OCTIKT and MOSAIC – Two Innovative Solution Approaches for an Organic and Self-adaptive Computer Architecture

The complexer systems become, the more failure-prone and ineffective they can get. In order to keep them still stable and to ensure a high performance, researchers of the FZI Research Center for Information Technology examine in the projects OCTIKT and MOSAIC the behaviour of self-organised systems.

December 02, 2019 – Two projects – a common objective: the safeguarding and improvement of the robustness of digital and technical systems. Whether on the job or in private life – digitalisation progresses rapidly. It is the innovation driver for the development of new products and services, such as the Internet of Things (IoT), autonomous driving, smart homes or the smart city. The digitalisation and the development of new products fascinate us, make life easier and let us participate in the progress. We keep our finger on the pulse of time. Nevertheless, if everything around us becomes more intelligent, we become dependant on the availability and reliability of the various systems, from the infrastructure and some frameworks. We establish expectations for these systems to become flexible and intelligent, to fulfil tasks under dynamic conditions, without these conditions already being fully known at the time of system development.

OCTIKT – An Organic Computing-based method for the safeguarding and improvement of the resilience in technical and ICT systems.

OCTIKT stands for an Organic Computing-based method for the safeguarding and improvement of the resilience in technical and ICT systems. In the framework of the project, the aim is to provide users with a holistic, generic framework, which takes account for the changing frameworks in decentralised, dynamic systems. Through the use of this frame, the resistance against disruptions in technical and ICT systems shall be safeguarded and improved.  It is relied on the application and extension of methods from Organic Computing, which enable the development of self-organised ICT systems and thus enable the system to maintain the intended function in the case of a failure and to adjust the system to the new conditions. Adaptive systems do not have to be controlled directly, but can autonomously react to certain requirements and conditions and thus achieve their defined objectives despite occurring disruptions.

Centralised software systems for the control of increasingly complex technical and ICT systems will increasingly reach their limits. A solution approach is to divide and decentralise functions and services, while the subcomponents independently coordinate with each other. The developing systems are characterised through concurrency that means that they carry out subtasks quite independently, parallelly and also distributedly.

Methods and solutions for the development of such systems are investigated, applied and extended in the project OCTIKT. The FZI researches how the problems in dynamic, decentralised but highly networked systems can be solved through Organic Computing approaches. This concerns technical systems like power grids, but also information and communication technology systems that are applied in the framework of Industry 4.0 or the Internet of Things. The aim is to increase the resilience of these systems: The functionality shall also be preserved during disruptions and greater damage or failures shall be prevented. A possibility is to use Organic Computing methods of self-organisation for the operation of the systems. Users are provided with a comprehensive framework, for this purpose, in order to take the changing framework conditions in decentralised, dynamic systems into account.

OCTIKT in the practical application

The power grid serves as illustrative example: The increasing dissemination of decentralised energy generation plants, such as solar systems and large electrical loads like charging electric vehicles, confront the power grid with challenges, for which it was not originally construed. The consortium examines in a simulated neighbourhood with 50 to 100 households, how the resilience of the low-voltage distribution network can be ensured and improved through the use of a decentralised energy management system. The decentralised and automated energy management system shall detect disruptions at an early stage and eliminate them though the intelligent use of the existing energy flexibility.

MOSAIC - Modelling, simulation and design of self-adaptive IoT systems in the cloud

Decentrally organised IoT systems are often large, heterogeneous and complex. However, high quality requirements are imposed to them regarding their performance, scalability, availability and resilience. In order to still ensure their availability, a high planning and testing effort is necessary, since non-functional properties of the system often only appear in complex field tests. This shall be changed by MOSAIC. Innovative methods for the development of self-organised IoT systems are researched in MOSAIC.

The targeted self-adaptability decreases the maintenance effort of heterogeneous systems and automatically ensures their self-protection. The engineer-based approach allows already in the planning and development stage to ensure quality properties like performance, availability and self-protection. In comparison, static systems are significantly less flexible and more prone to errors. The first milestone of the project, which focuses on the elastic properties of self-adaptive systems, has already been reached.

The FZI Research Center for Information Technology manages the project OCTIKT as well as the project MOSAIC as the consortium leader. 

Project OCTIKT: In this project, the FZI is responsible for the exemplary implementation and simulation-based evaluation of the generic framework by means of an application scenario in the field of energy technology. Further involved partners are the Fraunhofer Institute for High-Speed Dynamics (Ernst-Mach-Institut, EMI), evohaus IRQ GmbH, Netze BW GmbH, Seven2one Informationssysteme GmbH and the University of Kassel. The project is funded by the German Federal Ministry of Education and Research (BMBF) in the framework of the funding programme "IKT 2020 — Forschung für Innovationen" (ICT 2020 — Research for Innovation). The duration of the project is three years and ends on October 30, 2021.

Project MOSAIC: With the FZI as the consortium leader, new architecture and construction principles as well as modelling and simulation methods are researched for the holistic development of emergent IoT systems. The FZI introduces its expertise in the field of software engineering at the same time – especially in the simulation, modelling and construction of software architectures against the background of the quality requirements. Besides the FZI, the Reliable Software Systems Group RSS of the University of Stuttgart is also involved as project partner. The industrial partner of the project is Robert Bosch GmbH. MOSAIC is also funded German Federal Ministry of Education and Research (BMBF) in the framework of the funding programme "IKT 2020 — Forschung für Innovationen“. The duration of the project is three years and ends on October 30, 2021

Career at the FZI: Researcher of the FZI Wasilij Beskorovajnov in the Fight against Criminal Energy on the Internet

Image source: FZI Research Center for Information Technology

02.10.2019 - Wasilij is research scientist at the FZI and made the fight against cybercrime his mission. In this interview, he gives us an insight into his work at the Competence Center for IT Security:

FZI Blog: How did you get to the FZI?

I completed my master's programme at KIT last autumn and really wanted to do a doctorate afterwards. The Scientific Director of the FZI Müller-Quade was my professor in the field of cryptography as well as security. At that time, he recommended the FZI to me. Well, I applied for it and it worked out. Since last November, I am part of the team of the Competence Center for IT Security.

FZI Blog: At which time of your studies in Computer Science did you know that you wanted to specialise in the topics of IT security and risk?

This was in the fourth semester of my bachelor's programme, while I was studying for the lecture "Security". I noticed that I had so much fun studying and that it was surprisingly easy. All of that sounded exactly like what I wanted to do.

FZI Blog: Can we even trust the Internet and our means of communication?

The entire Internet is based on trust. That means that if you stop trusting the Internet, you cannot use it any longer. The most important thing is that you can trust your browser, as it trusts other pages. You can see that quite clearly when you open a website in the browser: If a small, green lock is visible at the top left, this indicates that the browser considers the page as trustworthy. The connection is thus encrypted and nobody can interfere.

FZI Blog: Which cyber threats lurk on the web?

Usually, it's surprisingly trivial. Phishing websites are certainly a huge problem. You want to log in on your online banking account, but did not pay attention to the green lock and thus end up on the page of the Spaarkasse and not of the Sparkasse. You do not recognise it, enter your data and then it's too late. This happens relatively often, the success rate of criminals is really high here. Another common attack variant takes place via emails. To do so, user data are stolen or a virus is established on the user's PC. Usually, such emails can be recognised by the fact that they are not so well-written.

FZI Blog: What fascinates you the most on the topics of IT security and risk?

It has something of a chess game. It's necessary to analyse the attacker's moves and to be aware of his possible moves. It is a permanent race between IT security and organised crime. This is very exciting.

FZI Blog: What do you like most about your work at the FZI?

I think it's great that you have so much space for flexibility at the FZI. With regard to IT security, I like the practical orientation of our projects. And I think it's good that even as a newbie I was given responsibility and own projects at an early stage. I was thus able to gain experiences in the field of management and leadership competence right from the beginning.

Wasilij Beskorovajnov studied Informatics at the Karlsruhe Institute of Technology (KIT). Since November 2017, he has been working as a research scientist at the FZI in the Competence Center for IT Security. In the framework of his current doctorate, his research focus is set on mathematical principles of cryptography and the security of cryptographic protocols.

digital@KA Was Ranked First at the 18th eGovernment Competition

Image source: MIKA-fotografie I Berlin

June 2, 2019 – The project “digital@KA” was ranked first at the 18th eGovernment digitalisation competition. On May 28, 2019, the project team was awarded as winner in the “Bestes Digitalisierungsprojekt – Städte/Regionen 2019“ (best digitalisation project – cities/regions 2019) category at the award ceremony in Berlin. The FZI, CyberForum as well as the Karlsruhe companies of CAS Software, YellowMap, WeLocalWorld and ISB develop in the project an app that connects urban and private services in Karlsruhe led by the City of Karlsruhe.

The project “digital@KA” was ranked first in the category “Bestes Digitalisierungsprojekt  Städte/Regionen 2019“ of the competition on the digitalisation and modernisation of the public administration “Wettbewerb zur Digitalisierung und Modernisierung der öffentlichen Verwaltung“. The digitalisation competition 2019 was the 18th eGovernment competition, organised by the business consulting firm BearingPoint and the technology group Cisco Systems. It is under the patronage of Helge Braun, Head of the German Federal Chancellery. Each year, digitalisation projects are nominated in overall six categories. This year’s prize was awarded in the framework of the Zukunftskongress “Staat und Verwaltung“ (congress for the future of state and governance) in Berlin on May 28, 2019. The project prevailed against two competitors. The prize was accepted by the Mayor of the City of Karlsruhe Albert Käuflein, representatively for the entire project team. 

The aim of the project “digital@KA – Urban Relationship Management in Karlsruhe” is to develop an app by which citizens of Karlsruhe can quickly and individually access various digital offers. Up to now, the individual apps of public authorities, stores and the public transport as well as other institutions of everyday life form a big patchwork rug. Users still have to remember a lot of passwords and look for the right service or the right app concerning various questions as well as enter their data again. In addition to that, every app has complex authentication processes. But this shall change in the future: “digital@KA” bundles the functions of various apps in a platform and provides them for citizens.

