Hannover Messe 2024

Industry 4.0: Security chip enables acknowledgement of safety systems of machine tools via the Internet

Press release /

© TRUMPF, Fraunhofer AISEC
The Fraunhofer AISEC, Technical University of Munich, Siemens and TRUMPF have teamed up in a project called PoQsiKom to develop a way to securely release the protected areas of machine tools remotely.

Advances in digitalization require new encryption technologies for industrial processes, which are increasingly connected across international borders. One example is the acknowledgement of safety systems of machine tools via the Internet. The Fraunhofer Institute for Applied and Integrated Security AISEC, Technical University of Munich, Siemens AG, and high-tech company TRUMPF have teamed up in a project called PoQsiKom to develop a way to securely release the protected areas of machine tools remotely. The new concept is based on a versatile chip with crypto-agile quantum security technology that will also stand up to future threats. The partners will be showcasing their demonstrator in Hall 002, Stand B24, at Hannover Messe 2024.

The growing trend towards intelligent manufacturing means more communication between different operating equipment components. Because this communication is increasingly taking place across the boundaries of internal trust domains, such as in international collaboration, it is no longer enough to have authenticated and secure communication links in place. It is also necessary to verify the trustworthiness of the data generated and exchanged on the devices.


Security primitive ensures trustworthiness of critical data 

One example is the safety of machine tools. Safety systems were previously acknowledged by people physically present on-site, using local hardwired terminals. Now, thanks to the implementation of cryptographic components also known as security primitives in each individual device, it is also possible to acknowledge the safety systems remotely, even from another country. The machine tool’s safety area is protected by photoelectric barriers. When one of these barriers is breached — by a third party, an animal, or an object, for example — the machine stops. The machine cannot resume operation until a trained person has released it. This used to require an in-person check at the specific location. Now, with remote access, there are stricter requirements for the availability, authenticity, integrity, and confidentiality of the data used than there were with these in-person checks. For example, it is necessary to ensure the authenticity of the emergency stop itself, along with the integrity and confidentiality of the video data transmitted. In the demonstrator scheduled to appear at Hannover Messe, a hardware chip (trust anchor) functions as the security primitive proving the authenticity of the applications used. Agile and post-quantum secure cryptography can be adjusted flexibly to the relevant use case and the IT systems and applications involved. It protects the exchange of data via remote access, even against attacks by quantum computers.

The trust anchor is designed right into the devices. A real-time-capable operating system that has been hardened against malware prevents data from being compromised during processing. The security technology also guarantees the correct and unchanged status of remote systems. The generic trust anchor programming interface (GTA API) enables simple and efficient use of the trust anchor. It incorporates international standardization activities such as “ISO/IEC TS 30168 Internet of Things (IoT) — Generic Trust Anchor Application Programming Interface for Industrial IoT Devices.” The encryption algorithms used can be run on devices with limited resources and implemented in specific field-programmable gate array (FPGA)-based solutions.


Research and industry, hand in hand

Within the PoQsiKom (Post-Quantum Secure Communication for Industry 4.0) project, TUM is responsible for the FPGA-based hardware platform for the trust anchor and, together with Siemens AG, for the implementation of the cryptographic post-quantum algorithms. Fraunhofer AISEC is responsible for securing the real-time-capable operating system, while Siemens AG is in charge of developing and standardizing the GTA API. TRUMPF is developing a concept for the acknowledgement of safety systems via the Internet and implementing this concept, with the trust anchor for secure communication developed as part of the project, in a demonstrator that will be on view at Hannover Messe.

The project is receiving €2.4 million in funding from the German Federal Ministry for Economic Affairs and Climate Action (BMWK). It is due to run until November 30, 2024. Internationally, it is associated with the South Korean KOSMO (Korean Smart Manufacturing Office), which will also be presenting a demonstrator at the same stand at Hannover Messe 2024.

More information on the project can be found at: www.poqsikom.de