Sicherheit und Datenschutz in industriellen Produktionsanlagen und Kommunikationsnetzen
Dieses Teilprojekt widmet sich Sicherheitsfragen, die die gerade stattfindenden Umwälzungen in der industriellen Produktion betreffen. Mit dem IT-Sicherheitslabor für die Produktion des Fraunhofer IOSB steht eine auf IT-Sicherheit für Industrie 4.0 spezialisierte Forschungsumgebung bereit, die Experimente unter realistischen Bedingungen erlaubt.
Security and Data Protection for Future Production Systems
Security and Data Protection
This research field deals with sustainable research questions for secure industrial production plants. In addition to the legal aspects of data protection, these include future, flexible security concepts for industry 4.0, secure cloud use, self-learning anomaly detection in industrial production, and verifiable security in the presence of active adversaries.
In Industry 4.0, intelligent autonomous components will increasingly be used in the future, which are to interact and communicate spontaneously with other, already integrated components. This requires greater flexibility of the networks and the predefined security zones.
The concept of software defined networks (SDN) offers the possibility to implement security guidelines for devices, applications and services in a detailed and flexible manner.
Smart Fabric can thus benefit from SDN as a building block for flexible and innovative security concepts. KASTEL develops concepts that enable the use of software-defined network technologies to implement modern security concepts in industry 4.0.
For example, for the dynamic establishment of security zones or the flexible composition of security-relevant network functions and their placement within the physical infrastructure.
In the context of Industry 4.0, businesses are expected to use cloud computing technology for secure data storage and data exchange between companies. Cloud computing becomes part of a critical infrastructure for industry. The advantages of flexibility, robustness and cost savings are offset by the loss of transparency.
KASTEL is developing a framework to increase the transparency of cloud-based industry 4.0 solutions. This is intended to enable a company as a cloud user to check, for example, whether a solution actually complies with the requirements. For example, at which geographical locations the data is stored and whether the required redundant copies have also been created or deleted in accordance with the regulations.
The research group in this area are the TeleMatics.
Like all innovations, Industry 4.0 also encounters a legal environment that has to be taken into account in its development. The identified statutory and European legal requirements must be examined with regard to the specified application scenarios, whereby questions of data protection law in particular are of central importance. At European level, the new basic European data protection regulation (DS-GVO) must be taken into account, the standards of which will apply from May 2018. Their rules will apply directly in each Member State and will replace national data protection legislation in huge parts.
KASTEL is investigating how the computerisation of manufacturing technology can be promoted within the framework of Industry 4.0 in such a way, that data and secrecy-protecting precautions can nevertheless be taken.
The participating research group is the Center for Applied Law (ZAR).
Security in plants that implement the Industry 4.0 concept must be considered comprehensively - from the planning level to the technical levels. The systems are operated in real time, which poses an additional security risk. An adversary who gains access to the technical infrastructure of a plant can cause great physical and financial damage.
KASTEL develops a formal method for conclusively demonstrating security.
Specifically, it is to be shown that an adversary with the means at his disposal is incapable to damage the plant or to operate it outside of the envisaged parameters. For this purpose, absolute properties (e. g."the drill head never moves deeper than expected into the drilling material") and relational properties (e. g."the speed of the motor can be at most doubled by reconfiguration") are to be investigated.
Research is carried out together with the Institute for Theoretical Computer Science (ITI).
Modern production facilities are highly networked. Embedded systems communicate with each other independently, planning systems from the cloud calculate order steps and machine occupancy, plant operators monitor and control from a distance, maintenance personnel access resources worldwide and perform configuration changes. In the networked world, the protection of production facilities no longer ends at the factory building or the company grounds. The network connections allow adversaries to intrude and manipulate the systems, malware infections can completely paralyze large areas of the system, causing immense physical damage to the system and danger to the population. Not only since news about Stuxnet, Duqu, Flame and Havex has it been clear that production facilities are easy targets for cyber attacks.Industry 4.0 is increasingly dissolving the previous separation of traditional IT networks and production networks in order to be able to operate communication and data exchange across all network hierarchies. Network components in production are clearly different from the components used in traditional IT. In its development, which is designed for a service life of several decades, networking and the associated data security have so far played little role. Historically, production lines are separated from each other and from other IT systems. This separation was enforced physically, by separate communication networks and also logically, by different protocols. In the course of Industry 4.0, these systems will now be connected to the network systems of traditional IT. The industry hopes that this will result in more flexible and efficient production processes. However, the production systems are also exposed to many hazard scenarios of traditional IT systems, which makes IT security an important aspect of industrial systems. In order not to jeopardise the success of industry 4.0, the use of new technologies must not become a security risk.