With a team led by Christoph Becker and Sascha Alpers from the research division Software Engineering, the FZI is responsible for the implementation of the data management concept in the form of a data hub. “The prize shows that Karlsruhe is clearly at the top of the German IT development. With digital@KA we follow the existing digital infrastructure for citizens and companies, expand them and offer a uniform access point. Currently, particularly the KA-WLAN is used a lot, citizens’ services are accessed via the website or personally in the guildhall. An app is the next logical step,” states the FZI researcher Sascha Alpers. The FZI is focusing on digital sovereignty in its contribution: Personal data shall be processed sparingly and with the consent of the citizens. Other data, like maps or event dates, shall be available for everyone, so that added value services can be developed. The data hub developed by the FZI provides these data, whereas the project partners from Karlsruhe are responsible for the development of the app and the integration of the citizens’ services.

The project “digital@KA” is funded by the Baden-Württemberg Ministry of the Interior, Digitalisation and Migration in the framework of the digitalisation initiative “digital@bw”.


DIN SPEC 91349: A Taxonomy for Smart Data

17.04.2019 – The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015 and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.

Standardisation in big data and smart data

In the fields of big data and smart data, technology develops faster than the corresponding standards. For a current analysis of such standards, standard concepts, specifications of individual software providers, mathematical processes or informal documents like best practice recommendations and industry commitments have therefore to be considered besides formal norms. In addition, in the greater context of smart data there are also provisions that are often not to be compared with technological standards: contract design as well as terms and conditions, management and controlling, licenses, laws and regulations. Formal standards are categorised and connected – especially through the publishing organisations. These information are missing for sets of rules and regulations, which are not available as formal standards. In some cases they are not even possible to the same extent. While large companies can cope with this situation on their own, the entry of small and medium-sized companies into big data and small data is difficult. Rules for the fundamental description of a smart data service and its components have also not yet been established. This is where the DIN SPEC 91349 developed as part of the "Smart Data" programme applies.

Bundling of sets of rules and regulations along the data value chain

It defines a taxonomy of smart data rules and regulations, based on the operation purpose and on the particular processing stage within the so-called data value chain. This matrix enables a fact-based consideration of the relevant technology and its classification in relation to other, potentially similar approaches. 

General and specific application of DIN SPEC

In the application of the taxonomy, a distinction has to be made between general and specific situations. Considering the general application, a publicly accessible database is aimed, which compiles, processes and presents important sets of rules and regulations for smart data. This database provides therefore a fundamental opportunity to research the entire thematic field or a subfield. On the other hand, taxonomy is available for the project-specific use of research projects. It thus enables a specialised consideration with which projects relating to sets of rules and regulations can be prepared, documented and examined. The taxonomy may also apply in communicating project contents and approaches. Primary user groups for both scenarios are small and medium-sized companies that newly enter the thematic field of smart data or a subfield. Furthermore, a use through experts, industry associations as well as politicians is possible. Since May 2017, the DIN SPEC can be acquired free of charge on the website of the publishing company Beuth-Verlag

Expansion of the taxonomy onto the European dimension

The contents of the DIN SPEC 91349 have also attracted wide interest in the European area. The filing is therefore currently being evaluated at international level. Considering the application of DIN SPEC 91349, there will be a publicly accessible database in the future, which will provide the companies the opportunity to research their thematic field.

Director of the FZI Prof. Dr.-Ing Stefan Jähnichen was responsible for the "Smart Data" accompanying research. This one-pager was the result of the cooperation with the German Institute for Standardization. The work was coordinated by Dr. Jan Sürmeli. Further information can be found at www.smart-data-programm.de.

Methodology of Legal Assistance for Projects

Image source: pixabay

10.04.2019  The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015, and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.

The challenges in the context of smart data can only be met through an integrative and diverse view on legal and technological aspects of the specific application fields.

The complex and interactive structure of multilayered ICT systems requires that the legal support of research projects across all legal fields in the field of smart data, becomes increasingly important. In this respect, the legal evaluation – based on description models using information technology – should not only focus on the horizontal view specific to the legal field but also on the vertical connections and interactions of current (further) developments in the field of information technology.

Requirements analysis

In order to avoid later conflicts between technological and legal aspects as early as possible, it should be started during the requirements analysis and appropriate deployment scenarios should be derived from the technological aims, in order to analyse them from a legal perspective. This includes, for example the identification of later applicable legal norms (directives, laws, regulations) and the resulting implications as well as legal requirements.


Therefore, the results of the analysis can have some influence on the technological design of relevant systems at an early stage, in order to ensure a design in compliance with the law right from the beginning and thus to minimise the expenses for later adjustments. The technological system design, designed on the basis of the legal requirements, can thus be legally evaluated in the framework of an intermediary expert evaluation, in order to identify remaining adjustment requirements with regard to the legal conformity. On the basis of the intermediary expert evaluation the prototypical implementation and/or technological simulation takes place – depending on the type of the technological system.

The resulting status is then incorporated in a legal evaluation one last time with regard to the probable risks, which may again lead to possible adjustments of the technological system. In the same step, possible contributions of the technological system on the formalisation of legal norms are analysed.

Through the early involvement of legal evaluations, it is ensured that the developed system has a high level of legal conformity and e.g. does not conflict with relevant legal norms of the particular field. In contrast to other development models, the legal dimensions of the system are also captured right from the beginning and can therefore be used as a reference basis for policy advice. This applies to the requirements of legal adjustments, identified in the early stages of the legal analysis in particular.

Reference for standardisation

On the technological part, the design as well as the architecture of the system designed can in turn serve as a basis or reference for further standardisations, considering the ensured legal conformity. The outlined development process increases thus, through the early involvement, the probability that the deployed expenses will have some influence on future developments and are therefore sustainably worthwhile.

After a conclusive legal evaluation in the framework of the final expert evaluation, the developed system described in the model can thus be launched.

Source: http://compliance.zar.kit.edu/24.php

The one-pager was the result of the work of the expert group "Rechtsrahmen" (legal framework) led by Manuela Wagner. The expert group was scientifically supervised by Dr. Oliver Raabe. Further information can be found at www.smart-data-programm.de.

Guideline: Anonymisation Techniques

Image source: pixabay

03.04.2019 - The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between the 15.03.2015 and 15.09.2018. The FZI Research Center for Information Technology was, as the consortium leader, co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.

Technological challenges:

In the context of big and smart data, it is becoming more difficult to clearly differentiate between personal data and mere factual data. However, even already anonymised datasets can enable a re-identification of previously anonymised persons through the combination with additional information from third party sources. The enrichment of datasets rated as "unproblematic" with additional context knowledge can lead to the establishment of a personal reference. This problem is especially favoured in open data processing structures, in which data is disclosed to third parties.

It is thus necessary to determine the degree of background knowledge of third parties a priori. If third parties are additionally aware of other anonymised datasets, which contain one or various persons that are also included in the presented anonymised dataset, this can lead to a de-anonymisation: Lacking information can be deduced from data of different sources. There is rarely any influence on this situation, this is why ultimate countermeasures are not possible. A further problem may occur when the technical implementation of the anonymisation is known, for example via the source code of the anonymisation. By adding the factor "chance" into the anonymisation process, the knowledge about the source code is not sufficient anymore for the de-anonymisation. The result of an anonymisation process is therefore not clear anymore, but rather partially controlled by a random process.

Interactive and non-interactive anonymisation processes

In non-interactive processes, the database is anonymised and subsequently disclosed by the publisher.  Interested persons have one-time access to the database and can evaluate it afterwards. There is no further need for action for the publisher. Whereas in interactive processes, the publisher provides the receiving party with an interface via which they can send requests to the database. The results of the requests are modified through noise, even before they can be sent back to the receiving party. It must be taken into account that the number of the requests that can be sent by a receiving person are limited.

Additionally, there is the option to generate a non-interactive process from an interactive process: For this purpose, the publisher formulates requests by herself/himself and executes them. Subsequently, the results are published, whereby they are modified by noise as planned.  Generally, an interactive process protects the privacy better than a non-interactive process.  However, this is more complex in the construction and in the operation. Therefore, it must be carefully evaluated to which extend the data that has to be disclosed are worth protecting and whether an interactive solution is necessary or not. In the following, several terms and methods of both processes will be presented.

Anonymity terms

The anonymity terms of k-anonymity, l-diversity and t-closeness refer to the result of a non-interactive anonymisation process, differential privacy is an anonymity term for interactive anonymisation processes.

K-anonymity should prevent that attributes may be clearly assigned to a single database entry.  In the database above, it is possible to clearly assign a known date of birth to a dataset. In order to prevent this, entries stored in the database are being combined in groups with equal contents and at least in size k. The existing information are generalised adequately. For example, dates of birth may be reduced to the birth year or an address to the residence, in order to cover a greater number of people.

A weakness of k-anonymity is that it cannot be ruled out that all sensitive data of a group have the same value.  The opposite database entries are 2-anonymous. If a third party is aware of the fact that a person in the database is born in 1949, he knows for sure that this person had a heart attack. L-diversity extends k-anonymity to the effect that in every group at least l different values have to be included additionally.

L-diversity guarantees indeed a certain insecurity concerning sensitive values. However, if one of the l different values in a group occurs significantly more frequent than in the distribution of the entire database, conclusions are thus possible. T-closeness thus requires that a statistical distance between the distribution within an arbitrary group and the distribution on the entire database is maximum t.

Differential privacy
In a differential privacy-compliant, interactive process, an attacker learns only slightly more about a person contained in the database than they would learn about them if they were not contained in the database. This minor disclosure of information is defined via a parameter ε ≥ 0. At the same time, ε is a compromise. The smaller ε is chosen, the less information will be disclosed, but the more difficult it will be to sensibly analyse the data subsequently. The extreme case  ε = 0 stands for perfect secrecy, however, the data have to be made noisy to that extent that they are absolutely unusable. In order to correctly use differential privacy, three aspects have to be considered:

  1. The choice of ε should be well-considered, even if this decision is usually difficult.
  2. All entries in the database have to be independent of each other.
  3. Side-channel attacks may not be allowed in the implementation.

