The increasing interconnection of previously isolated systems poses new challenges for ensuring appropriate levels of cybersecurity and dependability. This development is especially evident in in the area of critical infrastructures, for example in the energy economy, in industrial production or networked mobility, but also in "intelligent" environments. As our society increasingly depends on such systems, the systematic design, evolution and operation of secure and dependable software-intensive systems represents a grand challenge in informatics and system engineering.
The goal of KIT researchers is to research and develop comprehensive engineering methods in the area of IT security and dependability in addition to devising specific, sometimes partial solutions. In doing so, we put a particular focus on specific application areas, such as power grids or intelligent factories. Engineering here refers to systematically achieving working solutions that are not only secure (and here we include privacy and safety in our notion of security), but also yield guaranteed dependability properties (i.e. performance, availability, and reliability) and additional quality properties (e.g., usability, and also costs) and achieve the best possible trade-offs between conflicting goals regarding different quality properties as well as societal aspects.
Notable projects in this topic are KASTEL, which started as a federally funded competence center for applied security technology and has recently been transferred into a topic in the Helmholtz association, and AUDITOR, which aims to develop a European cloud service data protection certification and is coordinated by KIT researchers.
Second Level Research Topics:
Research on cyber security at KIT deals with different sub-disciplines. These include the security of computer networks and distributed systems, (quantum) cryptography and secure multi-party computation, the privacy and protection of data, application and system security, but also social aspects such as the perception and usability of computer security. In these areas, we increasingly consider the interfaces with artificial intelligence and learning systems, i.e. the use of intelligent methods for achieving security but also the security of artificial intelligence and learning systems. In these areas, KIT puts a strong focus on the implementation of real, practical systems and applied security research. However, the development of fundamental methods and the demand for innovation to novel security solutions is not neglected.
The activities in the area of dependable hardware are related to various aspects of test, reliability and fault tolerance of advanced technologies such as nanoscale CMOS technologies as well as emerging technologies for computing such as spintronics, memristors, printed electronics, and approximate computing. In particular we investigate design for testability and test generation techniques for nanoscale logic and emerging memory technologies. We analyze different sources of unreliability in advanced hardware technologies such as temporary failures due to radiation induced soft errors, as well as aging effects in nanoscale transistors and interconnect aging due to electromigration. To mitigate these nanoscale reliability detractors, we work on various "cross-layer" reliability techniques by considering the effects from technology, device, hardware, microarchitecture and the running application, to achieve cost-efficient reliability solutions. Other activities are related to self-aware reliable system design in which the runtime system using various machine learning approaches and anomaly detection can predict and prevent failures. We also research emerging computing paradigms such as approximate computing, computation in memory, near threshold computing, and neuromorphic computing by investigating testability and reliability issues.
Research in the area of reliable software includes methods of formal verification of software and software engineering methods for the development of dependable systems. In the area of verification, we investigate classical questions such as functional properties, relational properties, SAT/SMT solving and information flow, but also social choice algorithms and voting methods. When doing so, the research groups explore both foundations and algorithms as well as applications for concrete problems or domains. Exemplary application areas are critical infrastructures, production systems and automotive software. In the area of software engineering, we are concerned with an engineering approach to the design and development of complex software systems. In particular, we conduct research in the areas of modelling software components and architecture as well as quality assessments using such models, especially for long-living and simultaneously rapidly evolving systems. .