Competence Center for IT Security

Competence Center for IT Security

Competence Center for IT Security

Applied security research for our industry

With the Competence Center for IT Security (KIS), the FZI has created a central point of contact for applied IT security research with the support of the state of Baden-Württemberg. The center offers problem-solving expertise in questions of IT security for small and medium-sized enterprises in Baden-Württemberg. At the Competence Center for IT Security, research is conducted on security technologies that are easy to understand and apply.


PD Dr.-Ing.
Ingmar Baumgart

Department Manager

New challenges posed by digitalization and the Internet of Things

Ever-advancing digitalization across all industries is making it necessary for IT systems to be increasingly networked. Systems that previously operated in complete isolation are now being connected to the Internet. This leads to a greatly increased attack surface and can enable worldwide attackers to gain access. Particularly worth protecting in this context are critical infrastructures such as power plants or hospitals – attacks on such systems can have serious consequences for the safety of people and the environment.

Likewise, the Internet of Things brings with it new security challenges. To meet these challenges, pure expertise in IT security methods and mechanisms is not enough. The key to success lies in supplementing this knowledge with in-depth expertise of the respective application domain.

Play Video
Play Video

A holistic approach to secure IoT systems

The increasing complexity and global networking of IT systems brings new security challenges. To meet these challenges, pure knowledge of IT security methods and mechanisms is not enough. The key to success lies in a holistic approach. Designing and implementing a secure IoT system is an interdisciplinary endeavor. Comprehensive expertise in fundamental IT security methods and mechanisms is required:
  • Hardware security
  • Cryptography
  • Secure software development
  • Network security
  • IT security management
  • Legal aspects (e.g., data protection, liability, …)
An IT system is always designed with a specific application in mind. To ensure not only a secure but suitable system design as well, in-depth expertise in the system’s respective application domain is also required (e.g., automation and robotics, healthcare, mobility):
  • Terminology
  • Domain-specific protocols and mechanisms (e.g. OPC-UA, CAN, ETSI ITS G5)
  • Domain-specific requirements (e.g., availability, real-time capability)
  • Established development processes (e.g., V-model, SDL, …)
At the Competence Center for IT Security, the FZI combines these competences with in-depth expertise in methods and mechanisms of IT security to provide a holistic research approach that considers the complete lifecycle of an IT system.

Our offer

The researchers at the FZI have many years of experience in application-oriented research and the transfer of research into application. At the Competence Center for IT Security, we complement this experience with deep-rooted expertise in the field of IT security. However, IT security is not the result of a one-time effort, but plays a role in all phases of the product lifecycle. Therefore, it is not least important to know which IT security methods and measures are best suited in which phases. Our work always has a strong research focus. Within this framework, we support companies in various IT security issues, such as:
  • Threat analysis
  • Best practices and methods of IT security
  • Technology assessment
  • Research on novel and applicable security solutions
  • Identification of legal barriers
  • Implementation of legal requirements for innovation technology
  • Pentesting
  • Awareness and training

Research projects Safety, Security and the Law