Related links:

The one-pager was the result of the work of the expert group "Sicherheit" (security) led by Dr. Dirk Achenbach. The expert group was scientifically supervised by Prof. Dr. Jörn Müller-Quade. Further information can be found at www.smart-data-programm.de.

Security Key Points for Platform Solutions

Image source: pixabay

27.03.2019 - The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015 and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.

Protection requirements analysis and security concept

When using personal and sensitive data, these and the underlying systems have to be protected through an appropriate security concept. A protection requirements analysis has to be carried out in advance, in order to systematise specific requirements on security objectives such as availability, integrity and confidentiality. Concrete measures in the security concept are defined for these objectives. The security concept can be developed and certified on the basis of the IT basic protection.1 Therefore, the free BSI-Standard 100-2 "IT-Grundschutz Methodology" (IT basic protection methodology) is available as an introductory work.2 For this purpose, technical and organisational protection principles on (communication and data) encryption, access and usage control, authentication, anonymisation and pseudonymisation as well as reliable storage should be considered and implemented in the development of digital platform solutions. Security directives play a significant role here.3 A subsequent certification according to the recognised standard ISO/IEC 27001 can also be carried out on the basis of the IT Grundschutz. An intensive examination of data protection concepts like data minimisation, transparency, unlinkability/purpose limitation as well as users' rights/intervenability is recommended.

Encryption and data exchange

In order to encrypt data, the current state of the art, transport encryption via TLS 1.3 and encryption of persistent data via AES the have to be considered.4 Special attention should also be paid to possible junctions and interfaces concerning data exchange. A connection to other sub-networks can for example be protected by means of an encrypted VPN connection.  Even if (also public) web-based applications or web interfaces are planned, it is suggested not to include the Open Web Application Security Project (OWASP) Top 10 report5 as well as the OWASP Automated Threats for Web Applications6 into a comprehensive threat analysis and the security concept.      

Data access and authentication

Concerning sensitive data, it is recommended to implement a suitable access control system. Tried-and-tested as well as established standards should substantially be used. A common and widespread model is the role-based access control (RBAC). The authentication concept can also benefit from the multi-factor authentication. As a technical solution, a decentralised authentication system for web-based services like OpenID7 is suitable. A standard on identity management and concepts according to the state of the art can be found in the ISO/IEC 2476.8 In processing personal data, the ten data protection principles according to Article 5 GDPR have to be applied.9 In the framework of a protection requirements analysis and the safeguarding of the data protection principles, the standard data protection model can be used.10

Anonymisation and pseudonymisation

If the anonymisation and/or pseudeonymisation of data is required, it is pointed to the statement 5/2014 on anonymisation techniques of the Article 29 Data Protection Working Party, in whose Annex a guideline on anonymisation techniques is available.11 Moreover, it should be evaluated which anonymisation methods with semantic security guarantees12 are suitable and to what extent they fulfil the requirements that arise from the data protection. Such anonymisation methods have the advantage of clearly defined security properties  and also providing protection against unknown attacks. Existing terms or processes from the field of data privacy (k-anonymity, l-diversity, t-closeness, differential privacy) should be considered in the anonymisation and pseudonymisation.

Security in the cloud

When using cloud services for processing data and especially in the development of own cloud solutions, you should be oriented towards the BSI White Paper "Security Recommendations for Cloud Computing Providers - Minimum information security requirements".13 It is also recommended to rely on the preparatory work and results of the technology programme "Trusted Cloud".14 By means of characteristics established there for reliable cloud offers, an evaluation and certification of cloud service providers is possible. If an own cloud solution is developed in the project, there is the possibility to certify the solution developed in the project with the trusted cloud label and thus create higher trust in the offer.

1 https://www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKataloge/Inhalt/_content/hilfmi/profile/ profile.html;jsessionid=FAF8946937CB46F3048984F5A8C5CCC7.1_cid351
2 https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/ITGrundschutzstandards/BSI-Standard_1002.pdf?__blob=publicationFile
3 https://www.secorvo.de/publikationen/sicherheitsrichtlinien-fox-jendrian-2009.pdf
4 https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-2.pdf?__blob=publicationFile&v=6
5 https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
6 https://www.owasp.org/index.php/OWASP_Automated_Threats_to_Web_Applications
7 https://openid.net/
8 https://www.iso.org/standard/57914.html
9 See: Article 5 GDPR (principles relating to processing of personal data), via: https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&qid=1481744755386&from=DE
10 https://datenschutzzentrum.de/sdm/
11 http://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2014/wp216_en.pdf The statement refers to the legislation prior to the GDPR, which however picks up in essential aspects of anonymisation the Data Protection Directive, which is why the technical statements are transferable in particular.
12 https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/dwork.pdf
13 https://www.bsi.bund.de/DE/Themen/DigitaleGesellschaft/CloudComputing/Eckpunktepapier/ Eckpunktepapier_node.html
14 https://www.trusted-cloud.de/

The one-pager was the result of the work of the expert group "Sicherheit" (security) led by Manuela Wagner The expert group was scientifically supervised by  Dr. Oliver Raabe. Further information can be found at www.smart-data-programm.de.

Fact Sheet: The ISÆN Concept

Image source: pixabay

20.03.2019 - The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015, and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.


The exchange and the storage of personal data are part of the use of a lot of Internet services, whether when purchasing via a webshop or when booking an appointment in a doctor's surgery online. Important is that these data are in safe hands and protected against any misuse. Starting from May 2018, the exchange of personal data will be newly regulated in the framework of the European General Data Protection Regulation (GDPR). The GDPR stipulates, amongst others, that the consent of the persons affected have to be obtained. Moreover, there must be a right of objection as well as the obligation to provide information when data are disseminated. It is thus necessary to develop a technology, which allows both the citizens as well as companies the safest possible handling of personal data and meets the requirements of the GDPR.

Solution approach

A solution approach for a secure identity management on the Internet provides the French standardisation initiative ISÆN (Individual perSonal data Auditable addrEss Number). Users of Internet services should obtain better control of their personal data through ISÆN. The administration of data-processing law should be simplified and made transparent in particular.

Identity management with ISÆN

The standardisation initiative ISÆN develops a data protection technology, which enables Internet users to authenticate their identity online and reliably identify themselves in the digital space. Furthermore, the technology provides users the opportunity to actively determine and control who may use which of their personal data and also to reverse their consent in this regard again. The ISÆN Concept provides a kind of electronic safe, in which personal information of a natural person is stored, for example in a secured sphere on the smartphone. The identity of the user is therefore pre-stored and certified, e.g. through biometric processes such as a fingerprint scan or face recognition. A kind of digital address is generated from this identity features, by which a user can identify him- or herself, but no identification of the person her- or himself is possible. Therefore the concept builds on the blockchain technology, which also administers the electronic currency Bitcoin. In the blockchain, a sort of data chain, all transactions are being recorded, which are conducted with the digital address of the user, e.g. an order in an online shop. However, through the encryption, the blockchain never contains the personal data of the user. When a purchase is made in an online shop, the user is asked only via the blockchain whether the Internet trader may access to the data required for the purchase. Only after the release through the user, the data exchange takes place. Through the technology, user data on the one hand and the transaction itself on the other hand are being encrypted. Thus, personal data is only being exchanged when the person affected has consciously consented to it. An inflationary and intransparent dissemination of data can thus be prevented. Moreover, the storage and processing of personal information become tamper-proof as well as comprehensible and transparent.

Application fields

The ISÆN concept can make a positive contribution to the implementation of data protection principles in various application fields. Both service providers on the Internet as well as users can profit from the ISÆN technology, since the French concept provides a transparent and tamper-proof storage location. At the same time, the consumers' rights to information, adjustment, blocking and erasure of their own personal data through easily accessible technological measures can be safeguarded with ISÆN. Such a system holds the potential of increasing the trust of private persons in the electronic commerce as well as making the international online trading more transparent, easy and user-friendly. However, the implementation of the ISÆN concept is not limited to the national and international online trading. Beyond this, scenarios are conceivable, in which the ISÆN concept is applied, for example, in medicine in the administration of patient data. The trend towards mobile health has a particular importance here: The industry develops rapidly in this field, whereby people can generate health data on their own by means of smartphones, wearables and measuring instruments in everyday life, in order to control their own fitness. In this way, information about exercise and eating habits as well as blood sugar or blood pressure levels can also be obtained outside the doctor's surgery. Such information could be exchanged securely by means of the ISÆN technology. Patients should be able to decide independently, for what purpose selected health information may be provided for doctors. If necessary, they could view not only the mobile health data, but also treatment reports and measurements from other doctors and therapists. In addition, the use of the technology in the financial world or in research is possible – for instance in the implementation of national and international research studies.

Analysis by the Smart Data accompanying research 

In the framework of the technology programme "Smart Data – Data Innovations", the accompanying research analysed the identity management process ISÆN. The initiative to protect personal data through reliable technical measures, should be pursued in today's digital society, according to the recommendation. In this context, open legal and technological questions should be answered. Additionally, the French ISÆN concept should be expanded and improved with European partners in a next step, in order to forward the internationalisation of the technology – as well as to develop it further to a data protection technology that can be applied throughout Europe and is reliable. The study in question is available at http://www.digitaletechnologien.de/DT/Redaktion/DE/Downloads/Publikation/smartdata_studie_isaen.html.

Between 2014 and 2018, the German Federal Ministry for Economic Affairs and Energy (BMWi) funded with the technology programme "Smart Data – Data Innovations" 16 lighthouse projects in total that shall open up the future market of big data technologies for the German economy. "Smart Data" is part of the high-tech strategy and the digital agenda of the German Federal Government. Further information on the technology programme "Smart Data" can be found at www.smart-data-programm.de.


