Industrial and Embedded Security

Industrial and Embedded Security

With the trend towards Industry 4.0 and the Internet-of-Things, more and more devices that previously had no computation power and communication capabilities are being integrated into large cyber-physical systems and connected to the Internet.

While these technologies bring about many benefits, they also introduce considerable security risks: Previously closed systems are now vulnerable to attacks from afar and commonplace items such as coffee machines or TVs, which were previously not considered to be interesting targets, can be used as entry points for attackers to the network or to spy on the user.

Securing embedded devices is not trivial. Most embedded devices are constrained in their computation power, memory and energy consumption. Hence, security solutions need to not only be secure but also efficient enough to run on these systems. Traditionally, attackers did not have physical access to the device they are attacking. However, for many embedded devices it is very reasonable to assume that an attacker can gain physical access to the device. This physical access gives the attacker a whole range of new attack options such as side-channel and fault attacks. In addition to this, many industrial and embedded systems have a lifetime of several decades and cannot easily be replaced. New methods are therefore needed to ensure the security of these systems despite the presence of legacy devices and – equally important – to ensure that today’s devices will not become security vulnerabilities in the future.

Here at the DSI, we take a holistic view of the problem of embedded and industrial security. We have extensive technical background in embedded security and in particular with physical attacks and hardware security components such as TRNGs and PUFs. Additionally, we also have an understanding of the economics surrounding embedded security with issues such as legacy systems, counterfeits, hardware Trojans and IP-protection. We work on solutions that not only fulfill stringent security requirements but that also take into account the limited available resources in embedded systems as well as their economical realization.

Meet our experts: