What is PEAKS?

PEAKS is an acronym for "Platform for the Efficient Analysis and Secure Composition of Software Components"

A fundamental building block in making software engineering more efficient is the reuse of existing components and libraries. Applications are composed of a stack of libraries in conjunction with the respective business code. But as the code of the libraries becomes a part of the control flow of the application, it will run in the same process and thus in the same security context as the main application regardless of the actual need for such a privilege. We aim to build a tool to detect these unnecessary permissions in software libraries and to recommend procedures to limit these privileges or their impact.

PEAKS is developed by the Security Subgroup of the Software Technology Group at Technische Universität Darmstadt

PEAKS was funded by the German Ministry of Education and Research (BMBF) (Reference no. 01IS12054) as part of the Softwarecampus initiative.

Find out more »


PEAKS is actually the hub of a lot of smaller projects. Here are the ones that we already made available publicly:


High-level Capability Inference

Ever wondered what system resources the library you are about to include into your software project uses? We can find out for you!

More » Git Repository


Configuring Soot to run your analysis can be a tough job. We have a fluent interface that can help you.

More » Git Repository


Do you have a large evaluation base to run your analysis on? Tired of rerunning the basic analyses when only your specific analysis changes? We developed OSGi modularity for static analysis to counter this.

More » Git Repository


Ben Hermann

Technische Universität Darmstadt
Fachbereich Informatik
Fachgebiet Softwaretechnik
Ben Hermann
Hochschulstraße 10
64285 Darmstadt