Thesis Topics
On the Feasibility of Automated Relation Analysis of Regulatory Security-Relevant Requirements
To what extent can we analyze the relations between requirements originating from different regulations or even internal policies to understand overlaps and contradictions?
Objectives
- Build a corpus of relations between different requirements from regulatory documents - based on published resources
- Prototype different NLP approaches for the analysis of the relation between those requirements
- Evaluate the effectiveness of the approaches and outline limitations
Requirements
- Strong understanding of NLP techniques
Expected Duration: 6 months - Start: November 2025
Artefact-based Evaluation of Software Engineering Research Reproducibility
To what extent can we automatically evaluate the level of reproducibility of software engineering research artefacts e.g., to support authors in improving their research artefacts?
Objectives
- Build a corpus of relevant characteristics to evaluate research artefacts against
- Prototype an agentic approach for the evaluation along those characteristics
- Assess the potential, limitations, and usefulness of the proposed approach
Requirements
- Basic understanding of the relevance of reproducibility in science
- Strong understanding of agentic frameworks
Expected Duration: 6 months
Automatic Requirements Inference
How can we automatically infer, for engineers tangible, low-level security requirements from an abstract high-level security requirement based on security standards and regulations?
Objectives
- Build a corpus of security requirements inference.
- Prototype different agentic approaches for the analysis of the relation between those requirements
- Evaluate the potential and the limitations of different agentic approaches.
Requirements
- Strong understanding of security in product development
- Strong understanding of agentic frameworks
Expected Duration: 6 months - Start: Early 2026
GenAI to Detect and Extract Requirements from Security Standards: A Feasibility Study
How well can GenAI detect, extract and formulate actionable software requirements from security standards?
Objectives
- Analyze the potential and limitations of AI to detect requirements
- Analyze the performance of AI in extracting requirements information
- Evaluate the usefulness of different software requirement formulations
Requirements
- Strong understanding of NLP, LLMs, and prompt engineering
- Strong security and security compliance knowledge
Expected Duration: 6 months
Industrial Product Backlog Exploration: Potential and Limitations of NLP-based Analyses for Security Purposes
How reliably can NLP techniques support engineers by providing security advice for backlog items that are relevant for the security of our product?
Objectives
- Employ NLP techniques to detect backlog items relevant for the product security
- Map relevant security advice/rules to backlog items
- Evaluate the effectiveness and reliability of the approach
Requirements
- Basic understanding of NLP techniques
- Basic understanding of security & security compliance
Expected Duration: 4 months
Interested?
If you are interested in one of the available thesis topics please contact me with:
- A brief motivation explaining your interest and experience
- Relevant project work or publications (if any)
- Preferred thesis topic(s) from the list above
Contact: website@angermeir.me
My Expectations on You
- Being self-organized (e.g. time-wise, problem solution-wise)
- Structured working (e.g. meetings with agenda, clearly defined outcomes)
- High rigor in the research work
- Openness and transparency
- A shared publication with second authorship for you
What You can expect from Me
- Shared planning of the thesis, scope, methodology and concrete objectives
- Frequent guidance and support
- Constructive and honest feedback
- Freedom to try ideas out and do them your way
- Commitment to timely responses