals.

Developer Experience

This project aims to improve the software developer experience by understanding their work context (their tasks, their information needs, their experience levels, the tools they have at their disposal and their motivation) and the approaches they currently use (both strategic and tactical).

Software Clone Detection

This project aims to derive techniques towards the efficient and effective identification of type III and IV clones. Efficient in that the techniques must deal with very large code bases (100s of millions of lines of code) and effective in that they should have very high recall, while preserving high precision.

Taint Analysis Techniques and Tools

This project will focus on using taint analysis to detect vulnerabilities that can arise from external interfaces introducing untrusted data to C/C++ programs. It aims to derive various static/dynamic taint analysis techniques that can scale to millions of lines of code, and which can analyze C++ virtual function calls and C/C++ function pointer calls, while ensuring high accuracy.

AddressSanitizer Works On ARM Linux

The goal of this project is to develop new methods of program instrumentation that reduce the memory overhead of, and execution time for, testing C/C++ programs with memory checking. It will focus on fast, but more compact, data structures for checking memory errors and mixing approaches in a family of techniques with different trade-offs, to cumulatively increase coverage.

Assurance Cases for Software Compliance with Security Standards

This project will develop a methodology to support software compliance with existing security standards. It will focus on the creation of security assurance cases that can demonstrate compliance using evidence collected from the analysis and verification of the software architecture and implementation.  The approach adopted in this project  will inform the development of new standards and regulations.

The TREES research program is focused on Trustworthy, Responsible and Efficient Engineering of Software:

  • Trustworthy and Responsible because we are increasingly dependent on software, and the computational thinking it embodies, to enable the digital transformation that our society is experiencing: Software has become a form of administration that adjudicates over many of the decisions made about us and hence, it is vital that it is built to the highest, most transparent standards.
  • Efficient because, although vast amounts of new software needs to be written, and legacy systems need to be maintained, we have yet to witness a software industrial revolution in which large software development evolves from a craft with much idiosyncrasy, to an efficient organisational enterprise like manufacturing, involving the integration of verified, reusable components.

Software advances increasingly offer technological and process innovations that promise large scale optimization/automation of software development, and verifiable assurances of the resultant systems. The research agenda proposed here further builds on these innovations, toward the creation of large-scale, trustworthy software in an efficient manner. To do so, it concentrates on responsible, optimized software engineering practice, and responsible software engineering innovation, through responsible research.

A number of 2-year Post-Doctorate/Research Fellow/Senior Research Fellow positions (salary: €37,874-€71,429) will become available in Lero on this program, early this year, in several of the project areas below (Please click on the individual leaves of the Tree above for more details):

Candidates for the Post-Doctoral/Research Fellow/Senior Research Fellow positions should have a PhD in Software Engineering, Computer Science, or a related topic, should have an interest in tackling real-world problems in conjunction with industrial collaborators, and should have demonstrable evidence of a research interest in one or more of these specified areas. They should also have a keen interest in working with industry to address the real-world scenarios/problems they face.

If you fit these criteria and are keen to develop yourself as a world-class researcher, in a world-class software research centre of excellence, please feel free to contact the Director of the program:, for further information and for details of how to apply.