Safe use of automated shuttle vehicles in urban traffic through supporting infrastructure networking
Safety, Security and the Law
Digitalization offers companies great opportunities to develop connected and therefore attractive products – from autonomously driving vehicles to smart electricity meters and networked manufacturing plants to smart refrigerators. However, the topic is highly complex: it is not only necessary to consider technical aspects such as questions of functional safety and IT security, but also regulatory framework conditions such as liability or data protection. For many producers, these are major obstacles.
With its research focus “Safety, Security and the Law”, the FZI is a competent partner for small and medium-sized enterprises (SMEs) – especially when it comes to clarifying related questions and researching new approaches to solutions: here, specialists for secure software and hardware development and for cryptography cooperate closely with legal experts who focus on IT law and the legal evaluation of digitalized and connected products.
In an interdisciplinary process, our researchers develop new concepts for secure digitalized products, considering legal and technical aspects, together with research partners.
A key objective is to further improve IT security in the German market, especially for SMEs. The FZI will focus on two future technologies that promise strong effects on the economy: Artificial Intelligence (AI) and post-quantum cryptography.
In the field of AI, the FZI will focus more intensively on the mutual influence of AI on information safety and data security. How can AI methods for problem analysis be advanced and AI systems themselves be protected from attacks and manipulation by security mechanisms?
For SMEs, the FZI has set itself the goal of developing a strategy for post-quantum cryptography. Previous encryption methods are at risk regarding the advancing development of quantum computers. Products, services and systems of companies are to be prepared for future security requirements.
Through its work, the FZI will increasingly support processes that strengthen the privacy and sovereignty of individuals. Critical infrastructures must be made resilient in the administration and for the citizen. Methods of IT security must be aligned through secure digital identities for citizens and empower them to handle their data with sovereignty.
- FZI expertise mix of cryptography, security testing, incident response, hardware security and law
- IT security and AI: Methods for securing AI systems
- Approaches to increasing security using AI methods
- Development of competences in organizational aspects of IT security (including research on information security management systems and awareness measures)
In 2023, the FZI’s research focus will be on resilience for critical infrastructures, managing security, legal tech, (post-)quantum cryptography and the mutual influence of Artificial Intelligence on security and safety. Finally, the FZI will continue to advance its work in 2023 in the field of legal tech, with the aim of supporting legal processes through IT approaches. The design of secure hardware and software systems for direct use in small and medium-sized enterprises will also be researched.
Secure communication and systems for Industry 4.0, ideas on law and technology, integration into the Karlsruhe IT Security Region
A digitalization driver for small and medium-sized enterprises. This is what the Mittelstand-Digital Zentrum Klima.Neutral.Digital (SME Digital Center Climate.Neutral.Digital), which opened at the end of 2022, stands for. Thanks to digitalization, companies are to be supported on their way to carbon-neutral production by 2035. With the IT Security Competence Center, the related digitization measures are also analyzed from a cybersecurity perspective and suitable recommendations made. The Cyberwehr Baden-Württemberg’s many years of experience with cyberattacks on companies provide a basis of experience for accomplishing this.
Another structure that ensures IT security knowledge transfer to the public – which the FZI would like to intensify cooperation with in 2023 – is the Karlsruhe IT Security Region with KASTEL – Institute of Information Security and Dependability, the Competence Center for IT Security at the FZI, the DIZ | Digital Innovation Center and the Karlsruher IT-Sicherheitsinitiative (KA-IT-Si – Karlsruhe IT security initiative). The network of security specialists and cybersecurity companies established by Cyberwehr Baden-Württemberg is also to be further expanded and the exchange with similar projects and CERTs in Germany intensified.
Reliable and secure communication and a high level of system security are the most important key technologies for exploiting the added value of digitalization – especially in Industry 4.0. In the SASVI – Sicherheit auf allen Systemschichten durch Vertrauensketten und Isolierung (security on all system layers via trust chains and isolation) project, risks are evaluated at system and component level, zoning concepts and trust chains are defined and isolation measures developed and integrated. The aim of this project is to advance a concept for trust chains with continuous isolation across all system layers. In addition, a strong focus is placed on the secure and continuous integration of the components into a trustworthy overall system that is suitable for industrial applications. The SASVI concept, which can be applied in a variety of ways, will be used in the project for an industrial IoT pump application and for mobile cranes.
Penetration tests for SMEs, online training in IT security, security testing of future mobility systems
- An essential concern of the research focus regarding the future research infrastructure is the further development of tools and methods for the efficient implementation of penetration tests for SMEs.
- In this context, the setup of a virtual computer infrastructure for the implementation of online training courses in IT security and penetration tests is to be launched.
- In the already established test laboratory for IT security, the security testing of future mobility systems is to be given increased attention. One focus here is on securing digital communication between vehicles and with the traffic infrastructure (V2X communication).