Dr Achim Brucker

Senior Lecturer
Industry Liaison Officer

Telephone: +44 (0) 114 222 1806

Personal website: staffwww.dcs.shef.ac.uk/people/A.Brucker/

ORCID | Google scholar

Selected publications | All publications

Dr Achim Brucker



Dr. Achim Brucker is a Senior Lecturer and Consultant in Software Assurance & Security. He is a member of the Verification and Testing Groups.

Until December 2015, he was a Research Expert (Architect), Security Testing Strategist, and Project Lead in the Global Security Team of SAP SE, where, among others, he defined the risk-based security testing strategy of that combines static, dynamic, and interactive security testing methods and integrates them deeply into SAP's Secure Software Development Life Cycle. He evaluated and selected all kinds of security testing tools and introduced them to the world-wide development organisation of SAP. Moreover, he represented SAP in the OCL standardization process of the OMG.

Before joining SAP, he was a member of the Information Security Group at ETH Zurich, Switzerland and the Software Engineering Group at the University of Freiburg, Germany.

He received his master's degree in computer science from University Freiburg, Germany and his Ph.D. from the Information Security Group (headed by Prof. David Basin) at the ETH Zurich, Switzerland.

Other professional activities and achievements:

  • Member of the EPSRC Peer Review College
  • Member of the Tests and Proofs (TAP) conference steering committee
  • Mentor for Researchers
  • ACM Senior Member
  • Speaker on professional security conferences such as OWASP AppSecEU.


Dr. Achim Brucker’s research interests include information security, formal methods, security engineering, and software engineering. His aim is to build secure, reliable, resilient software (and hardware systems). He works on using formal methods, verification, static analysis, and testing techniques both on the source and binary level as well as on the level of specifications and abstract models. Examples of his work include the Isabelle/HOL-based tools HOL-OCL (a formal specification environment and theorem prover for UML/OCL specifications) and HOL-TestGen (a theorem prover-based testing environment), model-driven engineering tools (e.g., in the context of SecureUML and SecureBPMN), security testing, work in access control, mobile security and browser security. For a more complete overview of his research achievements, please visit his personal web page and the software assurance & security research page.