Fact Sheet: The Blockchain Technology

Image source: pixabay

13.03.2019 - The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015 and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.


During transactions on the Internet, whether a purchase, a credit transfer, a land sale or a procedure with an insurer, tamper-proof transmissions and storages of data or money are of fundamental importance, especially in order to prevent any risk of fraud. A reliable solution is thus necessary by which every particular transaction can be retraced transparently. Traditionally, this is done via the documentation of the exchange, e.g. in the case of money, at an intermediary instance such as an involved bank. However, every intermediate instance bears the risk of being manipulated. For this reason, alternative reliable and especially tamper-proof storages are necessary.

Solution approach

The blockchain is a sort of decentralised database or digital tamper-proof register: All details of a transaction are stored in it, comprehensible for all parties involved. An intermediary instance is no longer necessary. The term "blockchain" is based on the fact that relevant information relating to the transaction are connected in blocks like in a chain. The overall information of various blocks, thus the entire chain, constitutes the blockchain.

The blockchain technology

The aim of the blockchain technology is to realise a tamper-proof storage on the Internet without requiring a central reliable instance. For this purpose, the blockchain is stored on all computers involved in the blockchain network: Every node within the network contains thereby a full copy of the blockchain. Just like pearls on a chain, every data block strings on another data block and thus the blockchain is formed. The participants of the network can examine the stored data, such as transactions.

In order to prevent manipulations, various security measures are implemented into the protocol of the blockchain network. Thus, the lawfulness of every transaction is reviewed in advance. For example when transferring bitcoins, it is automatically reviewed by means of the bitcoin blockchain, whether the sender even has the corresponding amount at disposal. A transaction is confirmed by the majority of computers in the network consenting to it. The manipulation of a blockchain thus involves enormous effort. Each block contains, besides the actual data, information on the verification of the previous block in particular. If a block in the blockchain should be manipulated, all following blocks have to be formed again. Since the required computing effort for this is usually only realisable through the majority of the network, but not by individual participants, manipulation security is created.

Application fields

Through the omission of a central reliable instance, there are diverse potential application fields for blockchain. They have already become bearers of hope in various fields, for example in insurance companies, in banks, in fintech start-ups, in the industry or in the public sector. The blockchain as a technology achieved prominence through bitcoin, the best-known cryptocurrency (digital currency). Furthermore, there are currently approaches to put land registries on new, digital feet through blockchains, to revolutionise equity trading and to secure transport chains through so-called smart contracts. In general, the blockchain technology is operational and is already being successfully used in the framework of bitcoin. In further fields it will have to prove itself. Whether in equity trading, in administration or in the insurance industry: The blockchain impresses through a high manipulation security and through the decentralised storage of information, which keeps it intact even in the case of a node failure. Whether it will keep its big promise or not, will be shown by the practical test – as well as its public acceptance.

In the framework of the technology programme "Smart Data – Data Innovations", the transmission of data plays an important role. A special identity management process, which is enabled through the blockchain technology, is the French standardisation initiative ISÆN (Individual perSonal data Auditable addrEss Number). The smart data accompanying research has analysed this process. The study in question is available at http://www.digitaletechnologien.de/DT/Redaktion/DE/Downloads/Publikation/smartdata_studie_isaen.html

Between 2014 and 2018, the German Federal Ministry for Economic Affairs and Energy (BMWi) funded with the technology programme "Smart Data – Data Innovations" 16 lighthouse projects in total that shall open up the future market of big data technologies for the German economy. "Smart Data" is part of the high-tech strategy and the digital agenda of the German Federal Government. Further information on the technology programme "Smart Data" can be found at www.smart-data-programm.de.


Key Points of a European Data Economy

Image source: pixabay

06.03.2019 - The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015 and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.

Interdisciplinary cooperation on research projects

Many technically well-executed, innovative and also marketable research solutions may pose later acceptance and utilisation problems if the legal requirements are not taken into account from the very beginning. If solicitors are lacking in the team, legal regulations are often perceived as a major factor of uncertainty, although the elaboration of individual legal requirements as well as the development of a well-balanced, technical-legal overall concept is possible. With the privacy by design approach, legal questions of data protection shall already be considered and implemented in the technological conception of new tools and business models from the very beginning. Such an involvement of juridical expertise in the development process helps to develop technological solutions that reach actual utilisation maturity through legal conformity and also gain competitive advantages.

Data sovereignty through technology

The actual behaviour of digital offer users often contradict with expressed concerns about data-intensive phenomenons such as big data. In order to ensure the data sovereignty of affected persons technological mechanisms, such as the use of privacy management tools or the automated comparison of data requests and personal preferences, will be required. If it is ensured that the data disclosure is voluntary, this may have positive impacts on the data quality as well as the acceptance and customer satisfaction. Technological solutions should therefore incorporate the users of digital offers.

Conscious data handling

With targeted data handling as well as an early classification of the risks and uses of appropriate remedies, the graded protection concept of the GDPR can be implemented. The different risk investments of data processing in various contexts require the development of an appropriate risk awareness. In general, it simplifies the development of software and components, if the data protection conception does not take place subsequent to the software development, since this may require a time and cost-intensive re-design under certain circumstances.

Data protection as a competitive factor

With the applicability expansion of GDPR in the international context and with the reinforcement of control and sanction mechanisms, previous enforcement deficits may be overcome, so that distortions of competition will be minimised through the decision to act in compliance with the law and a level playing field will be created. Instead of regarding data protection as an economical obstacle, data protection "Made in Germany" should be understood as a competitive advantage, since the public acceptance may also increase with the ensured data protection level.

Regulation and legal certainty

With the elaboration of codes of conduct, the GDPR provides an option for business associations to participate in concretising the data protection law and thus to ensure legal certainty.
Researchers as well as companies are called to give further impetus to the GDPR through the existing participation opportunities. In addition, opportunities to participate in standardisation plans should be used, in order to update the state of the art. 

Related links:

  • The European Data Protection Board (EDPB) composes statements, guidelines and recommendations coordinated and consistent with the European Supervisory Authorities on the interpretation of the GDPR.1
  • Short papers and resolutions of the Data Protection Conference (under the perspectives coordinated with German Supervisory Authorities - subject to deviating resolutions of the EDPB) provide further interpretation aids.2
  • Furthermore, the Supervisory Authorities provide examples3  e.g. on order processing in compliance with the GDPR as well as online tests4 on self-assessment. 


1 https://www.datenschutzkonferenz-online.de/
2 https://edpb.europa.eu/edpb_de
3 https://www.lda.bayern.de/de/kleine-unternehmen.html
4 https://www.lda.bayern.de/tool/start.html

The one-pager was the result of the work of the expert group "Rechtsrahmen" (legal framework) led by Manuela Wagner. The expert group was scientifically supervised by Dr. Oliver Raabe. Further information can be found at www.smart-data-programm.de.

Data as Economic Assets

[Translate to Englisch:] Bildquelle: pixabay

27.02.2019 – The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015 and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.

Establishment of a European data economy

In order to improve the data access and to support the open data economy, incentives for cross-company and international data exchange are required, standardisations and interoperability are technological prerequisites for this. From a data protection perspective, the development of intelligent filtering mechanisms, anonymisation tools as well as concepts for the control of data use are required, which can also be used for the protection of business and trade secrets. The discussed establishment of a property-type legal right of the “data producer” provokes on the other hand the danger of rising transaction costs and the increase of lock-in effects and long-term tendencies towards information monopoles. Since neither a clear specification of a “date” nor a clear allocation to a single “producer” is practically possible as well as overlaps to the data protection law are to be feared, the data ownership should be rejected. It should rather be established a legal framework for data access on a basis relating to competition law while ensuring non-discriminatory conditions and considering the legitimate interests for the protection of business and trade secrets as well as a consistent overall concept in compliance with data protection law. Legal regulatory approaches should not address the exclusivity of data but rather the access to knowledge.

Ensure access to anonymous data

Since data are principally fully reproducible, a real control of data provided can only be ensured through technical solutions for traceability, retraceability and identification of data sources. Both licensing models as well as open data concepts require standardised, normed protocols, interfaces and data formats in the first place. Open, normed and well-documented application programming interfaces (API) can support the establishment of an ecosystem of application and algorithm development and thus provide access to data that are in the hands of companies or public authorities. Conflicting negotiating positions of powerful or less powerful companies as well as private persons should be considered in the establishment of a European data economy. Lock-in effects should be avoided for small and medium-sized companies, start-ups and private persons in particular.

Freedom from discrimination and technology neutrality

publishers and photographs, right holders can exclude smart-data analyses by means of text and data mining (TDM) on proprietary data or charge a licensing fee as far as TDM business models require a (permanent) reproduction or dissemination of original data (e.g. snippets). Should the pure extraction of information constitute an act of exploitation subject to licensing? The conception of data value creation based on licensing chains faces the danger of impeding the social exchange and progress through an exclusive protection with prohibitive transaction costs and thus leading to the monopolisation of information. This problem could be faced through a permission for TDM to extract the information or for mechanisms relating to competition law to grant access under non-discriminatory conditions. This requires the establishment of a non-discriminatory legal framework for text and data mining. 

Support of research and development

Research in the field of smart data is often based on non-personal data from the company context. In the establishment of a right of access to data, it must be taken into account that the distinction to personal data is often fluid and can change over time through new complementary knowledge or through an improvement of analysis methods. A right of access (relating to competition law) to anonymous data should balance the conflicting interests and focus on a non-discriminatory access and interoperability. The data bear great added values for analyses in the public interest or for scientific purposes. Anonymisation methods can also be used e.g. besides the protection of personal data, in order to remove a company relation from the dataset.

Further information can be found at www.smart-data-programm.de and at www.digitale-technologien.de.

