KIT Strengthens IT Security Research

10 Years in the Service of Cybersecurity: KASTEL Continues its Successful Research in KIT's New Institute for Information Security and Reliability

Founded on February 28, 2011, as one of three national competence centers for cybersecurity at the initiative of the Federal Ministry of Education and Research at the Karlsruhe Institute of Technology (KIT), the Competence Center for Applied Security Technology, or KASTEL for short, has successfully advanced IT security research. After a decade, this work will now be continued - further under the name KASTEL - in the KIT's specially founded Institute for Information Security and Reliability for an unlimited period of time. KASTEL will also be involved in program research of the Helmholtz Association and continue existing cooperations. The central topics of the coming years include IT security with a view to Industry 4.0 and 5G network expansion.

Das BlurryBox-Verfahren wurde 2014 von KASTEL entwickelt
The blurry box method developed at KASTEL to counter industrial espionage received the German IT Security Award in 2014. (Photo: Patrick Langer, KIT)


The goal of KASTEL is to better protect industry and society from the increasing number of cyberattacks through its broad interdisciplinary approach, which also includes legal and social science issues, and bundles all competencies in the field of IT security at KIT.

"Rising complexity, increasing networking, and acceleration in IT systems pose growing challenges for security," Professor Jörn Müller-Quade, one of the initiators of KASTEL, describes the development of the past decade. Governmental, semi-governmental and corporate attackers now have enormous know-how and almost unlimited resources at their disposal. At the same time, the rapidly advancing digitalization of more and more areas of life and work has led to an increase in risks in cyberspace.

According to Müller-Quade, Industry 4.0 and the 5G expansion of the mobile data network pose further challenges for the newly founded institute. He sees the provability of security as one of the central tasks of the future: "How do we deal with the fact that we no longer have digital sovereignty over our devices? You have to design software and hardware in the future so that there is some kind of proof that it is safe to use, without vulnerabilities and backdoors."

Awareness of the dangers of digital surveillance

"In the new institute, we can now systematically look at privacy protection. We need to identify the mechanisms that enable data collection. And then ask the question where and how they harm society," explains Thorsten Strufe, Professor of Practical IT Security at KIT and one of KASTEL's research directors. Among other things, his research helped to uncover data protection problems in social media. Making knowledge about the threats to privacy more accessible to society and thus initiating a debate is another goal of KASTEL. In 2015, for example, installations were presented at the exhibition "Global Control" of the ZKM | Center for Art and Media, which allowed visitors to see the technologies of digital surveillance in an impressive way.

Defense against industrial espionage

Since its founding, KASTEL can look back on a number of initiatives and innovations in the field of IT security. In 2014, for example, the Blurry Box process was awarded the German IT Security Prize. This is a software protection against industrial espionage and sabotage that protects even if the attackers are aware of the protection mechanism.

As a member of the scientific working group of the National Cyber Security Council, KASTEL spokesman Müller-Quade advises the German government on strategic cyber security issues. For example, the growing security risks posed by the Internet of Things are addressed.

At the very moment, the team around junior professor Christian Wressnegger is investigating in the project "Poison Ivy" how security attacks on artificial intelligence (AI) applications, such as data-based backdoors, can be detected and closed.

Security expertise for the digital world of tomorrow

In teaching, KASTEL has worked to make the aspect of security an integral part of computer science studies at KIT. In 2013, for example, KASTEL developed the KASTEL Certificate, an offering that teaches the basics of cybersecurity. This certificate can also be obtained by graduates of business informatics and information management. With the specialization in IT security in the master's program, the KIT Faculty of Computer Science additionally offers an interdisciplinary education close to research in central areas of IT security.

Continuation of Longstanding Interdisciplinary Cooperation

An essential part of KASTEL is also the close cooperation of KIT with its long-term partners FZI Forschungszentrum Informatik, an innovation partner of KIT, and the Fraunhofer Institute of Optronics, System Technologies, and Image Exploitation (IOSB). Experts in software, networks, cryptography, energy informatics, law, economics, and sociology cooperate. (SF)


Further information security procedure "Blurry-Box":
https://www.kastel.kit.edu/712.php

Further information about the KASTEL certificate for students:
https://www.kastel.kit.edu/zertifikat.php