Secure Systems Engineering

System Security and Usable Security

Digitization covering more and more areas of life is continuously on the rise. The department Secure Systems Engineering offers developing and implementing secure and usable IT systems to all of its customers.

Our considerations cover the entire product lifecycle: we identify necessary security and data protection measures early on during the conception phase, support the implementation in a feasible manner during the development process, and also maintain and adapt them during active use, always in line with emerging product requirements while complying with best practice standards. Our portfolio also includes support in certification in accordance with established process models such as the ISO/IEC 27000 family, IT-Grundschutz or Common Criteria.

Our research department draws on experience from numerous research and development projects: Quantum computer-resistant algorithms ensure future proof cryptographic systems. Modern cryptographic processes and protocols guarantee that all requirements regarding information security and data protection are implemented properly. The early involvement of various stakeholders ensures that the implemented security measures can be used by everyone.


We work closely with our customers and partners in order to systematically assess and improve the security of both systems and products, to evaluate their reliability, to design them securely, and to sustainably ensure their security throughout the entire life cycle.

Evaluate security     

  • Evaluation of security in accordance with a variety of assessment criteria as well as best practice standards
  • Conducting threat and risk analyses
  • Analysis of cryptographic methods
  • Analysis and development of random number generators

Design security

  • Support regarding information security and data protection during development
  • Development of cryptographic-, IT security- and data protection concepts
  • Development of secure system architectures
  • Development of solutions regarding usability, data privacy and security
  • Secure software development
  • Inclusion of the latest technologies, e.g., Differential Privacy
  • Quantum computer resistant cryptography and cryptographic agility  

Maintain security  

  • Risk management
  • Security monitoring
  • Vulnerability management
  • Incident management
  • Support in conducting security audits
  • Training in the areas of identity management, usable privacy and security and post-quantum cryptography


Secure digital identities (SDI) are key drivers for a successful transition of business processes to the digital world. This applies to both business (e.g., taking out insurance or opening an account on the Internet) and administration (e.g. under the Online Access Act, federal and state administrative services in Germany must be offered online by 2022).

Requirements for the secure implementation of electronic identities are formulated in abstract terms only. Depending on the level of security to be implemented, these are stated in the European regulation (EU) 2015/1502 (Minimum requirements and technical specifications on procedures for security levels of electronic identification means). Currently, requirements for identity wallets, digital credentials, and self-sovereign identities (SSI) are under active development.

There still are many challenges for all stakeholders that prevent secure digital identities from being used widely.

Research in this area conducted by the Secure Systems Engineering department focuses not only on the security of identity solutions, but also on interoperability, privacy, and usability. We support both identity providers as well as development of eID ecosystems in achieving these goals while also researching and developing new methods of implementing secure digital identities.

Quantum computers are having a significant impact on the security of asymmetric cryptographic methods being used today. A quantum computer algorithm developed by Shor in 1994 efficiently breaks cryptographic methods whose security relies either on the factorization problem (i.e., RSA encryption and digital signatures) or on the discrete logarithm problem (e.g., (EC)-DSA digital signatures or the key agreement method (EC) Diffie-Hellman).

This renders almost all currently used public key cryptographic systems  insecure (digital signatures, key agreement and public key encryption methods). This is bound to affect almost all cryptographically secured Internet connections (e.g., via https or Virtual Private Network (VPN)).

The focus of our research is centered around the security analysis of quantum computer resistant methods, investigations regarding the applicability and optimizations for devices with limited resources as well as the migration of existing systems towards quantum computer resistant systems.

In the era of growing data streams, automated data analysis methods, such as machine learning (ML), are increasingly being used. ML models are trained to make generalized predictions on unknown data based on their training data. In recent years, there has been a growing understanding that, in many cases, even though a model supposedly contains only an abstraction of its training data, it by no means sufficiently protects the privacy of individuals whose data was used in training said model.

It is possible to draw conclusions about the training data from the parameters of a model (e.g., via so-called property inference or model inversion attacks). Protection against such attacks can be provided by mechanisms such as Differential Privacy (DP), which is a mathematical framework that allows meaningful analyses to be performed on a group of individuals without violating the privacy of any single individual. This purpose is achieved by adding mathematical noise during a given analysis. Most commonly, the noise is added in various forms during model training, thereby allowing the privacy of individuals in the training dataset to be protected.