Contact persons: PD Dr. Oliver Raabe and Manuela Wagner


Data-Driven Business Models Require Entrepreneurial Responsibility

[Translate to Englisch:] Bildquelle: Pixabay

20.02.2019 – The German Federal Ministry for Economic Affairs and Energy supported in the framework of the funding programme “Smart Data” the development and testing of application-oriented technologies in the field of big data, between March 15, 2015 and September 15, 2018. The FZI Research Center for Information Technology was as the consortium leader co-responsible for the accompanying research of the programme “Smart Data”. The aim was to support the funding project in the implementation and to strengthen the funding initiative. Results of the accompanying research will be prospectively found here at the FZI Blog every week.

Social debates focus on business models

In the organisation of smart data business models in Germany, different challenges arise that have to be overcome for the development of a data economy. It is thus important to organise the trade in data sustainably since this is necessary for companies in order to enrich own data records. A premature clarification of data availability issues thus plays a superordinate role for companies. The more data are available, the more attractive it gets for all actors to use the platform.

If data are only available to a company, they often have to be pre-processed work and cost-intensively in order to be used at all. There is still a major challenge in the development and establishment of technological standards for criteria and measures in the quality evaluation of data. This applies especially to the field of open data.

Open data as an opportunity for the German data economy

The publication of data in form of open data provides for example the opportunity to meet the social need for information and access to the knowledge of public authorities. However, open data does not only enhance the trust of citizens in public institutions, but also has a significant use for the economy.

It is important to set the framework conditions for open data in such a way that as many data as possible are available as open data under transparent and effective licences. At the same time, acceptance and trust issues should not be neglected, so that as many and relevant actors from science and research, from economy as well as from the civil society as possible can contribute. Communities need to be built, which contribute on their own initiative and sustainably to the provision, dissemination and analysis of open data, but also to the development of methods, tools and platforms for the analysis.

Value proposition and acceptance

How to realise a value proposition? And are acceptance and trust sufficiently taken into consideration in organising? Often, this is where the indications for the reason of economic failure and ephemeral companies lie. Even though, the aim of each company is to be long-term economically and socially successful.

Especially in the platform economy, scale and network effects are decisive for the success, but they significantly depend on the use of users. This willingness to use does then again depend very much on how offers can successfully try to gain trust; trust again can only be achieved where neither valid data protection regulations are contradicted nor social nor ecological added value creation processes are prevented. Here comes the Corporate Digital Responsibility into play.

Corporate Digital Responsibility

The concept of the Corporate Digital Responsibility (CDR) addresses the responsibility of companies towards collected data: These are also and especially personal data, data that constitute the majority of the total incoming data. Personal data are subject to the right to informational self-determination that derives from the basic law of the general right of personality.

The tension between the often contradictory interests of informational self-determination on the one hand and the justifiable added value efforts of the companies on the other hand are addressed by the CDR. Examples for CDR measures are, for instance a consequent transparent communication in data processing and storage or the simplification of authorisation processes. An implemented CDR concept, in which the interest of customers, employees and of the company itself are equally addressed, can generate competitive advantages.

Further information can be found at www.smart-data-programm.de and at www.digitale-technologien.de.

Contact persons: PD Dr. Oliver Raabe and Manuela Wagner

Computer Scientists Making History

Image source: FZI Research Center for Information Technology

16.11.2018 – Several years ago, when Juan Camilo Vasquez Tieck found out about the Human Brain Project, he was immediately impressed. So impressed that he decided to research for his doctorate at the FZI in order to work with other researchers together on the project. In his interview he explains what fascinates him so much about it.

FZI Blog: In 2002, you started to study Mechanical Engineering and two years later you started to study Informatics at the same time. How did this happen?

During my studies in Mechanical Engineering I had a lecture in which we learned the basics of programming. I had so much fun that I decided to attend another lecture in Informatics in the following semester. This lecture was also very interesting and I thus decided to study Mechanical Engineering and Informatics simultaneously.

FZI Blog: What fascinates you most about Informatics?

On the one hand, I like that you have a lot of freedom in programming and you can develop new things. One the other hand, it is great to know how the various technologies work, since I am very interested in them. I think that the most exciting thing is to work with robots and in this context it is important to be able to programme.

FZI Blog: How did you decide to work at the FZI?

I was still a student when a friend of mine told me about the Human Brain Project. At that time, he was research scientist at the FZI. I found it very interesting, so I applied for a job as a research assistant at the FZI. I got the job and after completing my master programme, I had the opportunity to work as a research scientist for the Human Brain Project at the FZI and to conduct research for my doctorate. I think that we can “make history” with this project or at least make an important contribution to future-oriented research and technology.

FZI Blog: What is the Human Brain Project about?  

The Human Brain Project is a research project of the European Commission in which 120 partners from around 30 countries work together. The aim of the project is to understand the human brain. It is about collecting the existing knowledge about the human brain and recreating the brain by means of computer-based models and simulations. For one thing, medicine benefits from it, since new insights into the human brain and its diseases can be gained. However, these insights are also relevant for computer and robotic technologies – and thus for the FZI.

FZI Blog: The FZI participates in the Human Brain Project with the subproject "SP10 Neurorobotics". What is it about?

The aim of “SP10 Neurorobotics” is to provide researchers and developers with a common infrastructure, in order to link brain models with realistically simulated robots and working environment so that the resulting neuro-robotic systems can contribute to the development of innovative robotic technologies. The FZI participates in the framework of the project, in the development of the Virtual Neuro-Robotic Simulation Platform (VINERO). It will provide the software necessary to run closed-loop simulations with brain models connected to simulated robotic platforms capable of interacting with their environments. 

FZI Blog: The FZI participates in the exhibition Open Codes at the ZKM in Karlsruhe. Which project will be presented there and what do you want to convey to the visitors?

We will present a short video on the Human Brain Project, which explains what it is about and how it all works. In addition, we will present VINERO. We will also bring our assistance and service robot HoLLiE.

Juan Camilo Vasquez Tieck studied both Mechanical Engineering with the focus of studies on product development and control engineering as well as Informatics with the focus of studies on software engineering and mechatronics at EAFIT University Medellin. In 2011, he came to Germany and attended the master programme Informatics at the Karlsruhe Institute of Technology (KIT). Since July 2015, Juan Camilo Vasquez Tieck has been research scientist at the FZI in the research division Intelligent Systems and Product Engineering (ISPE) and has been researching on the Human Brain Project.

Brainstorming, Developing and Tinkering at the Audi Kreathon of Logistics 2018

Photo credits: FZI Research Center for Information Technology

What did you do this summer? "I built prototypes at Audi." This is how 50 students and pupils in total can answer this question. From 8 to 11 June 2018, the second "Kreathon of Logistics" took place in the Audi R8 manufacture Neckarsulm. Pupils as well as students of various universities and disciplines were invited to develop prototypes to the subject "Digitalisation of Material Flow" in teamwork. Right in the middle of it: the FZI employees Laura Dörr, Dr.-Ing. Anne Meyer and Dr.-Ing Dominik Riemer as well as Felix Brandt.

The aim of the three-day event was to develop a functioning and tangible prototype. The required hardware components were provided by Conrad Electronic. Together with employees of the Institute for Material Handling and Logistics (IFL) at KIT, Laura Dörr, Anne Meyer, Dominik Riemer and Felix Brandt supported the organiser Audi Sport in the event planning. "We prepared the agenda together and evaluated and preselected suggested topics in advance. We did also prepare small software components that the participants were allowed to use for their prototypes," explains Laura Dörr. During the event, they and their colleagues of the FZI and KIT also mentored participants of the Kreathon in methodical and technical questions. The employees of the FZI did also develop an own prototype for an innovative system for car park monitoring and vehicle localisation together with two pupils during the event. One of the pupils was so motivated after the Kreathon that he decided to further develop the prototype during a six-week internship at the FZI. "It was nice to see how much fun everyone was having. I was really impressed by the things the young people did within three days," remembers Laura Dörr. The main highlight of the event: the closing presentation. The participant groups were able to present and demonstrate their developments to the plant management and an interested Audi team at a mini trade fair. Particularly an app for transport order distribution, which promotes having fun at work and employee motivation through gamification approaches, raised great enthusiasm.

The conclusion of the FZI employees? "We really enjoyed supporting the participants conceptually and technically," explains Laura Dörr. The FZI team is pleased to support Audi Sport again at the next Audi Kreathon of Logistics.


Career (with a Child) at the FZI: Administrative Manager Dr.-Ing. Nicole Groß

The daily life of a working mother in a leading position is exciting and challenging. Dr.-Ing. Nicole Groß, administrative manager of the FZI, gives us insights into her daily working life in this interview.

FZI Blog: You studied Electrical Engineering and Information Technologies and conducted research for your doctorate at the FZI in the department Embedded Systems and Sensors Engineering (ESS). How did you become the administrative manager of the FZI?

When I was working in the area of ESS, I was also responsible for setting up a quality management system for medical devices according to ISO 9001 besides my scientific activity. Later on, I was also involved in the development of an institute-wide quality management system for all divisions of the FZI. This gave me deep insights into the processes of the FZI, which was my ticket to the central divisions. After completing my doctorate, I was offered the opportunity to take over and further develop the FZI's quality management on my own responsibility. Over time, my area of responsibility grew. Today I am, as the administrative manager, responsible for a large number of employees and departments of the central division.

FZI Blog: What do you like most about your job?

I think it is great to be responsible for employees and to be able to work with and for the employees. I also appreciate that you have the opportunity to contribute and to show initiative in order to design your own workplace at the FZI and to bring the FZI forward. This is certainly not necessarily the case with every employer.

FZI Blog: You have a child.  How old is your son and how did your job change after you became a mother?

My son is two years old. His birth changed everything for me. I had to completely reorganise my private life as well as my job. This is fun, but also a great challenge. And since I am currently only working part-time, I have to organise my work thoroughly much more than I used to. In the last years, the departments I am responsible for have also grown enormously which was also a great challenge. As a part-time working mother, I had the opportunity to retain responsibility in my role as administrative manager. However, I have to make sure that I do justice to this role even with a reduced hourly rate.

