Research & Development
We regularly take over the lead in government-funded research- and development projects. Through Federal Ministry promoted research projects, we help to decisively shape future developments and are in constant exchange with institutions in the fields of education and research.
You can find results from our latest research projects here:
Combined Engineering Method for Security and Safety in Embedded Systems (KEM3S)
KEM3S is a research project funded by the Federal Ministry of Education and Research (BMBF). In the KEM3S project, protective measures for the risk types safety and security are to be developed and combined into a combined engineering method to support the design process. The term safety refers to risks arising from technical systems such as machines or plants. They not only affect employees, but also third parties and the environment. Machines and systems are often linked to each other via process control technology, and access, which serves for control and remote maintenance, should take place via networks. This results in risks with regard to IT security, as the networks and machines themselves become the target of unauthorized intrusion or criminal attacks.
Hardware sensors for IT network security
The research project "Development of a hardware sensor system for IT security in the field of industrial remote data transmission / process control technology" was funded by the funding program "Central Innovation Program for SMEs" of the Federal Ministry of Economics and Technology (BMWi). It is used to record data streams in the field of industrial data transmission or process control technology. A special focus was placed on the field level and the application-specific aspects of network control technology (supply networks for electricity / gas / water / district heating) and operations control technology (rail transport). The hardware sensors can be installed extensively in industrial, plant networks and process control systems and provide a complete overview of current network communications by using crawling methods.
Security Controlling System
Development of an innovative Security Controlling Framework for permanent surveillance of a defined technical and operational security level.
The research project "Development of an innovative security controlling framework for the permanent monitoring of a defined technical and operational security level" was funded by the funding program "Central Innovation Program for KMU" of the Federal Ministry of Economics and Technology (BMWi). This resulted in our Security Level Monitoring after the project. The developed OSSTMM-based security controlling framework enables the permanent monitoring of a previously defined technical and operative IT security level. The tool constantly checks, authorizes the IT environment, its security mechanisms as well as any vulnerabilities and weaknesses. As a result, ways of optimizing the security design in operation, the measures and the limitations are shown technically. Current IT security analysis shows serious deficiencies: They usually only refer to weaknesses and are very technical and therefore less suitable for the management sector. By mapping business processes and IT security or security-relevant threats, risks are also made visible and measurable for management.
The research project "Secureclouds" is a KMU innovative joint project, funded by the Federal Ministry of Education and Research (BMBF). The project was about developing a software environment for tool-based security- and compliance analysis for outsourcing services in cloud computing environments. After recording a process model, the developed software determines the sensitivity of the data, makes suggestions for the necessary measures to maintain IT security, analysis the security incidents of a cloud service and ultimately checks whether a cloud operator fulfils the individual requirements regarding IT security. This is to control the risk, especially for KMU, of outsourcing processes and the data associated with them. The tool-environment for security analysis implemented in the project is intended to significantly improve IT security and the acceptance of the use of cloud-computing-based technologies, and the project partners expect an uncomplicated access option for other companies to have a positive effect on the overall economy and the economies of scale that can be achieved with it.