Often, the requirements, knowledge and skills of the target audience are not considered at the beginning, but rather at the end of the design phase. Usually, the security goals ("What needs to be protected?") and the security model ("How should it be protected?") are defined first. However, the selected security model has a significant impact on possible user interactions, usually resulting in significant weaknesses regarding usability.

An important requirement for usable systems is allowing users to reach their goal while keeping interactions to a minimum. From the perspective of usable security and privacy, this is in most cases is neither possible nor meaningful. Legally binding processes, such as signing a contract or giving consent, require active involvement of users. Interaction should be minimized only to a point where trust in the system does not diminish, and users are not left uncertain about the state of the system.

Our research is focused on the development of methods and tools for assessing the usability of- and trust in secure systems and privacy measures, as well as on the development of models for easy and error-free use of such systems. 

Selected Projects


Secure sharing of health data


As part of the interdisciplinary project WerteRadar, interactive software is beeing developed for the relective sharing of health data.


Secure digital identities


The ONCE innovation project, funded by the Federal Ministry for Economic Affairs and Energy (BMWi), is designed to enable citizens to identify themselves securely and in a user-friendly way using their smartphones.



Cryptographic library for long-lasting security


As part of the BSI project, an open-source, secure, clear, controllable and well-documented cryptographic library was developed in the form of BOTAN, which is suitable for as many deployment scenarios as possible and can also be used in applications with increased security requirements.



Quantum-secure passports


The security chips found on ID cards and passports are under threat from quantum computing. As part of its PoQuID research project, Fraunhofer AISEC, Infineon and Bundesdruckerei have developed cryptographic protocols that are tough enough to withstand attacks waged by quantum computers.

Other Projects

Mobile services are increasingly relevant and can be considered one of the most important technological trends in society. In the healthcare sector in particular, this development poses a major challenge, as the handling of personal data requires a high level of security.

In addition to the Fraunhofer Institute for Applied and Integrated Security AISEC, the VEGA consortium consists of Bundesdruckerei GmbH, DAK-Gesundheit, cv cryptovision GmbH and CompuGroup Medical Deutschland AG. The Federal Office for Information Security and T-Systems International GmbH are participating as associated partners.

Further information on the project can be found on the German website of FU Berlin.  


  • M. Fischlin, J. von der Heyden, M. Margraf, F. Morgner, A. Wallner, H. Bock. "Post-Quantum Security for the Extended Access Control Protocol“. In: 8th Security Standardisation Research Conference, SSR 2023, Lyon, France. 2023.
  • Anna-Magdalena Krauß, Sandra Kostic, Rachelle A. Sellung: "A more User-Friendly Digital Wallet? User Scenarios of a Future Wallet". Open Identity Summit 2023. DOI: 10.18420/OID2023_06. Bonn: Gesellschaft für Informatik e.V. pp. 73-84. Regular Research Papers. Heilbronn, Germany. 15.-16. June 2023.
  • Dariush Wahdany, Carlo Schmitt, Jochen L. Cremer: "More than accuracy: end-to-end wind power forecasting that optimises the energy system". In: Electric Power Systems Research. 2023.
  • Anna-Magdalena Krauß, Sandra Kostic, Rachelle A. Sellung: »Ist das die Wallet der Zukunft?« HMD 60, 344–365 (2023).
  • Maximilian Richter, Magdalena Bertram, Jasper Seidensticker, Marian Margraf: »Cryptographic Requirements of Verifiable Credentials for Digital Identification Documents«. SDIM/COMPSAC 2023.
  • Sandra Kostic, Maija Poikela: »Der Wandel von Vertrauen in eine digitale Identität? – Einblicke in eine Nutzerstudie«. HMD 60, 322–343 (2023).
  • Sandra Kostic, Maija Poikela: »The State or Private Enterprise? — The Shift in Users’ Preference for the Provider of an Identity Wallet”. SOUPS 2023 - Symposium on Usable Privacy and Security. 7. Aug. 2023.
  • Tudor Soroceanu, Nicolas Buchmann, Marian Margraf: »On Multiple Encryption for Public-Key Cryptography«. Cryptography. 2023; 7(4):49.


