Advancements in Industrie 4.0 are driving forward the networking of systems and machines, the Industrial Internet of Things (IIoT). This heightened networking serves as a pivotal stepping stone towards the intelligent, adaptable ‘factory of the future’, offering unprecedented potential for process optimisation. At the same time, however, this expansion also amplifies the vulnerability of a company’s IT infrastructure to possible cyber threats. As a result, the continuous reinforcement of IT security in companies is of paramount importance, enabling the rapid detection and assessment of both existing and emerging security risks.
AutoSCA | AutoSCA: Automated vulnerability analysis of cryptographic protocols
|
Project duration | 05/2020 - 04/2022
|
Project partners | in the overall project
Associated partners
|
Group Coordinator
|
Universität Paderborn
|
Project contribution by achelos (sub-project) | Automated TLS analysis tools based on machine learning
|
Project volume | €0.79 million (92% of which is funded by the Federal Ministry of Education and Research (BMBF))
|
Project sponsor | VDI/VDE Innovation + Technik GmbH
|
Project website (in German) |
|
Continuously assessing the efficacy of implemented protective measures poses a significant challenge within complex and heterogeneous system landscapes. This challenge is particularly pertinent in software security, given the often daunting volume of code lines. As a result, automated testing of the correctness of software implementations is essential to reduce the workload on specialised personnel. In the AutoSCA project, novel methods for automatically detecting vulnerabilities are being researched and refined. Effective and efficient automation is possible through the combination of new insights in IT security with artificial intelligence (AI) methods. The primary focus lies on vulnerabilities stemming from physical or logical side effects in implementations, commonly known as side channels. The developed methods are translated into a tool for automating the detection of software side channels, enabling thorough evaluation.
Classification in the Reference Architecture Model Industrie 4.0 (RAMI 4.0)
In interdisciplinary teams comprising cryptographers and machine learning experts, achelos cultivates expertise in machine learning fundamentals and appropriate machine learning methods. This knowledge is leveraged to uncover additional cryptographic vulnerabilities using achelos’ test suites for secure network protocols.
Within the AutoSCA framework, achelos aims to achieve the following objectives:
- Cultivating expertise in machine learning fundamentals and methodologies by collaborating with the specialist groups involved, facilitating the discovery of cryptographic vulnerabilities
- Improving the quality, in particular the test coverage of existing test suites through the algorithms developed within this funding project
- Automate the generation of test data for seamless integration into existing test environments
- Conduct field tests to assess practical usability
- AutoSCA project website (in German)
- Link to Plattform INDUSTRIE 4.0
For more information on the AutoSCA funded project
Dr. Claudia Priesterjahn
Team Lead Research & Secure Communication Development
claudia.priesterjahn@achelos.de +49 5251 14212-0