ROUTINE
Living lab for the transfer of digital health applications and AI into healthcare
SASVI
Security at multiple system layers based on chains of trust and isolation
Start: 07/2022
End: 06/2025
SASVI addresses the design of trustworthy IT systems considering the following problems:
- Growing attack surface of (I)IoT systems due to the ongoing networking of highly integrated devices and lack of development support
- Analysis and configuration options of secure trust chains, such as for the implementation of zoning concepts from IEC 62443 in industrial applications
These problems are solved in SASVI by trust chains with end-to-end isolation consisting of secure RISC-V-based processor architectures, dedicated operating system components, hardware-based root-of-trust (RoT) components and trusted execution environments (TEE).
The FZI’s goal in SASVI is to develop a multi-layer concept for trust chains with end-to-end isolation across systems. This includes the layers hardware/software components, operating system and IIoT applications, starting from secure processor architectures, hardware-related operating system components, hardware-based root-of-trust components and TEE. In addition, a special focus will be placed on the secure and end-to-end integration of components into a trustworthy, industry-ready overall system. To achieve the broadest possible impact of the developed security technologies, SASVI relies on the open RISC-V architecture for hardware components.
The resulting continuously trustworthy overall system will then be researched and evaluated based on use cases – for example, in water supply and wastewater disposal – in critical or sensitive infrastructures.
The technical goals, enumerated from the hardware to the system level, are the development of:
- Flexible RoT component for trust chains in RISC-V systems
- Consistent HW primitive for Extended TEE in RISC-V architecture
- Application in IIOT services remote maintenance, remote monitoring and over-the-air updates using smart pump applications as an example
In addition, the FZI intends to research novel isolation mechanisms that can be implemented with open-source hardware and software components in the embedded area. In this way, methods and concepts for secure IIoT systems are developed at various levels that can be used in future Industry 4.0 and automotive research projects.
Research focus
Safety, Security and the Law
The FZI focuses in this research area on the topics of resilience for critical infrastructures, managing security, legal tech and (post-)quantum cryptography, and also deals with the mutual influence of artificial intelligence on safety and security.
Funding notice:
The SASVI project is funded by the Federal Ministry of Education and Research (BMBF). Funding Code: 16KIS1577.
Further links:
Project partners:
More projects
KI4BoardNet
Next-generation distributed, continuously learning onboard power management system
Shuttle2X
Safe use of automated shuttle vehicles in urban traffic through supporting infrastructure networking
DPNB
Broker for dynamic production networks
Kompetenzzentrum KARL
Artificial Intelligence for Work and Learning in the Karlsruhe Region
SASVI
Security at multiple system layers based on chains of trust and isolation
SEQUOIA
Software Engineering of Industrial, Hybrid Quantum Applications and Algorithms
ANYMOS
Competence Cluster Anonymization for Interconnected Mobility Systems
GreenEdge
Climate-friendly, neuromorphic and for a sustainable transport infrastructure of the future.
Mittelstand-Digital Zentrum Klima.Neutral.Digital
Actively addressing the challenges posed by climate change and using them as an opportunity for the German economy.