Registered user since Wed 6 Sep 2017
Marcel Böhme is a faculty member at the Max Planck Institute for Security and Privacy (MPI-SP) in Germany where he leads the Software Security research group. His group has made foundational contributions to automatic software testing, specifically fuzzing which has become one of the most successful techniques for automatic vulnerability discovery at scale: While conventional wisdom has that testing can only show the presence of bugs but never their absence, Marcel has developed the first statistical framework to make statements about a program’s correctness after an error-less testing campaign. While testing is embarrassingly parallel, his probabilistic theory explains how the cost of bug finding is actually exponential in the number of machines, and when even the most effective systematic testing technique is outperformed by a simple, random approach. More recently, his group has been developing the statistical and causal foundations of empirical software security analysis at scale, supported by an ERC grant. To find out more about the research in our group, head over to https://mpi-softsec.github.io
Marcel is an ACM Distinguished Member, a Guest Editor-in-Chief (Registered Reports) and Associate Editor for the ACM TOSEM, the flagship journal in software engineering and a PC Chair of ACM/IEEE ASE’25 and ACM SIGSOFT ISSTA’26, two of the four top conferences in his area. He won a 2024 ERC Consolidator grant, a 2019 ARC DECRA (Australia’s ERC Starting), a 2019 Google Faculty Research Award, and several ACM Distinguished Paper awards, spotlights, and highlights at the premier publication venues for security and software engineering. Marcel received his PhD at the National University of Singapore (NUS) where he was named 2022 NUS Outstanding Young Computing Alumni.
Contributions
2027
ESEC/FSE
2026
ASE
ESEC/FSE
ICSE
2025
ASE
2030 Software Engineering
ESEC/FSE
ICSE
- Author of Invivo Fuzzing by Amplifying Actual Executions within the Research Track-track
- Program Co-Chair, ASE Conference of ASE Conference Program Committee Meeting within the Meetings and BOFs-track
- Author of Accounting for Missing Events in Statistical Information Leakage Analysis within the Research Track-track
- Committee Member in Research Track within the Research Track-track
2024
ASE
ISSTA
2030 Software Engineering
ICSE
- Author of Extrapolating Coverage Rate in Greybox Fuzzing - Artifacts within the Artifact Evaluation-track
- Author of Extrapolating Coverage Rate in Greybox Fuzzing within the Research Track-track
- Area Chair for Dependability and Security in Research Track within the Research Track-track
- Session Chair of Fuzzing 1 (part of Research Track)
2023
ISSTA
ICSE
- Sustainability Co-Chairs in Organising Committee
- Author of An Experimental Assessment of Using Theoretical Defect Predictors to Guide Search-Based Software Testing within the Journal-First Papers-track
- Author of Reachable Coverage: Estimating Saturation in Fuzzing - Artifacts within the Artifact Evaluation-track
- Program Committee Member in Technical Track within the Technical Track-track
- Author of Artifact for Evaluating the Impact of Experimental Assumptions in Automated Fault Localization within the Artifact Evaluation-track
- Author of Reachable Code Coverage within the Technical Track-track
- Author of Evaluating the Impact of Experimental Assumptions in Automated Fault Localization within the Technical Track-track
2022
ESEC/FSE
- Author of Locating Faults with Program Slicing: An Empirical Analysis within the Journal First-track
- Author of Fuzzing: On the Exponential Cost of Vulnerability Discovery within the ESEC/FSE 2020-track
- Social Media and Publicity Co-Chair in Organizing Committee
- Committee Member in Program Committee within the Research Papers-track
- Session Chair of Program Analysis I (part of Research Papers)
- Author of Estimating Residual Risk in Greybox Fuzzing within the ESEC/FSE 2021-track
- Author of Boosting Fuzzer Efficiency: An Information Theoretic Perspective within the ESEC/FSE 2020-track
ICSE
- Author of FuzzTastic: A Fine-grained, Fuzzer-agnostic Coverage Analyzer within the DEMO - Demonstrations-track
- Committee Member in Program Committee within the SEIP - Software Engineering in Practice-track
- Author of Statistical Reasoning About Programs within the NIER - New Ideas and Emerging Results-track
- Author of On the Reliability of Coverage-Based Fuzzer Benchmarking within the Technical Track-track
2021
ECOOP/ISSTA
- Workshops Co-Chair in Organizing Committee
- Speaker of Foundations of Software Testing within the Summer School-track
- Session Chair of Fuzzing (part of Discussions with Experts)
- Workshop Co-Chair in Workshop Committee within the Workshops-track
- Author of Fuzzing within the Discussions with Experts-track
2020
ESEC/FSE
- Moderator of Conversations on Testing 3 within the Paper Presentations-track
- Author of Boosting Fuzzer Efficiency: An Information Theoretic Perspective within the Research Papers-track
- Panelist of Conversations on Fuzzing within the Research Papers-track
- Moderator of Conversations on Testing 4 within the Paper Presentations-track
- Author of Fuzzing: On the Exponential Cost of Vulnerability Discovery within the Research Papers-track
ICST
ASE
ISSTA
ICSE
- Programme Committee in Program Committee within the Technical Papers-track
- Author of Time-travel Testing of Android Apps within the Technical Papers-track
- Author of Smart Greybox Fuzzing within the Journal First-track
- Session Chair of P25-Fuzzing (part of Paper Presentations)
- Author of HyDiff: Hybrid Differential Software Analysis within the Technical Papers-track
- Committee Member in Program Committee within the New Ideas and Emerging Results-track