Safety and Security
IT security and safety is becoming more and more important in application domains such as cloud computing, Industry 4.0, medical engineering, building automation, driver assistance, (semi-)autonomous driving, and energy supply. Innovative solutions in these domains are increasingly based on extensive networking and enhanced interaction possibilities between components, systems, applications, roles, and users.
The growing system complexity and networking represent a major challenge for the demonstrable security and reliability of overall systems. The combination or the expansion of subsystems creates new attack scenarios and threats. Therefore, IT safety and security, with respect to external and internal attacks, has to be taken into consideration during the entire development and product life cycle. Thereby all interaction and access possibilities concerning the system or the system components have to be taken into account.
The more automation becomes economically important, the more important become the requirements imposed on the safety of systems and plants in the application domains mentioned before. Safety and security are two different goals. Nevertheless, these two goals influence each other when it comes to realising them in the context of devices and plants. To take these influences into account in the system development is mandatory.
Embedded systems and cyber-physical systems (CPS) represent a special challenge for the implementation of safety and security measures. Because of their limited system resources, they require methods ideally adapted to their requirements.
The FZI researches and develops methods, processes, tools, and realisations for safety and security measures as well as for safety assessment. Thus, the focus of the protection goals lies on confidentiality (e.g. know-how protection), authenticity, integrity, and system availability. The spectrum of research and development at the FZI concerning security and the interrelations with other qualities ranges from adapted development processes to tools for model-based designs, the assessment and optimisation of highly interconnected systems as well as methods and measures that are realisable in these systems, to cryptographic processes.
Threat and safety analyses
Analysis and benchmarking of realisation alternatives
Conception of secured protocols and systems
Development of cryptographic processes and their adjustment to embedded systems and CPS
Development of modelling and analysis tools
Processes and procedure models (security lifecycle, safety lifecycle)
Dipl.-Inform. Matthias Huber
Ich habe 2009 mein Studium der Informatik am KIT abgeschlossen und 2009 bis 2013 als wissenschaftlicher Mitarbeiter am KIT gearbeitet. Seit 2013 arbeite ich am FZI als Abteilungsleiter.
Meine Forschungsinteressen umfassen:
- Kryptographie und Sicherheit
- Sichere Software-Architekturen
- Sicheres Datenbank-Outsourcing
- Anonymitätsbegriffe und Datenbankanonymisierung
Meine Publikationen werden auf einer separaten Seite geführt.
Phone: +49 721 9654-666
Fax: +49 721 9654-667