Center for excellence in cybersecurity research

More space for security

With over 4,000 square meters of lab area, Fraunhofer AISEC has more space for more researchers, more space for test environments, more space for innovative security labs and more space for collaborations and projects.

With its state-of-the-art lab environments, the Fraunhofer AISEC cybersecurity center offers the latest technologies for security analysis and for enhancing cybersecurity, as well as an ideal infrastructure for working on security-critical projects. It provides numerous opportunities to directly experience the effect of protective mechanisms.

 

Industrial Security Labs

Several industrial security labs at Fraunhofer AISEC enable practical security work, e.g. in the areas of networked production, Industry 4.0, IoT and facility automation.

 

Automotive Security Lab

The Automotive Security Lab at Fraunhofer AISEC enables security testing on entire vehicles and provides sufficient space for test setups to analyze multiple, interacting components and devices.

 

 

Hardware Security Lab

Our Hardware Security Lab allows for an exciting spectrum of hardware security analysis, ranging from offensive penetration testing of embedded systems to highly specialized attacks on security implementations.

 

Smart Sensor Lab

In our Smart Sensor Lab, software-defined radio components are used to examine all common radio standards and IoT protocols for vulnerabilities.

Cloud Security Lab

The Cloud Security Lab at Fraunhofer AISEC enables a variety of evaluation services for securing cloud services.

System Security Lab

In the System Security Lab, secure system solutions for embedded as well as mobile devices and servers are developed and evaluated. The goal is to research mechanisms to improve resilience and resistance against remote and local attacks.  

Secure Data Ecosystems

The Secure Data Ecosystems research lab provides the necessary infrastructure for developing, planning, and implementing trusted data spaces in cloud and edge computing infrastructures.

Other Labs

Software Security Lab

In the Software Security Lab, approaches to software analysis and preventive hardening of software are researched. The goal of the researched technologies is on the one hand to find and fix vulnerabilities in programs and on the other hand to prevent the exploitation of vulnerabilities by preventive security measures. To detect vulnerabilities, methods of static code analysis are used (among others), with a focus on system-related programming languages. Memory-unsafe programming languages such as C and C++, as well as memory-safe programming languages such as Rust, are examined. In addition, dynamic software analysis and instrumentation of code are used, such as for efficient fuzzing of software APIs. In software hardening technologies, the focus is on compiler-based security mechanisms, such as control flow integrity (CFI) or memory safety. In addition to the development of new methods, existing approaches from the current state of research are evaluated with respect to their practicability and integrability into existing systems.

Test lab for IoT security

In the test lab for IoT security, the software of networked devices is analyzed with the aim of finding and correcting bugs. The focus is on devices for which the complete source code is usually not available. In the simplest case, external (externally accessible) interfaces (black box) are tested, for example with fuzzing tools. Much more efficient and usually preferable is a setup with access to debug functions of the device to better analyze the behavior. The extraction of the firmware and the static as well as dynamic analysis of the firmware, such as the (partial) execution of the firmware in a simulation environment or a virtual machine as well as the instrumentation of parts of the firmware, is also helpful.

Test lab for isolation mechanisms

In the test lab for isolation mechanisms, the software of complex, modularized software stacks is tested (greybox/whitebox) with the aim of evaluating isolation mechanisms and finding and correcting bugs in them.
The focus is on the isolation or the isolation properties of system-related components, such as kernel, hypervisor, or trusted execution environments. An appropriate, partially technology-specific setup is used to perform tests, consisting of several components, for example: isolated process with reduced privileges in a sandbox, a privileged process in the kernel or hypervisor, and a monitoring and control tool outside the target of evaluation. The underlying technologies are often used in a domain-specific manner, but the approach is not domain-specific.

Demonstrations

Applied research at your fingertips

Fraunhofer AISEC's demonstrator room offers sufficient space to present current research projects. Currently, ten exhibits are on permanent display in the exhibition room: from live hacking to adversarial examples using facial recognition as an example to solutions for trustworthy goods tracking using trackchain technology.