Many industries are undergoing radical change. More and more products and services are being created with software or they contain critical software-based components. Competition and innovation are forcing companies to continuously accelerate the software life cycle. The organizational and engineering dividing lines between the pre-operational and operational phases are becoming blurred.
Software development frequently includes wide range of separate value chains involving software manufacturers, outsourcing providers, system integrators, and in-house company resources. The result is that commercial and individual software components are combined with software services and then aggregated into complex, software-based solutions.
These developments impact not only providers such as in the media industry, which is characterized by increasingly digitalized production and marketing processes and the need to supply direct interfaces all the way to the end user through software-based solutions. With growing numbers of products that contain critical software components and which are integrated into various systems by means of software-based interfaces, other industries are also affected by these trends, whether it's medical equipment manufacturers or durable goods producers.
The use of software and software-based solutions can put various aspects of an enterprise at significant risk, including proper operation of the business, the intended use of its products, intellectual property, the company's reputation, and adherence to regulatory requirements. Vulnerabilities can arise through third-party or in-house developed software components, how they are combined and configured, and also as a result of unanticipated operational conditions.
Fraunhofer AISEC develops methods, tools, and approaches for the development and analysis of secure software components and software-based solutions. We take a holistic view of the software solution life cycle, focusing on constructive measures to ensure that security is incorporated into the design and given adequate consideration during the integration and configuration phases.