Integrierte Methoden für Security-By-Design
Die bisher erarbeiteten methodischen Grundlagen werden in diesem Teilprojekt in einem Demonstrator zusammengeführt und integriert. Damit wird gezeigt, in welchem Maß Werkzeuge nach dem aktuellen Stand der Forschung die Integration von Sicherheitsanforderungen im Entwicklungsprozess von IT-Systemen unterstützen können.
Dieses Teilprojekt widmet sich methodischen Fragestellungen der IT-Sicherheit, die in mehreren Teilprojekten auftauchen. Hier werden die Methodikkompetenzen aus der ersten Förderphase von KASTEL weiter- und zusammengeführt.
Sicherheit in Smart Environments
Im Teilprojekt Sicherheit in Smart Environments werden Fragestellungen aufgegriffen, die in der zukünftigen vernetzten Alltagswelt angesiedelt sind. Hier werden unter anderem diejenigen Forschungsfragen aus der ersten Phase von KASTEL weiter- und zusammengeführt, für die Karlsruhe bereits bekannt ist: Privatsphärengerechte Lagedarstellung und Datenschutz bei Smart Homes und Smart Buildings.
Sichere und beherrschbare Energiesysteme
Hier werden Gefahren, die durch die Verbindung kritischer Infrastrukturen mit den öffentlichen Internet entstehen thematisiert. Das Energy Lab 2.0, eine in Europa einzigartige Infrastruktur zur Erforschung künftiger Energiesysteme, ist hierbei ein entscheidender Standortfaktor.
Security and Data Protection for the Future Living- and Working-Environment
Security and Data Protection for the Future Living- and Working-Environment
In this research field, KASTEL researchers are investigating the broad spectrum of questions arising from the integration of interconnected IT technologies in the environment and society. Services and products for Smart Environments should be both innovative and user-friendly, while at the same time meeting the user's desire for security and privacy and thus conforming to the legal framework. At KASTEL, concepts for a solution are explored which try to consider the different interests in this area of conflict.
The far-reaching integration of IT technology into the world of life and work enables a multitude of innovative applications and services. So-called "Smart Environments" form the basis for the automation of everyday processes and thus provide more comfort and efficient use of resources. But the acquisition and storage of data is also a critical issue here. The collected data can be used to infer activities, interests and preferences of individuals or business secrets of organisations. Secure procedures and communication protocols form the basis for the protection of privacy.
Smart Environments capture and process countless amounts of data in a variety of ways. The resulting virtual image of the real world thus inevitably contains areas of privacy that are worthy of protection. For the acceptance of such products and services, it is therefore essential to take protection interests into account and to create transparency for the user as well as the possibility of intervention. One of the proven principles in data protection is data economy, which is based on the fact that only those personal data which are absolutely necessary for the respective application are to be collected and processed. However, it may also be appropriate to initially collect more data in order to achieve a better protection of privacy.
Participating research groups are the Zentrum für angewandte Rechtswissenschaften (ZAR), the Institut für angewandte Informatik und formalale Beschreibungsverfahren (AIFB) and the Fraunhofer IOSB.
In addition to the questions of feasibility and concrete implementation, Smart Environments also raise questions regarding legal standards and state regulation. The subject of the accompanying legal research in KASTEL is data protection law, among other things with regard to the European data protection basic regulation, but also work on questions of liability and evidence law. In doing so, concepts for the further development of the legal framework are also developed, taking into account technical possibilities and necessities.
The research group involved is the Center for Applied Law (ZAR).
Security in modern, complex systems can only be reliably guaranteed if the requirements for the system are consistent, from design to quality assurance of the actual implementation. Actual attacks from the past were very often caused by a lack of security strategies. However, they often also made use of errors that only arose during implementation - there, the originally envisaged security design was not consistently implemented.
That's why we at KASTEL are researching a system theory for the continuous adaptation to strategic, evolving adversaries, as well as tools and methods to make security implementable and verifiable. Experts from the most diverse disciplines of computer science work closely together with experts from the legal sciences to further develop well-known methods for the documentation and analysis of systems and programs and to make them usable for use in the security-critical environment.
A broad spectrum of questions will be investigated, which arise from the profound integration of networked IT technology in the environment and society. KASTEL is thus continuing the long tradition of data protection in Germany and thus contributing to securing a location advantage for the German economy.Participating research groups are the Center for Applied Law (ZAR), the TeleMatics, the Institut für angewandte Informatik und formalale Beschreibungsverfahren (AIFB) and the Fraunhofer IOSB.