  • Jan Dennis Gumz, Simon Sebastian Hunt, Michael Stemmer, Sebastian Bock, Nikolay Vassiley Tcholtchev, Denny Mattern, Adrian Paschke, Marian Margraf. “Quanten-IKT. Quantencomputing und Quantenkommunikation”. (2022)
  • J. Priesnitz, R. Huesmann, C. Rathgeb, N. Buchmann, C. Busch. “Mobile Contactless Fingerprint Recognition: Implementation, Performance and Usability Aspects“. In: Sensors. Online journal (2022). DOI 10.3390/s22030792.
  • Maximilian Richter, Magdalena Bertram, Jasper Seidensticker und Alexander Tschache. "A Mathematical Perspective on Post-Quantum Cryptography." Mathematics 10, no. 15: 2579. 2022.
  • Christopher Mühl and Franziska Boenisch. "Personalized pate: Differential privacy for machine learning with individual privacy guarantees." PoPETs’23. 2022.
  • Sandra Kostic, Maija Poikela: "Do Users Want To Use Digital Identities? A Study Of A Concept Of An Identity Wallet." SOUPS 22. 2022.
  • Adam Dziedzic, A., Haonan Duan, Muhammad Ahmad Kaleem, Nikita Dhawan, Jonas Guan, Yannis Cattan, Franziska Boenisch and Nicolas Papernot. "Dataset inference for self-supervised models." arXiv e-prints, pages arXiv–2209, NeurIPS’22. 2022.

  • Sebastian Fischer, Katrin Neubauer, and Rudolf Hackenberg. “A Study About the Different Cate-gories of IoT in Scientific Publications”. In:CLOUD COMPUTING 2020, The Eleventh InternationalConference on Cloud Computing, GRIDs, and Virtualization. 2020, pp. 24–30.
  • Lukas Hinterberger, Sebastian Fischer, Bernhard Weber, Katrin Neubauer, and Rudolf Hackenberg.“IoT Device IdentificAtion and RecoGnition (IoTAG)”. In:CLOUD COMPUTING 2020, The EleventhInternational Conference on Cloud Computing, GRIDs, and Virtualization. 2020, pp. 17–23.
  • Katrin Neubauer, Sebastian Fischer, and Rudolf Hackenberg. “Security Risk Analysis of the CloudInfrastructure of Smart Grid and IoT - 4-Level-Trust-Model as a Security Solution”. In:InternationalJournal on Advances in Internet Technology13.1 (2020), pp. 11–20.
  • Sebastian Fischer, Katrin Neubauer, Lukas Hinterberger, Bernhard Weber, and Rudolf Hackenberg. “IoTAG: An Open Standard for IoT Device IdentificAtion and RecoGnition”. In: SECURWARE 2019, The Thirteenth International Conference on Emerging Security Information, Systems and Technologies. 2019, pp. 107–113.
  • Katrin Neubauer, Sebastian Fischer, and Rudolf Hackenberg. “Risk Analysis of the Cloud Infrastructure of Smart Grid and Internet of Things”. In: CLOUD COMPUTING 2019, The Tenth International Conference on Cloud Computing, GRIDs, and Virtualization. 2019, pp. 82–87.
  • Katrin Neubauer, Sebastian Fischer, and Rudolf Hackenberg. “Work in Progress: Security Analysis for Safetycritical Systems: Smart Grid and IoT”. In: 32nd GI/ITG International Conference on Architecture of Computing Systems May 20 – 21, 2019, Technical University of Denmark, Copenhagen, Denmark Workshop Proceedings. 2019, pp. 101–106.
  • Tim Ohlendorf,Wolfgang Studier, and Marian Margraf. “Digitale Identitäten auf dem Smartphone”. In: Datenschutz und Datensicherheit-DuD 43.1 (2019), pp. 17–22.
  • Stefan Pfeiffer and Martin Seiffert. “Security-Management-as-a-Service”. In: Datenschutz und Datensicherheit-DuD 43.1 (2019), pp. 23–27.