FZI Blog: How do you manage your daily life as mother and administrative manager of the FZI?

My daily life is extremely jam-packed. The complete workflow and organisational process has to be coordinated according to tight business hours, attendance times as well as availability periods. Flexibilities of the FZI, of colleagues and of the family are really valuable, in order to be able to balance between being an administrative manager and a mum with a toddler.

FZI Blog: Many colleagues at the FZI are also parents. Is the FZI a family-friendly employer?

Yes, I think so. A big family-friendliness that the FZI offers is flexibility. We have trust-based working hours, this means that there are no provisions specifying when we have to start to work, and we can thus occasionally also keep important, private appointments. In addition to that, there is the employee retention working group, in which they are, amongst others, working together with employees of the FZI on increasing the family-friendliness of the FZI.

FZI Blog: Is there someone who has strongly supported you in your career? If so, how did he or she help you?

Our director, Prof. Dr. Wilhelm Stork is one of the main reasons why I came to the FZI and I was able to conduct research for my doctorate, which I am very grateful for. And also Jan Wiesenberger, member of the Board of Executive Directors of the FZI. I owe him that I was able to switch into the central divisions as well as that I am where I am today and that I have the opportunity to work in my position also as a mother.

Nicole Groß studied Electrical Engineering and Information Technologies at the Karlsruhe University (TH) and worked at the FZI as research scientist in the research division Embedded Systems and Sensors Engineering (ESS). After completing her doctorate, she assumed responsibility for the quality and knowledge management at the FZI in 2012. Since 2014, she has been the administrative manager of the FZI and responsible for human resources, the accounts department, project and order management, the purchasing department and the legal department.

The Age of E-Health: Medicine Meets Information Technologies

Photo credits: FZI Research Center for Information Technology

25.09.2018 - Electronic health files, telemedicine services, health portals and online pharmacies – digitalisation is also proceeding in the health care system. In recent years, the disciplines of medicine, IT and health management merged to form so-called “E-Health”. But how did this development actually emerge?

Until a few years ago, medicine did mainly use analogue technologies. Medical data were captured and printed out, so that the responsible physician could make the diagnosis on the basis of the print. Meanwhile, a trend is emerging: “In the meantime, there are first signs of a digitalisation of the health sector,” explains Christoph Zimmermann, Department Manager at the FZI Research Center for Information Technology in the research division Embedded Systems and Sensors Engineering (ESS). In his work, he deals with innovative information technology solutions for the health care system. In the field of application Smart Home and Ambient Assisted Living (AAL), he and his colleagues develop technologies that increase the safety and comfort of handicapped or elderly people in everyday life. Christoph Zimmermann’s opinion is that an interdisciplinary cooperation between information technologies and medicine offers many advantages: “Processes were digitalised, which led to huge time savings in almost every field of the sector. For example, medical protocols are increasingly being automated and not created manually. This leaves more time for the patient,” explains Zimmermann. Another advantage: The use of interconnected information and data analysis can increase the added value of medical products.

However, not only physicians and caregivers rely increasingly on digital solutions. Hard- and software solutions have also reached private life in order to reply to health and sports questions. The trend is called “Quantified Self”, which reached the consumer market a few years ago. More and more private persons started to measure their health and physical fitness – for example with Apple Watches, which measure the heart rate or fitness trackers, which determine the sports success. However, it quickly became clear that application levels were needed that collect, process and evaluate the data and thus provide private persons but also researchers with added value from “Quantified Self” solutions. The FZI develops such application levels together with partners from medicine,” states Zimmermann.

Further selected developments of the health sector will be presented by the FZI by means of 13 projects at the Karlsruhe Trade Fair Centre (Messe Karlsuhe), Aktionshalle (Events Hall), booth C10 at the AAL congress on 11 and 12 October. The exchange with visitors as well as other participants plays an important role for the FZI. “We are always open to cooperation and look forward to manufacturers contributing ideas or exploiting project results. Moreover, we are interested in the feedback from users and patients,” explains Zimmermann.


Career at the FZI: Dr. phil. Thomas Meyer About His First Months as the Manager of the Division ESS

Photo credits: FZI Research Center for Information Technology

03.08.2018 – Every beginning is difficult. Or maybe not? Thomas Meyer has been working at the FZI for two months as Division Manager of the research division Embedded Systems and Sensors Engineering (ESS). In his interview he tells us where he worked before and how he experienced the first two months at the FZI.

FZI Blog: Where did you work before?

For the last ten years I worked at KIT and managed a research group at the Institute of Vehicle System Technology, which is actually not usual for a historian. Most of the employees were from the field of mechanical engineering. For the last eight years I have also been Manager of the KIT Mobility Systems Center, which bundles the various research activities at KIT in the field of mobility.

FZI Blog: Did this job prepare you well for the tasks here?

Yes, I think so. Similar to the FZI, I had the task of moving various actors in the same direction. This requires a lot of coordination and communication, which I really enjoy. Through my job at KIT, I was also familiar with the research and university environment as well as most of the directors of the FZI.

FZI Blog: How did you experience the first two months at the FZI?

I was pleasantly surprised by how friendly I was received as a newcomer, as most of the division managers have already held different positions at the FZI. Unlike me, I came in from outside of the FZIInstitute. At the beginning I had to become familiar with the structures and processes of the FZI, which I also enjoyed. The two months passed surprisingly fast.

FZI Blog: What was your biggest challenge at the beginning?

It wasn’t that easy to remember all names. I have about 30 employees – about as much as a school class. In contrast to a teacher however, I don’t see every employee every day, which made it difficult to remember all names. It was also challenging to gain comprehensive knowledge of the processes and structures of the FZI within this short period of time.

FZI Blog: Why would you recommend young researchers to work at the FZI?

The FZI is an institution with a very positive spirit and a pleasant work atmosphere. Besides that, the conditions for conducting research are very good at the FZI: You get to know each other quickly and receive good support by the professors. Young researchers at the FZI have also the opportunity to participate in exciting and important questions, for example on topics from the fields of mobility, health care, data security or automation.

FZI Blog: What do you/I have to do to work as a division manager at the FZI?

I don’t think that you can qualify for this job linearly. It is the combination of experience, a certain network and the disposition to address new questions, which is also important.

You can find the video with Thomas Meyer here.

Thomas Meyer studied History with the focus of studies on the History of Technology, Philosophy and Mediaeval Studies at the Karlsruhe Institute of Technology (KIT) and the Albert Ludwig University of Freiburg. In this context, he has dealt with topics from the fields of mobility, automotive history, urbanisation, and innovation research, among others. Since May 2018, he is the Manager of the research division Embedded Systems and Sensors Engineering (ESS).


Furby Home Alone – Dangerous Functions of a Toy

01.08.2018 - Children love it, it wiggles its ears, babbles, sings, dances and needs attention – the Furby. In the 1990s, the electronic playmate that is originally from Japan was to be found in almost every children's room. In 2016, the manufacturer Hasbro launched Furby Connect. The new, smart Furby can be connected via Bluetooth with the smartphone or with the tablet. An experiment of the Competence Center for IT Security, which is managed by Jochen Rill, the manager of the field of cryptography, shows the risks of the new function.

"Alexa, turn the lights off!", commands the pink Furby in the experimental setup of the researcher. And the smart lighting system goes off. The team of the Competence Center for IT Security has succeeded in modifying the Furby so that it can give commands to the language assistant Amazon Echo, which willingly executes them. "Furby Connect has an unsecured radio interface that lets you make him say everything you want to", explains Jochen Rill. If an electronic locking system were connected to the language assistant, hackers could even use Furby's help to have Alexa open the front door. The FZI researcher explains why this is possible: "Language assistants like Alexa only process what they hear, but not who the command comes from."

Since the Bluetooth connection has a range of approximately ten meters, it might be conceivable that a hacker is on the doorstep and accesses Furby from there. This is not even particularly complicated as the Bluetooth interface of the smart toy is unsecured."Most of the Informatics students in the first semesters would be able to do this," says Jochen Rill. Although the burglary scenario with Furby is quite unlikely, the FZI researchers’ experiment shows how unsecure voice commands without further authentications are. Furthermore, smart toys like the Furby are not the only devices that can talk to Alexa and give her commands. "A smart radio alarm, a baby-phone or an answering machine with a speakerphone – generally, all audio devices with unsecured radio interfaces can be manipulated in this way", explains the FZI researcher.

Furby does not have a switch-off function. However, there are other possibilities how owners can protect themselves against unwanted access by hackers. The simplest form: Remove Furby’s batteries. For other smart audio devices it is recommended to switch off the microphone or simply pull the plug. In contrast to Google Home, with Amazon devices it is possible to change the wake word "Alexa" to another one.

Jochen Rill has been working at the FZI since 2013 and is currently managing the field of cryptography of the Competence Centre for IT Security. In the framework of his doctorate, he focuses on the cryptographic modelling of complex, realistic systems and the detection of their security characteristics. The researchers of the Competence Centre for IT Security have been working on the security of smart devices for quite some time. The idea of the Furby experiment originates from the fundamental fear that poorly secured devices could become gateways to invaders in the smart home- the Furby, which can turn off the light, impressively demonstrates the consequences.


Research Project "PflegeCoDe" Optimal Support for People Suffering from Dementia

25.07.2018 - The number of people suffering from dementia increases every year. In spite of the need for care, most patients want to stay in their familiar environment as long as possible. The concept of outpatient care fulfils this desire, but is often associated with a feeling of insecurity for the relatives and presents a challenge even for professional carers. The research project "PflegeCoDe" aims to change this.

