Security Engineering

As one of the most important issues, the Security Engineering working group is investigating how to ensure IT security in resource-constrained devices. The focus of the research is on the development of methods and systems which are largely protected against attacks, i.e. around the provision of "security by design". Attacks are becoming more and more complex in recent years, with new variants and completely new attacks appearing with increasing frequency. This means that "rigid" mechanisms can no longer provide adequate protection. Therefore, this research group focuses on the applicability of artificial intelligence methods in embedded, i.e. resource-constrained, systems, for the detection of known but especially novel attacks. Different approaches are being pursued here. In the area of network security, lightweight intrusion detection methods or approaches to implement them in a lightweight manner are being investigated. This includes artificial intelligence methods as a way to detect attacks against networks and also against embedded devices. This results in two extraordinary challenges. First, embedded systems have limited computing power, so complex AI methods cannot be used, at least in software. To meet this challenge, hardware accelerators are being developed as already started in the MORFEUS project. The second challenge arises from the fact that embedded systems may have only a very limited amount of data available, so it is unclear whether training AI methods with these data sets is even possible. This problem is being investigated in the KISS_KI (KISS_AI) project for network attacks against critical infrastructures. In addition to ensuring network security, it is essential to ensure confidentiality, data integrity and authenticity using cryptographic methods. These processes are very computationally intensive and are therefore often implemented with the help of hardware accelerators. Artificial intelligence methods are used to analyze the side-channel resistance of these hardware accelerators.

Main targets

•  Overall Goals
  • Methodology for realizing secure systems
  • Tools to support the design process
• Selected Individual Goals
  • AI methods as means to detect attacks against networks and devices 
  • Efficient implementations of AI means for use in embedded devices

Research topics

• Investigating tools to determine optimal set of security means
• Research security of hardware accelerators for AI 
• Research and refine attacks against ICS and CRITIS
• Researching efficient AI means for detecting network attacks
• Researching means for hardening embedded devices

Research results

• Successful Attacks
  • Tool for generating ROP attacks 
  • Horizontal Side Channel attacks using statistical and AI means
  • PLC injection against Siemens S7-1500 
  • First group reporting ROP against Xtensa with windowed ABI configuration 
  • World leading group’s Randomized Montgomery ladder implementation successfully attacked 
• Countermeasures
  • ROP detection using SVM on FPGA
  • Improved SCA resistance of IHP’s crypto accelerator
• Unique holistic approach: including Hard- and Software from devices up to networks