Kevin Hermann, M.Sc.

In October 2022, I joined the Chair of Software Engineering as a PhD student. Before, I worked as a research assistant during my studies in applied computer science at the Ruhr-University Bochum. My research focuses on the traceability of security features throughout the software development process.

Almost any software system needs to consider security measures nowadays as the ever growing number of threats and methods used by adversaries increases in complexity. Developers are tasked to protect software systems from these threats through the implementation of security features – functionalities that mitigate threats or protect confidential data such as cryptography. While sophisticated security measures exist, developers still struggle to implement them correctly in their software systems, leading to severe vulnerabilities. Security by design principles aim to incorporate security measures throughout the whole development process instead of pushing it towards the end of the software development lifecycle, where it is the most expensive. Still, developers require means to effectively trace security features throughout this process to constantly perform security compliance checks and recover security features when they need to be maintained.

In my research, we aim to provide a better understanding of security features for developers and means to trace security features within the software development process. We perform systematic literature reviews, conduct interviews with field experts, and develop IDE plugins that aid developers in creating secure systems.

Publications

Kevin Hermann, Sven Peldszus, Thorsten Berger (2026). Many Tools, Few Exploitable Vulnerabilities: A Survey of 246 Static Code Analyzers for Security. arXiv preprint arXiv:2602.18270, doi: 10.48550/arXiv.2602.18270

Kevin Hermann, Johan Martinson, Thorsten Berger (2025). Visualizing Feature-Oriented Software Evolution. In Proceedings of the 2025 29th ACM International Systems and Software Product Line Conference-Volume A (pp. 136-141), doi: 10.1145/3744915.3748471

Johan Martinson, Kevin Hermann, Riman Houbbi, David Stechow, Thorsten Berger (2025). Lightweight Visualization of Software Features with HAnS-viz. In Proceedings of the 29th ACM International Systems and Software Product Line Conference-Volume B (pp. 31-34), doi: 10.1145/3748269.3748487

Kevin Hermann, Simon Schneider, Catherine Tony, Asli Yardim, Sven Peldszus, Thorsten Berger, Riccardo Scandariato, Martina Angela Sasse, Alena Naiakshina (2025). A taxonomy of functional security features and how they can be located. Empirical Software Engineering, 30(5), 117, doi: 10.1007/s10664-025-10649-7

Kevin Hermann, Sven Peldszus, Jan-Philipp Steghöfer, Thorsten Berger (2025). An Exploratory Study on the Engineering of Security Features. In 2025 IEEE/ACM 47th International Conference on Software Engineering (ICSE) (pp. 2470-2482), doi: 10.1109/ICSE55347.2025.00184.

Mukelabai Mukelabai, Kevin Hermann, Thorsten Berger, Jan-Philipp Steghöfer (2023). Featracer: Locating features through assisted traceability. IEEE Transactions on Software Engineering, 49(12), 5060-5083, doi: 10.1109/TSE.2023.3324719.