In order to improve the quality of life for patients and their relatives, as well as for carers, the FZI is currently conducting research in the project "Pflegecoaching für die optimale Unterstützung von Menschen mit Demenz" (care coaching for the optimal support of people suffering from dementia) – short "PflegeCoDe". This is a support system that can be used as an app via smartphone or tablet. An interactive, electronic coach is meant to have a positive impact on the course of dementia, for example by providing the carer with relevant information for a better understanding of the course of the disease. These information help to detect the disease early and to take initial measures. Moreover, the further course of dementia is continuously observed, which gives relatives more security – just like an integrated help platform that provides useful care and support tips. A further important function of "PflegeCoDe" is the electronic fall detection. The app is connected with sensors installed at the patient’s home that detect when the patient falls. In this case, relatives and/or carers will be informed immediately.

The research project "PflegeCoDe" has a duration of three years and is funded by the German Federal Ministry of Education and Research with a total of EUR 1.6 million. Further information on the project as well as current research results can be found at: http://www.pflegecode.de/

The project coordinator is the BruderhausDiakonie in Reutlingen. Further project partners are, besides the FZI Research Center for Information Technology, the Fraunhofer Institute for Manufacturing Engineering and Automation IPA in Stuttgart, the Gemeinnützige Gesellschaft für Psychiatrie in Reutlingen, the Cervis GmbH from Oberhausen, the imc information multimedia communication AG from Saarbrücken, Viktat Hausnotruf GmbH from Rheine as well as the GS Electronic Gebr. Schönweitz GmbH.

Further information on the project can be found: in this video.



Business Lunch of the FZI Friends‘ Association - Alexander Rabe About the Digital Infrastructure in Germany

Photo credits: FZI Research Center for Information Technology

18.07.2018 - On 11 July 2018, the annual business lunch of the FZI Friends‘ Association took place at the Hotel Erbprinz in Ettlingen.

This year, the guests of the business lunch discussed about the digital infrastructure in Germany. In his lecture, Alexander Rabe, Manager of eco – the Association of the Internet Industry, talked about the possibilities of strengthening the digital infrastructure in Germany. He presented the challenges that Germany has to face on this topic and explained the requirements that still have to be fulfilled in order for Germany to remain a leader in the field of digitalisation in the future.

You can find Alexander Rabe’s lecture in full length here.


Career at the FZI: Researcher of the FZI Conducts Research on Bodiless Walking Robots

Photo credits: FZI Research Center for Information Technology/ Andreas Drollinger

06.07.2018 – An FZI researcher’s working day. Far from monotonous. In this interview, Timothée Büttner, research scientist of the research division ISPE, gives an insight into his daily work.

FZI Blog: How would you describe the FZI in three words?

Ambitious, visionary and collegial.

FZI Blog: What does your typical working day look like?

In the morning, first of all we have coffee and I check my emails. Afterwards I work on different projects usually together with my colleagues or I have to attend meetings. I also occasionally support the FZI Director Professor Dillmann and my direct supervisor Arne Rönnau in the lecture "Biologisch motivierte Robotersysteme" (Biologically motivated robot systems), which takes place in the summer term at the Karlsruhe Institute of Technology. For the lectures, I support them in the preparation of the material and I am happy when my main subject is dealt with in the lecture, namely biomechanics of robots as well as evolution and bionics. This is very interesting and fun. My tasks also include supporting student assistants. Currently, five students are supporting me in projects as well as in the research for my dissertation. I always try to involve the student assistants as much as possible into the projects and research but still give them freedom when working on their tasks.

FZI Blog: Which qualities do you think a research scientist should have at the FZI?

Definitely endurance and curiosity. But also creativity. This is particularly necessary when it comes to solving problems that have arisen at short notice. This is relatively common in research, because we are on new, unexplored terrain and it is not always foreseeable how things will go. In order to find good solutions quickly, we often have to think outside the box. Being creative helps.

FZI Blog: What does excite you the most about your function as a research scientist?

The variety. A job where I sit in front of a PC the whole day would not seem right for me. Here, I usually work simultaneously on several projects, programme as well as fiddle around with a lot of our robots at the same time. I also regularly participate in trade fairs, such as Hannover Messe or MOTEK, where together with my colleagues I represent the FZI externally. For my dissertation I also write and publish papers, which include my latest research results. I have the pleasure of presenting them frequently at international conferences. In a few weeks I will be travelling to a conference in Panama, for example.

FZI Blog: What is the topic of your doctorate?

Most walking robots look like bugs and their construction is self-contained. With my dissertation I want to change that. I want to remove the body of the robot, so that the robot consists of only six individual legs that contain the intelligence of the robot. The individual legs are supposed to be attached to different objects and to communicate with each other. The aim is to enable them to jointly lift and move an object, for example a suitcase or a beer crate. Stairs or rough terrain should also be feasible for the robot legs.

Timothée Büttner studied Mechanical Engineering with the specialisation in Product Engineering and Construction at the Karlsruhe Institute of Technology (KIT). In 2015, he finished his studies with his diploma thesis at the Institute of Product Engineering (IPEK). Since March 2016 he has been working as a research scientist in the department of Interactive Diagnosis- and Service Systems at the FZI.

WhatsApp and Co.: Who Has Access to My Data?

Photo credits: FZI Research Center for Information Technology

27.06.2018 – In order to use certain apps on the smartphone like cloud applications, social media networks and instant messengers, users regularly disclose personal data unconsciously. Often, they are collected, stored, evaluated and utilised by large corporations – and even without users immediately noticing or understanding the algorithms. Currently, researchers of the FZI are developing together with researchers from the Karlsruhe Institute of Technology (KIT) the software application AVARE to counteract this.

AVARE stands for "Anwendung zur Verteilung und Auswahl rechtskonformer Datenschutzeinstellungen" (application for the distribution and selection of privacy preferences that are in compliance with the law). The aim is to develop a software application that enables users to prevent or control the disclosure of personalised data. Users can enter their data protection preferences centrally in a profile, which is valid for various end-user devices, for example their smartphone, tablet or PC.

With the commencement of the General Data Protection Regulation (GDPR) on 25 May 2018, the society was made aware of the subject of data protection. Particularly, companies are affected by the new provisions and they can also benefit from AVARE, for example when the concept "Bring your own device" (BYOD) is applied in a company. In doing so, the company’s employees use their private, mobile terminal device also for business purposes. These usually feature applications such as WhatsApp and Co. that are used by employees for private purposes. However, this is critical for companies in terms of data protection when, for example, company contacts are thus disclosed. AVARE can now be used to automatically synchronise only the selected contacts instead of all contacts of the address book as it was previously the case when using Instant Messenger. Moreover, it can be determined that only relevant information is disclosed. This is, in this case, the name as well as the phone number of the contact. Other data, such as the date of birth, email address or address, will not be disclosed. This filtration is an example of how AVARE enables companies and private persons to prevent or control the disclosure of personal data.

Partners of the FZI are, in the framework of the project AVARE, the Center for Applied Legal Studies (ZAR) at KIT as well as the Institute of Applied Informatics and Formal Description Methods (AIFB) of KIT. The ZAR is responsible for the jurisprudential consideration – in fact, AVARE has to comply with the law as an application. The AIFB focuses on the conception as well as the usability of AVARE. The aim is to find a solution that can also be used by a legal and technical layman without any problems.

The project was launched on 1 November 2015 and has a duration of three years. At the end of the project, on 31 October 2018, AVARE is supposed to be available as a prototype Android application. A first version of the open source software is expected to be released in August this year. For research and development purposes, the source code will be available on GitHub under the Apache 2.0 license, allowing other developers to develop it further. The project is funded by the Baden-Württemberg Stiftung gGmbH.

The research scientist Sascha Alpers and his colleague

Ainara Miller-Askar are responsible for the project AVARE at the FZI.

On Our Own Account: The FZI presents itself

22.06.3028 – The FZI Research Center for Information Technology in the heart of the sunny “Fächerstadt”: More than 170 young researchers are working on research projects here, either on direct order of industrial partners from Germany and abroad or publicly funded, for example by the German Federal Ministry for Economic Affairs and Energy. They are supported by more than 340 research assistants.

Karlsruhe, Monday, 10 a.m. A research scientist tests algorithms for autonomous driving with the help of a model car in the FZI House of Living Labs. A camera system that is mounted on the ceiling evaluates the driving behaviour of the vehicle and determines whether the model car leaves the track or not and how much time it takes for a lap. However, the field of application mobility is only one of seven in which the FZI is active.

At the FZI, research is also conducted, for example on topics of the fields of software engineering, health care or production and logistics. In these and further fields of application, research scientists of the FZI support the clients in the development of new, innovative products and services as well as in the optimisation of processes. Research is not only conducted in Karlsruhe at the FZI House of Living Labs – a unique research environment for information technology applications on an area of over 2.000m² in which researchers of the FZI do experimental research – but also at the branch office in Berlin where researchers of the FZI gain practical experience for their scientific and academic career by further developing information and communication technologies.

Those who wonder what other topics the FZI deals with and what makes it such a special research institution will find the right answers in the video.

Bee rescuer at the FZI

20.06.2018 – Even the theoretical physicist Albert Einstein knew that bees are the most important animals on earth, since humans cannot survive without them. It is thus alarming that each year the number of dying bee colonies increases. Among the reasons are the lack of food, pesticides as well as dangerous parasites and other pathogens. The FZI employee Matthias Diel spends his free time on working on the project apic.ai with his team. The aim: to save bees with the help of artificial intelligence.

The project name Apic.ai consist of three components. Firstly: apis, Latin for honeybee. Secondly: pic, English for picture. And thirdly ai: the abbreviation for artificial intelligence. These three components describe very well what the project is actually about. Matthias and his two colleagues have developed a system, which virtually captures the bees while entering and quitting their beehives. A software evaluates the image data with the help of neural networks and recognises whenever the bees swarm, whether they have enough to eat or whether they are infested with parasites and how the variety of pollen, nectar and honeydew changes in the surroundings during the year. Apic.ai should enable beekeepers to work fast and minimal-invasive.

