Prof. Dr. Jörn Eichler

Prof. Dr. Jörn Eichler is heading the research department Secure Software Engineering at Fraunhofer AISEC and visiting professor at the Institute of Computer Science at the Freie Universität Berlin. He is currently focusing on the optimization of the software life cycle in order to develop and operate secure software solutions. He was research assistant in the Security Test Lab of Fraunhofer SIT from 2008 to 2013. Prior to his engagement in software security research he executed many international software assessment and development projects for major companies within the health, insurance, and other branches.

Open Positions

  • Research Assistant – Secure Software Engineering (AISEC-2016-49)
  • Student Assistant – Secure Software Engineering (PDF)
  • Student Assistant – Secure Software Engineering (PDF)

Open Topics (Bachelor or Master Thesis)

Collaboration with other chairs is common practice, e.g. Prof. Eckert (Munich), Prof. Margraf (Berlin), or Prof. Keller (Hagen). Descriptions are given in German, English translations can be provided on request. Please consider the other topcis announced on the pages of the chair for IT Security at the TUM as well.

Upcoming and Recent Events

  • WannaCry or WannaAct - Angriffsrisiken in der Entwicklung identifizieren und abschätzen, Embedded Software Engineering Kongress, December 4-8, 2017, Sindelfingen, Germany.
  • Scaling Security Engineering Activities for the Development of Automotive Embedded Systems, Second Annual Automotive Embedded Multi-Core Systems Summit, June 8-9, 2017, Berlin, Germany.
  • Sichere Steuergeräte und -systeme für die Energiewirtschaft, IT-Sicherheit – Energie, November 28-30, 2016, Berlin, Germany.
  • 4th International Workshop on Risk Assessment and Risk-driven Quality Assurance (RISK), October 17-19, 2016, Graz, Austria.
  • Modular Security Engineering in the Automotive Domain, Sixth VDA Automotive SYS Conference, July 6-8, 2016, Berlin, Germany.
  • Not just another department: Scaling security in the automotive development lifecycle, Cyber Secure Car, June 14-15, 2016, Munich, Germany.


2017 - 2015


  • T. Gurschler, J. Großmann, D. Kotarski, C. Teichmann, C. Thim, J. Eichler, J. Göllner, N. Gronau and U. Lechner. "Risikobeurteilung in der IT-Sicherheit Kritischer Infrastrukturen". Digitale Gesellschaft zwischen Risikobereitschaft und Sicherheitsbedürfnis - Tagungsband des 15. Deutschen IT-Sicherheitskongresses, 2017.
  • D. Angermeier, A. Nieding and J. Eichler. "Supporting Risk Assessment with the Systematic Identification, Merging and Validation of Security Goals". 4. International Workshop on Risk Assessment and Risk-Driven Testing (RISK 2016), Springer, 2017.



  • M. Margraf, S. Müller, S. Harth and J. Eichler. "Vernetzte IT-Sicherheit in Kritischen Infrastrukturen". In: DIN Mitteilungen 6 (2016), S. 24-28.
  • D. Angermeier and J. Eichler. "Risk-driven Security Engineering in the Automotive Domain". Embedded Security in Cars (escar USA), 2016.
  • J. Schütte, J. Eichler and D. Titze. "Sichere Business-Apps unter Android". In: T. Barton, C. Müller and C. Seel (Eds.). "Mobile Anwendungen in Unternehmen - Konzepte und betriebliche Einsatzszenarien". Springer Vieweg, 2016, 139-156.
  • C. Teichmann, S. Renatus and J. Eichler. "Agile Threat Assessment and Mitigation: An Approach for Method Selection and Tailoring". International Journal of Secure Software Engineering (IJSSE), 7 (1), 2016.



2014 - 2012


  • R. Rieke, J. Repp, M. Zhdanova and J. Eichler. "Monitoring Security Compliance of Critical Processes". Parallel, Distributed, and Network-based Processing (PDP 2014), IEEE, 2014


  • J. Eichler. "Voll ausgereift – Sichere Software mit OpenSAMM, BSIMM und SSE-CMM". iX 11/2013.


  • J. Eichler, A. Fuchs and N. Lincke. "Supporting Security Engineering at Design Time with Adequate Tooling". Computational Science and Engineering (CSE 2012), IEEE, 2012.
  • J. Eichler. "SecEPM: A Security Engineering Process Model for Electronic Business Processes". e-Business Engineering (ICEBE 2012), pp. 206-213, IEEE, 2012.
  • J. Eichler. "Towards a Security Engineering Process Model for Electronic Business Processes". European Dependable Computing Conference (EDCC 2012), CoRR, 2012.


2011 and earlier

  • J. Eichler and R. Rieke. "Model-based Situational Security Analysis". Workshop on Models@run.time (MRT 2011), pp. 25-36, CEUR, 2011.
  • J. Eichler. "Lightweight Modeling and Analysis of Security Concepts". Engineering Secure Software and Systems (ESSoS 2011), LNCS vol. 6542, pp. 128-141, Springer, 2011.
  • J. Eichler. "Modellgetriebener IT-Grundschutz: Erstellung und Analyse von IT-Sicherheitskonzeptionen in offenen Werkzeugketten". In: Sicher in die digitale Welt von morgen – Tagungsband zum 12. Deutschen IT-Sicherheitskongress, pp. 11-22, BSI, 2011.
  • J. Eichler, M. Bona-Stecki and T. Wiezcorek. "Sicherheitsverwalter. Management-Werkzeuge für die Informationssicherheit". iX 06/2011
  • J. Eichler and S. Türpe. "Produktivsysteme sicher testen. Praktische Vorsichtsmaßnahmen für Penetrationstests".  <kes>, 2/2010.
  • S. Türpe and J. Eichler. "Testing Production Systems Safely: Common Precautions in Penetration Testing". Testing: Academic and Industrial Conference (TAIC-PART 2009), IEEE, 2009.
  • P. Müller, J. Eichler and H.-J. Lenz. "eNAQ: A prototype for an electronic version of the UN national accounts questionnaire". Discussion Paper 2004/30, School of Business and Economics, Freie Universität Berlin, 2004.