Marcel Böhme (he/him)
Marcel Böhme is a faculty member at the Max Planck Institute for Security and Privacy (MPI-SP) in Germany where he leads the Software Security research group. His group has made foundational contributions to fuzzing which has become one of the most successful techniques for the automatic discovery of security flaws in practice. In 2024, Marcel was awarded an ERC Consolidator grant for his project on in-vivo software security analysis at scale which will develop the empirical foundations of program analysis. To find out more about the research in our group, head over to https://mpi-softsec.github.io
Marcel is a Guest Editor-in-Chief and Associate Editor for the ACM TOSEM, the flagship journal in software engineering, an Area Chair for ICSE'24, the flagship conference in software engineering, and a PC Chair for two major conferences, ASE'25 and ISSTA'26. He served on the program committees and organizational committees of all premier international conferences in software engineering. Marcel received his PhD from the National University of Singapore where, 10 years later, he received an Outstanding Young Computing Alumni Award.
His current research concerns the automatic discovery of security flaws at the very large scale. One part of his group works on the foundations of automatic vulnerability discovery and program analysis in general. For instance, we seek to identify fundamental limitations of existing techniques, we study empirical methods (incl. statistical and causal reasoning) for program analysis, and we explore the assurances that software testing provides when no bugs are found. The other part of his group develops practical vulnerability discovery technology that is widely used in software security practice. For instance, Entropic is the default power schedule in LibFuzzer which powers the largest fuzzing platforms at Google and Microsoft, fuzzing hundreds of security-critical projects on 100k machines 24/7.