Matthias is responsible for the hardware in this project. The camera system that was developed by the 26-year-old electrical engineer is self-sufficient. This means that it works via cable independently of a power supply and internet connection. He is also responsible for the server on which the captured image data is saved. His team mate Katharina is a bee whisperer, she knows the beekeeper’s needs and takes over managing tasks, while Frederic is responsible for the development of the software.

Matthias and his team mates have been working on this project since early 2018. They receive funding in the form of mentoring and equipped working areas by CyberLab, the IT accelerator for the State of Baden-Württemberg operated by CyberForum. Moreover, they were ranked first at the start-up competition “Start-up BW Elevator Pitch”, won EUR 500 and qualified for the national final on 21 June 2018.

Matthias Diehl studied Electrical Engineering at the Karlsruhe Institute of Technology (KIT) and has been research scientist at the FZI Research Center for Information technology since February 2018. The researcher is working in the research division Embedded Systems and Sensors Engineering and engages in his research with medical engineering.

Researchers of the FZI Win a Price at the BMVI Hackathon – 6 Questions to Dr. Ing. Dominik Riemer and Philipp Zehnder

08.03.2018 - From 2 to 3 March, researchers of the FZI Research Center for Information Technology participated in the Data-Run of the German Federal Ministry of Transport and Digital Infrastructure (BMVI) and finally returned, with the price for creativity in their pockets, to Karlsruhe. During the interview with our editors, Dr.-Ing. Dominik Riemer and Philipp Zehnder explained which strategy they used in order to receive the award.

FZI Blog: What was the BMVI Data-Run about?

Dr.-Ing. Dominik Riemer: The BMVI Data-Run is a hackathon of the German Federal Ministry of Transport and Digital Infrastructure. In the framework of the open data strategy of the federal government, the BMVI designed the open data portal “mCLOUD” a few years ago. Open data sources of the ministry’s divisions, for example of traffic, noise pollution and emissions are made accessible to the public with the aim of supporting the development of innovative applications around the subject of mobility. The aim of the Data-Run was to develop and present an innovative solution based on the data provided within 24 hours.

Philipp Zehnder: The motto of the year was “Intelligente emissionsarme Mobilitätslösungen in Städten” (intelligent low-emission mobility solutions in urban areas). Against the background of the current political debate, the aim was to develop creative solutions for the reduction of emissions of the transport sector in urban areas. We worked on the question of how incentives can be created so that people do not always use the same means of transport on routine rides out of habit, for example on the way to work, but rather use the best means of transport that can change daily, depending on the weather, roadworks (people from Karlsruhe will know this!) or traffic.

FZI Blog: How many other teams have you competed against?

Philip Zehnder: A total of 17 teams participated. The team size varied significantly, we were almost the smallest team with two people, and other teams were represented by up to eight people.

Dr.-Ing. Dominik Riemer: However, we cannot say that we competed “against” other teams. The atmosphere was just like a concurrence of many people with the same interests, which is to develop something cool and useful within a short time. The exchange with the other participants was definitely really good. Many groups have developed great ideas, which will hopefully be followed up.

FZI Blog: For those readers who are not familiar with Hackathon: What is the difficulty of it?

Dr.-Ing. Dominik Riemer: It is about developing a solution within a limited period of time that has to be presented in front of an audience and a jury subsequently. In this case, the Hackathon took only 24 hours, which is not a lot of time to develop an idea, build a prototype and subsequently prepare a presentation. You should not get bogged down, besides that you have to concentrate on the things you ultimately want to show.

Philipp Zehnder: The lack of sleep is also a problem – we did not manage to work all night without taking a break and slept for a couple of hours, but other teams did work the whole time without even taking a break.

FZI Blog: What was your strategy?

Philipp Zehnder: At the beginning, we did not even have a strategy at all – we wanted to familiarise with the existing data sources on our way to the Hackathon in the train, but our train got cancelled and we thus had no Internet connection. The Hackathon started at 3 p.m., we then looked at the data for the first time and dispelled our first idea immediately. At some point we had the idea of a personal assistant.

Dr.-Ing. Dominik Riemer: We definitely wanted to show something that worked – for this purpose we had to integrate, among other things, the real-time data of the traffic news from Frankfurt. The data format, shall we say, was not that easy to read – I can still remember how I was still working on bounding the first data source at 8 p.m. and had doubts whether we would manage developing something that worked. Early in the morning at 4 a.m., it already looked different. ;-)

Philipp Zehnder: At the end, we had an executable tool that we could also present at the end of the event live – we were quite shaking, but everything worked.

FZI Blog: Which performance is awarded with the price for creativity?

Dr.-Ing. Dominik Riemer: The jury said in their laudation that they were convinced by our solution, because on the one hand there was potential to connect many different data from public sources and on the other hand there was a very accessible opportunity created for users to handle the data with the Chatbot developed by us. Many open data are still difficult to access for people with no developmental knowledge especially when data has to be machine-readable at the same time. Our solution relies on speech and thus allows a natural interaction and also covers many interesting application scenarios at the same time – in our demo we showed an example in which we offer citizens a discounted ticket in case of increased fine dust pollution.

FZI Blog: Does the FZI frequently participate in Hackathons?

Dr.-Ing. Dominik Riemer: In our research division Information Process Engineering (IPE) there are definitely some people who have already jointly participated in Hackathons, for example at Deutsche Bahn. At closed meetings of the chair of the FZI’s scientific director Prof. Dr. York Sure-Vetter and of IPE, we frequently have groups that jointly develop tools in a short period of time. However, this was my first big Hackathon.

Philipp Zehnder: I have already been at the event “Hackzurich” several times as a student. It is the biggest Hackathon in Europe. What I enjoyed a lot was how well everything was organised at the BMVI Data-Run – I was able to completely focus on coding, since it was taken care of everything.

Dr.-Ing. Dominik Riemer is department manager at the FZI. He wrote his dissertation on the subject of "Methods and Tools for Management of Distributed Event Processing Applications".

Philipp Zehnder works as a research scientist at the FZI. His research interests are in the fields of stream processing, machine learning, container technologies and distributed systems.

Further information on the Hackathon as well as a photo gallery can be found on the website of the BMVI.

Team FLA²IR Ready for the Final Phase of the European Robotics Challenge

15.02.2018 - On February 27, team FLA²IR takes part in the finals of the European Robotics Challenge.

On February 27, the finals of the European Robotics Challenge (EuRoC) are going to take place at Adam Opel AG in Rüsselsheim, Germany. Team FLA2IR, consisting of the FZI, Adam Opel AG and MRK Systeme, has been very busy preparing for the final phase of the challenge, where they are going to show how to attach a flexible polymer-based sealing strip on various models of doors with a robotic arm, which can work in close proximity to humans.

After reaching the final phase of the EuRoC challenge, team FLA²IR focused on designing innovative solutions to use robotics in areas of automation that were not automatable before. One of the main challenges of handling polymer sealings is that it cannot be mounted with classic robot control methods, since they require precise force control and good coordination skills that common industrial robots are unable to achieve easily. In the finals, this challenging application is going to be setup and demonstrated on the shop floor at Opel in Ruesselsheim.

To do this, they have developed different skills such as force-based manipulation for assembly and web-based tools to teach the robot the trajectory to follow, using the ROS Industrial interface. Despite the specialised application, these skills can be quickly transferred to solve different industrial challenges in the future.

A video on the FZI YouTube channel shows more about the work done by team FLA²IR at the showcase round. During this phase, the team was able to show that it is possible to assemble a polymer sealing with a robot. Now in the finals, they are going to demonstrate that this can also be done in a realistic automotive production scenario.

At the FZI, research scientist Georg Heppner is responsible for both the participation in the European Robotics Challenge and the work of team FLA²IR.


Why are Passwords So Important? 5 Questions to Roland Gröll, FZI Researcher

01.02.2018 - On the "Change Your Password Day" we ask Roland Gröll, from the Competence Center for IT Security, why passwords are important, by which means these often can be cracked and how far research is advanced concerning this subject.

FZI Blog: The "Change Your Password Day" takes place on 1 February. Why do we even need passwords?

Roland Gröll: With the help of passwords, it is ensured that only the person who knows the password can sign in for a service or on a computer.

FZI Blog: How often should we change our passwords?

Roland Gröll: Strong passwords don’t have to be changed regularly. This is likely to be the case if someone assumes that the password became known. There are studies that show that frequent changes of passwords can lead to users choosing weak passwords. There is thus the possibility that trough a too frequent change of passwords the security gets decreased instead of increased.

FZI Blog: What makes a password a strong password?

Roland Gröll: A password should ideally be hard to guess and random. This is achieved by using long passwords and by the mixture of letters, figures and special characters.

FZI Blog: How is it even possible to crack a password and what does the Competence Center for IT Security suggest in order to counteract this?

Roland Gröll: If a password is a "usual" password, there is a high risk that it will be found by a dictionary attack. In this case, a list of possible passwords is scanned to find the right one. You can counteract this by not using passwords that are on such lists. It should thus be random and extraordinary. Moreover, passwords are not securely stored at every service provider. It often happens that passwords are stolen from websites because these websites use unsecure technologies. A password should therefore only be used for one service so that only the concerning service is affected by such incidents. Other services you have an account in, stay secure. It can get confusing if you use one password per account. In this case password managers are recommended. The management of passwords is thus simplified.

FZI Blog: State of research: How can we, apart from passwords, safely surf the Internet?

Roland Gröll: It is important to keep the used software on the current state. You can thus protect yourself from malware, which is exploiting security-critical software errors in outdated versions. In addition to that, you should ensure that you communicate with the right websites and you do not fall for phishing. For this purpose, there are HTTPS. This is a version of HTTP which is used for confidential and authenticated connection to websites. Modern browsers show, apart from address bars, whether the connection is secure or not. Through adblockers you can protect yourself against malware, which use advertisements as possible points of attack.

Roland Gröll works as a research scientist at the Competence Center for IT Security at the FZI. He is currently working on Password Authenticated Key Exchange.