Short description of the project
The CyberProtect project, funded by the Ministry of Economics, Labour and Housing of Baden-Württemberg, aims to strengthen companies in Baden-Württemberg by improving the security of complex software systems. All three areas of security (security, safety and privacy) are considered, the focus here is on the sub-area of security. Within the framework of the project, methods will be developed to make the behaviour and decisions of complex software systems, e.g. AI systems, visible and thus enable statements about the security status of the systems. Companies will be involved in the project by means of a wide range of services such as QuickChecks, training courses and Open Lab Days in order to offer them the opportunity to have their complex software examined for security and, if necessary, improved.
Motivation
Functional safety for workers and plants as well as IT security are basic requirements for every production. Due to the progressive networking of production plants, questions of security and privacy are becoming more and more important. In the context of adaptability and digital networking, the three aspects of safety, security and privacy present a wide range of opportunities and challenges for production plants, integrators and manufacturers alike.
Project goals and procedure
The CyberProtect research project covers all three aspects of security, with a special focus on complex software systems in modern production plants. First of all, the complex software systems that can be used in production are to be identified, classified and examined for potential security risks that can be derived from them. Subsequently, internal data structures and decision-making processes of the software systems are to be made transparent. The behaviour of the software can then be checked by means of various test procedures. In addition, an application centre is to be set up which offers companies an attractive contact point. In this centre, both systems already in use and new systems will be analysed and evaluated. Several demonstrators illustrate the current state of research in the various aspects of CyberProtect. The transfer of results from CyberProtect to the companies is done via OpenLab Days, training and QuickChecks. The Fraunhofer IOSB has a Security Testing Laboratory, which is constantly being expanded as part of the project.