Fraunhofer Institute of Optronics, System Technologies and Image Exploitation IOSB 
Brief description of the project
As an important economic sector, industrial production in Germany ranges from fully automated production to the manual assembly of complex or specialized components. At the same time, it is increasingly the focus of cyberattacks. Together with the “Engineering Secure Systems” research program at Karlsruhe Institute of Technology KIT, which is funded by the Helmholtz Association, we operate the “Engineering Security for Production Systems” laboratory, which researches solutions for future challenges in industrial cyber security.
Demonstrators play a crucial role in raising awareness of industrial cyber security. With their help, we educate professionals in our lab about the challenges and threats and the importance of implementing robust security measures through hands-on demonstrations and training.
Project goals
In the lab, we deal with the cyber security of production infrastructures as well as the trustworthiness, privacy and transparency of assembly assistance systems that monitor and support employees. The particular challenges with regard to the security of OT infrastructures are high availability with long system runtimes, correspondingly old and vulnerable components and the safety impact of cyber attacks. A defense-in-depth strategy for cybersecurity is therefore essential. In the case of assembly assistance systems, the characteristic challenge is that the systems are operated by the employer, which harbors the risk of misuse, e.g. to secretly monitor the performance of employees contrary to concluded company agreements.
Project results
In our work on self-learning anomaly detection, we use advanced algorithms to detect unusual patterns in network traffic that may indicate potential security incidents. Using machine learning, the system continuously evolves and improves its detection capabilities. We successfully evaluated the self-learning anomaly detection in our lab environment and were able to both improve the detection rate and reduce the false positive rate.
In black box tests, vulnerabilities of a system are analyzed without having insight into its internal functioning. This approach facilitates an objective analysis of potential security weaknesses and attack vectors. We developed several improvements to black box testing for industrial components by leveraging existing information about the system under test.
Effective risk management for plant owners requires the continuous identification, assessment and prioritization of vulnerabilities and risks within their systems. We are developing an integrated risk assessment framework to support plant operators in risk assessment. It combines automated vulnerability management and AI-based threat detection and defense and serves as a tool for IEC 62443-based risk management.
Trustworthy interactive assembly assistance systems not only require suitable security mechanisms to ensure information security and privacy protection. It must also be possible to verify their trustworthiness. Based on trustworthy hardware components (e.g. Trusted Platform Modules (TPM)), we implement an attestation protocol with which enables employees or works councils to check for themselves whether systems are in an agreed state. Building on this, security mechanisms developed by us such as 4Crypt for securing data during storage or trustworthy distributed usage control for securing data during processing can be operated reliably.
In order to increase the transparency of data processing by AI-based components even for laypersons, we implemented RIXA, an interactive, explainable AI dashboard. This is also suitable for meeting the transparency requirements of the European AI Regulation.