Transfer Centre for Cybersecurity in SMEs
Cybersecurity for SMEs
Digitalization offers companies great opportunities to develop connected and, therefore, attractive products – from autonomously driving vehicles to smart electricity meters and networked manufacturing plants to smart refrigerators. However, the topic is highly complex: it is necessary to consider technical aspects, such as questions of functional safety and IT security, and regulatory framework conditions, such as liability or data protection. For many producers, these are major obstacles.
With its research focus “Safety, Security and Law”, the FZI is a competent partner for small and medium-sized enterprises (SMEs) – especially when it comes to clarifying related questions and researching new approaches to solutions: here, specialists for secure software and hardware development and cryptography cooperate closely with legal experts who focus on IT law and the legal evaluation of digitalized and connected products.
In an interdisciplinary process, our researchers develop new concepts for secure digitalized products, considering legal and technical aspects, together with research partners.
A key objective is improving IT security in the German market, especially for SMEs. The FZI will focus on two future technologies that promise strong economic effects: Artificial Intelligence (AI) and post-quantum cryptography.
In the field of AI, the FZI will focus more intensively on the mutual influence of AI on information safety and data security. How can AI methods for problem analysis be advanced and AI systems themselves be protected from attacks and manipulation by security mechanisms?
For SMEs, the FZI has set itself the goal of developing a strategy for post-quantum cryptography. Previous encryption methods are at risk regarding the advancing development of quantum computers. Companies’ products, services, and systems must be prepared for future security requirements.
Through its work, the FZI will increasingly support processes that strengthen the privacy and sovereignty of individuals. Critical infrastructures must be made resilient in the administration and for the citizens. Methods of IT security must be aligned through secure digital identities for citizens and empower them to handle their data with sovereignty.
In 2023, the FZI’s research focus will be on resilience for critical infrastructures, managing security, legal tech, (post-)quantum cryptography and the mutual influence of Artificial Intelligence on security and safety. Finally, the FZI will continue to advance its work in the field of legal tech, to support legal processes through IT approaches. The design of secure hardware and software systems for direct use in small and medium-sized enterprises will also be researched.
Secure communication and systems for Industry 4.0, ideas on law and technology, integration into the Karlsruhe IT Security Region
A digitalization driver for small and medium-sized enterprises. This is what the Mittelstand-Digital Zentrum Klima.Neutral.Digital (SME Digital Center Climate.Neutral.Digital), which opened at the end of 2022, stands for. Thanks to digitalization, companies are to be supported on their way to carbon-neutral production by 2035. With the IT Security Competence Center, the related digitization measures are also analyzed from a cybersecurity perspective and suitable recommendations made. The Cyberwehr Baden-Württemberg’s many years of experience with cyberattacks on companies provide a basis of experience for accomplishing this.
Another structure that ensures IT security knowledge transfer to the public – which the FZI would like to intensify cooperation with in 2023 – is the Karlsruhe IT Security Region with KASTEL – Institute of Information Security and Dependability, the Competence Center for IT Security at the FZI, the DIZ | Digital Innovation Center and the Karlsruher IT-Sicherheitsinitiative (KA-IT-Si – Karlsruhe IT security initiative). The network of security specialists and cybersecurity companies established by Cyberwehr Baden-Württemberg is also to be further expanded and the exchange with similar projects and CERTs in Germany intensified.
Reliable and secure communication and a high level of system security are the most important key technologies for exploiting the added value of digitalization – especially in Industry 4.0. In the SASVI – Sicherheit auf allen Systemschichten durch Vertrauensketten und Isolierung (security on all system layers via trust chains and isolation) project, risks are evaluated at system and component level, zoning concepts and trust chains are defined and isolation measures developed and integrated. The aim of this project is to advance a concept for trust chains with continuous isolation across all system layers. In addition, a strong focus is placed on the secure and continuous integration of the components into a trustworthy overall system that is suitable for industrial applications. The SASVI concept, which can be applied in a variety of ways, will be used in the project for an industrial IoT pump application and for mobile cranes.
Penetration tests for SMEs, online training in IT security, security testing of future mobility systems
Cybersecurity for SMEs
Innovation with Cybersecurity for SMEs in Baden-Württemberg
Hardening of embedded RISC-V software by means of code transformations
European Digital Innovation Hub applied Artificial Intelligence and Cybersecurity
Reference sensor platform for high-precision sensor validation for automated driving
Safe use of automated shuttle vehicles in urban traffic through supporting infrastructure networking
Artificial Intelligence for Work and Learning in the Karlsruhe Region
Security at multiple system layers based on chains of trust and isolation
Competence Cluster Anonymization for Interconnected Mobility Systems
Actively addressing the challenges posed by climate change and using them as an opportunity for the German economy.