The Technology Transfer Centre for Digital Security at the Vilshofen Technology Campus (TCV) conducts application-oriented research on the protection of industrial automation technology, critical infrastructures, electronic systems in automobiles and avionics as well as other embedded systems against threats arising from the use of information technology. Targeted cyberattacks, Trojans, viruses, but also faulty configurations endanger embedded IT and IoT systems. The disruption of technical processes in machines and systems can cause production downtimes, non-availability of critical infrastructures, e.g. water or power supply, or dangers to life and limb due to faulty control. With our industrial and academic partners, we create practical solutions to protect these systems.
The TC Vilshofen is currently in the construction phase. Construction work on the TC began on 16 June 2021. The work is expected to be completed in the middle of next year. In October 2022, the new premises will be occupied.
The building includes workplaces for about 40 people and offers different state-of-the-art laboratory areas. In addition to the laboratory and work areas, the TC offers space for training courses and events. In addition, the TCV offers a variety of meeting and encounter rooms to promote creative work among researchers. Here, emphasis is placed on modern room design and current approaches to work design are implemented to ensure high productivity and a wealth of innovation.
The aim is to establish itself regionally and nationally as the first point of contact for digital security issues. In addition to research projects, services such as contract research, development services and consulting are to become an integral part of the TC. Work is already underway on research projects that will be continued at the TC. Among other things, the staff of the ProtectIT Institute will find a new home at the TC Vilshofen.
The contact persons of the TCV are always available to answer your questions. They are also happy to discuss current problems and cooperation opportunities.
The core competences of TC Vilshofen lie in the area of protection of networked embedded systems, detection of anomalies and attacks in network traffic, for example by means of artificial intelligence, as well as the conception, development and analysis of suitable reaction measures to IT security incidents.
The working group Protection deals with the topic of cryptographic engineering, a relatively young, multidisciplinary field. This deals with the secure implementation of cryptographic procedures. The correct development, implementation and validation of state-of-the-art cryptographic methods in hardware and software requires the cooperation of experts in mathematics, electrical engineering and computer sciences. As is so often the case, however, the devil is in the detail. Apparently small changes can have serious effects on the security of the overall system.
Increasing digitalisation and networking, driven for example by the Internet of Things and Big Data, result in a much larger attack surface today. Furthermore, attacks are constantly evolving (keyword Advanced Persistent Threats, APT). Firewalls and purely signature-based methods quickly reach their limits and are not sufficient for holistic protection in future communication networks.
The Detection working group has set itself the goal of developing network intrusion detection systems together with industry partners that enable a systemic IT security strategy through a hybrid approach. Part of this hybrid approach are, on the one hand, classical methods, e.g. rule-based anomaly detection with Snort, and, on the other hand, modern machine learning methods that are specially optimised for use in the area of embedded systems, e.g. Isolation Forest, LODA. Target sectors are the industrial sector (e.g. Industry 4.0) and the automotive sector (e.g. Car-to-X).
An important point in an overall IT security concept is the reaction to a detected incident. We work with companies to develop suitable concepts for them on how to react quickly to an incident. For this purpose, we develop suitable visualizations and suitable reporting and evaluation tools. However, measures are also developed, such as a relapse level in which the most important functions in the network can be maintained in order to be able to operate machines and plants in a protected manner in an emergency operation. Trusted Computing approaches are used that have been transferred to the embedded world.
In addition, we deal with systems that react semi-autonomously or fully autonomously and that can react independently in the event of a detected incident. For this purpose, suitable algorithms for the aggregation and correlation of alarm messages are being researched. The aim is to develop systems that can harden themselves, for example by creating suitable filters. Current research focuses on the use of Software Defined Networking (SDN) in industrial and automotive networks, which allows the reconfiguration of network components during operation. Using state-of-the-art technologies, such as P4, reaction mechanisms for real-time networks are also being researched.
Applied research and development is carried out at the Deggendorf Institute of Technology in close cooperation with partners from the industry. This industry-oriented research at the university differs from the classic basic research in the universities in its focus on application and use. For this purpose, special research groups have already been formed in the fields of technology and business in order to bundle competences, ideas and know-how.
European cutting-edge technology is characterised by intensive cooperation between industry and the universities and institutes. At the Deggendorf Institute of Technology, this is taken into account by a wide range of research and development activities:
Our team and staff are here to help you with questions concerning research and development.