Se­cu­rity & Re­silience En­gi­neer­ing

The aim of this work­ing group is to de­velop meth­ods and tools that en­able the re­al­i­sa­tion of trust­wor­thy, re­li­able and in­tel­li­gent cyber-​physical sys­tems.  To achieve this goal, ap­proaches for an ap­pro­pri­ate de­sign method­ol­ogy will be in­ves­ti­gated and im­ple­mented. Ideas for the de­sign of such sys­tems are taken from na­ture. Di­ver­sity within a com­plex sys­tem in­creases its re­silience to var­i­ous threats. For ex­am­ple, mixed forests are much more re­sis­tant to pests and fires than mono­cul­tures. Ideas can also be de­rived for IT se­cu­rity. Plants com­mu­ni­cate to get help against preda­tors. This prin­ci­ple can be ap­plied to the dis­tri­b­u­tion of IT se­cu­rity mea­sures in com­plex cyber-​physical sys­tems. A key as­pect here is the de­vel­op­ment and eval­u­a­tion of met­rics that allow the de­gree of re­silience and IT se­cu­rity achieved in the de­sign phase to be de­ter­mined as re­li­ably as pos­si­ble. A par­tic­u­lar chal­lenge is to find ap­proaches that en­able sys­tems to adapt in the event of at­tacks or sub­sys­tem fail­ures. To this end, ap­proaches from the field of ar­ti­fi­cial in­tel­li­gence are being in­ves­ti­gated, which en­able sys­tems to ob­serve and as­sess their cur­rent state and to adapt to changes. Such ap­proaches will also be in­ves­ti­gated and used to eval­u­ate the dif­fer­ent de­signs and their evo­lu­tion.

The fact that CPSoS es­sen­tially con­sist of resource-​constrained sub­sys­tems is an ad­di­tional de­sign chal­lenge, since not all mech­a­nisms, e.g. in the area of IT se­cu­rity, can be im­ple­mented on all sys­tems. This means that mech­a­nisms are needed to dis­trib­ute them as op­ti­mally as pos­si­ble. Cur­rently, mixed-​integer lin­ear pro­gram (MILP) ap­proaches in com­bi­na­tion with ar­ti­fi­cial evo­lu­tion ap­proaches are being in­ves­ti­gated.

To sup­port the im­ple­men­ta­tion of the sys­tems, in ad­di­tion to the de­vel­op­ment tools, a com­po­nent li­brary will be cre­ated to store suit­able so­lu­tions. Some of these will be de­vel­oped by the SRE work­ing group, par­tic­u­larly for IT se­cu­rity mea­sures, while oth­ers will be adopted and in­te­grated from the IIoT and PC work­ing groups or from other de­part­ments.