Virtual partnering event on the Software Security Score
The Cyberagentur invites you to the partnering event – “Software Security Score (3S)”.
February 5, 2026 – 11:00 a.m. – 1:00 p.m.
Registration until January 26, 2026
Aim of the partnering event
Those interested in the new research program can obtain initial further information on the contents at the upcoming partnering event. Furthermore, all participants will have the opportunity to present themselves and their areas of focus and thus network with potential partners for the formation of consortia.
Agenda
- Presentation of the Cyberagentur
- Presentation of the 3S program
- Introduction of the partners (2 minutes each)
Please send your presentation slides by February 2, 2026 at the latest to 3s@cyberagentur.de
Netiquette
The digital space is intended to promote exchange and has its starting point in a critical and constructive, but above all respectful interaction with one another. We would therefore kindly ask you to treat each other with respect.
Background
Consumers are constantly dealing directly or indirectly with software in their everyday lives, from banking apps to smart robot vacuum cleaners. The operational and IT security of the applications is often difficult for them to grasp. Has the software been carefully developed or are vulnerabilities likely? What needs to be considered for secure use and is the simplest use also the most secure? To what extent can any data outflow be controlled?
Where there is a lack of transparency and understanding, civil society not only finds it difficult to trust digital solutions, but also to assert its interests against manufacturers. Both are necessary for a secure digital everyday life.
Aim
The planned research program “Software Security Score” (3S) aims to make software security tangible and comparable. Using measurable parameters, a broadly applicable evaluation metric is to be developed that meaningfully summarizes the various influencing factors for end users in a security score. The individual steps of the evaluation must be prepared in a comprehensible and understandable manner and be reproducible. Safety should not be understood as a state, but as a process: It results from the context of use, the interaction with hardware and other software components and the life cycle that the product goes through. The software security score should be managed by a central point of trust and must be able to be collected efficiently for widespread use. With a supplementary program, consumers can carry out or understand the assessment themselves to some extent.
Disruptive Risk Research
The disruptive potential arises from the difficulty of breaking down software security in a meaningful way while retaining validity. Currently, there are certificates and seals of approval, but these often make limited statements and only evaluate a product in binary terms. There is great potential to make the various aspects that contribute to security much more transparent and tangible for citizens. Manufacturers could also be extrinsically motivated to design their products carefully and in a consumer-friendly way.