Security and Privacy for Future Energy Grids
Security and Data Protection for Energy Grids
Our energy systems are becoming more and more interconnected with stronger dynamics and fluctuations at the same time. The widespread use of information technologies is intended to help balance the generation and use of energy. In addition to the necessary benefits of information technologies, this also entails risks, especially with regard to the security of the energy network and the collected electricity consumption data. KASTEL deals with questions and solutions concerning the security of the energy network and sensitive consumer data. A decisive factor in this research is the Energy Lab 2.0, which is centrally located at KIT and deals intensively with the energy networks of the future.
Our energy systems will be fundamentally restructured in the future. Solar and wind energy is generated decentrally and in a highly fluctuating manner. Only the intensive use of information technology can balance production and demand.
This widespread use of IT systems creates new threats to the economy and society at the same time: the power consumption data collected for network control allow conclusions to be drawn about private life habits and production processes in industry. At the same time, additional IT systems increase the attack area; manipulation can lead to disruptions, damage and long-term, large-scale power outages. This makes IT security an essential prerequisite for a successful Energiewende (Energy Transition).
In order to ensure the security of such systems, the electricity grid must be considered in its entirety so that the concepts and methods of information technology and electrical engineering can be appropriately integrated. In particular, data protection and the legal framework of regulation require a close involvement of the jurisprudence. KASTEL develops interdisciplinary solutions for the security and privacy of the power grids of the future.
A particular challenge is to reconcile the seemingly contradictory requirements for functionality, real-time capability, privacy protection and robustness against attacks and disruptions. Distributed energy systems should not only have a secure IT infrastructure, but also be robust as a whole, since attacks cannot be completely avoided.
The research group involved is the Institut für angewandte Informatik (IAI).
Provable Security for Complex IT Systems
Model-based Plausibility Check
The classical error- and attack-detection in energy networks analyzes the information technology system for untrustworthy communication flows. In doing so, only local manipulations of the energy network are detected. This leads to an increase in the risk of inter-island attacks and inter-island dependency in decentralised energy networks.
The modelling of the island networks contains not only the information technology system, but also the energy, material and heat flows (complete network). The plausibility check based on the models can now reveal discrepancies between the exchanged data and the resulting changes in the behaviour of the energy network and, depending on the hazard assessment, report or sound the alarm.
Absolute security can only be achieved for a system, if the domain-specific security properties are developed at a level, where it is possible to ensure, that the specified and verified security properties are compatible with each other.
The systems are not completely redeveloped, but are based on existing systems and functionalities. Therefore, the integration of different development phases poses a special challenge. It is also necessary to consider the security of a system over its entire lifecycle. This requires sound risk- and security-management based on a fundamental system theory, consisting of analyses of hazards of protected goods, adversarial models and suitable protection processes, -concepts and -mechanisms.
The research groups involved are the Institute for Theoretical Computer Science (ITI) and the Institute for Program Structures and Data Organization (IPD).
Absolute security is difficult to prove, since only those cases can be covered, that one can imagine. In order to make the concept of security comprehensible, security models are developed which formally describe the possibilities of an adversary. Furthermore, it defines exactly what it means to break a given procedure. A given cryptographic method is sufficiently secure for a security model if the adversary can only break it with a negligible probability.
At KASTEL, research is conducted into the aspects of composable security. This involves examining the extent to which the assembly of individual, proven components leads to a safe overall system. Furthermore, we are working on aggregate signature procedures. These are procedures to convert the signatures and several messages into a single signature, thus saving bandwidth during transport.
The research group involved is the Institute for Theoretical Computer Science (ITI).
At KASTEL, a fundamental system theory is being researched, which enables a comprehensive and integrated security assessment from hazard analysis to the creation of requirements and verification of the integrated mechanisms at implementation level. A special focus of the legal perspective is on the integration of preliminary legal considerations in the event of value conflicts, for example with regard to the valuation of protected goods. This contributes to ensuring legal conformity in weighing processes, which was previously the sole domain of computer science. A wide variety of research disciplines work together to find interdisciplinary solutions.
Within the context of KASTEL, a model-driven specification procedure for the collection and documentation of security requirements for systems is being developed.
It is investigated how these security requirements from the model level can be distributed to subsystems in a semantically correct way and thus be mapped to concrete implementations. In this way, their security can be verified directly in the implementation. Based on this, KASTEL develops tools and methods for the analysis, verification and integration of source and byte code in order to unite the strengths of different approaches as profitably as possible. Three tools are combined here: Palladio is an architectural tool that allows the creation of software with certain quality characteristics. JOANA examines Java programs for sequential and probabilistic leaks in information flows. Using key, it is possible to formally verify that a Java program fulfils certain properties.