KRITIS Scalable Safe and Secure Modules
Motivation
Because of its key importance to public safety, it is enormously important to secure critical infrastructure, such as water and power supplies. Since 2021, the German IT Security Act 2.0 obliges operators to operate such systems securely according to the current state of the art and to integrate attack detection. With the increasing complexity of systems and the rising intensity of hacker attacks, it is therefore essential to protect communication networks within critical infrastructures in a holistic and sustainable manner in accordance with the latest security requirements.
Approach and goals
The aim of the project is to achieve holistic data security protection in critical infrastructures by integrating security modules, in particular using smart cards. These security modules are scaled for different layers of the networks and are designed to ensure a high level of security over the entire service life (up to 30 years) of the corresponding infrastructure components. To achieve this, the goal of security agility in particular is being pursued, whereby IT security components can be easily updated or even replaced within a modular architecture in order to preempt threats from aging encryption algorithms or new security vulnerabilities. Furthermore, the modules are to include innovative features for the detection of attacks specifically in the domain of critical infrastructures.
Rohde & Schwarz Cybersecurity focuses in KRITIS³M on achieving confidentiality and integrity of data within critical infrastructures. To this end, expertise on security agility, system encryption and cryptography software is contributed. For agile adaptation to future threats potentially posed by quantum computers, Rohde & Schwarz Cybersecurity is targeting the usability of resistant, albeit more resource-intensive, algorithms from post-quantum cryptography.
Project organization
KRITIS³M is a joint research project funded by the Federal Ministry for Economic Affairs and Climate Action (BMWK) as part of the Initiative “Electricity Networks”. Various specialist partners from research and industry are involved in the project. The OTH Regensburg, Technical University of Applied Sciences, is responsible for the project lead.
- Project management: Projektträger Jülich
- Consortium: OTH Regensburg, Atos Information Technology GmbH, CANWAY Technology GmbH, FlowChief GmbH, GAI NetConsult GmbH, Microsys Electronics GmbH, Zweckverband Laber-Naab, Rohde & Schwarz Cybersecurity GmbH
- Project duration: 01/2023 – 12/2025