Experts from Fraunhofer AISEC presented cutting-edge customer solutions drawn from research and industry projects, and delivered insights into the equipment that the institute’s cybersecurity labs offer and the portfolio of projects they handle. Short-form expert sessions also explored key IT security matters, including artificial intelligence, post-quantum cryptography and trusted electronics.

The speakers gave special attention to methods of protecting sensitive data and communication in a world with quantum computers, provided insights into the opportunities and challenges presented by artificial intelligence (AI) in IT security and demonstrated correct ways of using trusted electronics in practice: for example, with RISC-V processors and open-source hardware.

“There is huge potential for innovation in cutting-edge technology like artificial intelligence or quantum computing, but it also poses a challenge for cybersecurity. At the same time, it’s essential that we make electronics production systems trustworthy,” said Prof. Claudia Eckert, executive director at Fraunhofer AISEC. “Our Cybersecurity Day gave companies and research institutions the opportunity to get acquainted with the latest IT security solutions and benefit from pioneering technologies — so it aligned perfectly with our ‘Innovating with security’ slogan.”

More information on Cybersecurity Day and on Fraunhofer AISEC’s research projects can be found in German on the institute website. An event brochure outlining all the subjects of the demonstrators and presentations is also available to download there.

Overview of IT security solutions 

The demonstrators exhibit showcased the following 17 IT security solutions (listed alphabetically here):

• BlackBoxCam: the dashcam that respects data privacy
  The BlackBoxCam records video data with no restrictions in length and maintains data privacy while doing so. Its recordings are stored in an encrypted format.
• Bug hunting with memory safety
  Cutting down on program code errors: developing secure, error-free software before a security incident occurs.
• Clouditor: monitoring cloud systems
  This open-source tool enables automated, continuous monitoring of cloud systems.
• Deepfakes: checking the authenticity of audio files
  The Deepfake-Total platform checks the authenticity of audio files and performs automatic verification of media content.
• The edge-cloud continuum
  This area of research, conducted by the Fraunhofer Cluster of Excellence Cognitive Internet Technologies CCIT, focuses on creating a continuous data space in which computing power is dynamically shifted as needed.
• IIoT: creating trust in industrial environments
  Firmware that provides evidence of the hardware and firmware integrity of sensor nodes and gateways in industrial environments.
• IT security for vehicles
  The gallia diagnostic tool and targeted pentests make it possible to perform an IT security assessment for vehicle control units and services.
• Mobile ad-hoc networks for disaster situations
  The GyroidOS platform separates official and civilian communications in mobile ad-hoc networks set up in disaster situations.
• Pay per scan: exploiting new business models through trustworthy logistics chains
  The GyroidOS open-source virtualization solution makes it possible to perform secure, automated goods data capture (collaboration with SICK AG).
• Remote attestation: evaluating platform integrity
  A framework assures the identity of the communication partner and the integrity of the software stack being used while data is being exchanged between networked devices.
• Resiliency for embedded systems
  The Resiliency for Embedded Devices platform automatically restores the function of compromised devices.
• Robustness assessment for neural networks
  Deal with attacks on AI applications using quantitative robustness assessments, risk assessments for the entire system, recommendations for best practices and countermeasures.
• Secure data spaces
  A software stack enables monitoring and protection for sensor data in smart factories and during predictable maintenance.
• Security vulnerability analysis with a view to error attacks
  ARCHIE, an automated open-source tool, analyzes the program code for areas that are vulnerable to error attacks.
• Usable security and privacy: making IT security user-friendly
  Increasing users’ trust of applications will create more acceptance of IT security.
• Woodpecker: efficient, precise code analysis
  The Woodpecker modular toolbox provides a comprehensive report of vulnerabilities identified in software and suggests ways of remedying them.
• Zero trust for telematics infrastructure
  The zero-trust architecture concept in TI 2.0 will lead to more uptake of digital healthcare services and strengthen the information security of the services themselves.