The research direction is software security threat modeling, including automatic identification of security threats, threat processing and solving, security test design, etc., to ensure system security. At the same time, threat modeling for DevOps is also researched to improve the quality and speed of threat modeling, adapt to the new development mode, and ensure system security to the maximum extent in the continuous iterative requirements. The project that our group cooperates with the industry is CCF-HUAWEI project, which not only researches and innovates, but also applies in the industry.