Applied Cyber Security Darmstadt

Welcome to the research group Applied Cyber Security Darmstadt at Darmstadt University of Applied Sciences.The group is headed by Prof. Dr. Christoph Krauß and Prof. Dr. Alexander Wiesmaier.

We are specialized in the protection of IT systems and applications in the fields of automotive, railway, computer networks, embedded systems, IoT and cloud. Our application-oriented and user-friendly solutions are based on the use, adaption, or development of cryptographic technologies.

We are affiliated with the IT Security experts group at the Department of Computer Science at Darmstadt University of Applied Sciences and the  ATHENE National Research Center for Applied Cybersecurity.

 

Driving tests for automotive security at the Griesheim airfield

As part of the master's project system development Automotive Security, driving tests were carried out in mid-July at the airfield in Griesheim…

 

Erasmus+ Automotive Cyber Security Academy 2022

For Bachelor students (2.5 ECTS): 8 online lectures (theory) and 2 weeks in Timisoara/Romania (practice), funded by Erasmus+

 

Preventing the perfect murder

Cars have become rolling computers by now, which obviously brings benefits with it … but also a few handicaps: they have become vulnerable, as some…

 

Master's Thesis: End-to-End Security for e-Mobility Communication

The data flows involved in EV charging shall be analyzed with regards to their security under the assumption that intermediate actors could be…

 

Student Assistant (HiWi): PQC-PACE

In the PQC-PACE project we investigate as part of the ATHENE research area Cryptography the migration of electronic identity documents (eCards) to…

 

In the PQC-PACE project we investigate as part of the ATHENE research area Cryptography the migration of electronic identity documents (eCards) to quantum-resilient schemes, so-called post-quantum cryptography (PQC).

Contact: Prof. Dr. Alexander Wiesmaier

As part of a bigger research effort, we concentrate on the PACE protocol which is at the heart of many eCard security mechanisms. This includes the analysis of the current state-of-the-art in both PQC and eCards, the underlying infrastructures, challenges, and possible solutions starting from the hardware and infrastructures, over scheme suitability and protocol design, and all the way up to a full-scale approach for PQC migration and crypto-agility. The proposed research helps paving the way towards securing eCards against the threat of quantum computers, enable crypto-agility, and provide building blocks for similar systems.

In the PORTUNUS project we investigate as part of the ATHENE research area Cryptography crypto-agile APIs for hardware implemented post-quantum cryptography.

Contact: Prof. Dr. Alexander Wiesmaier

The development of quantum-resistant cryptographic schemes (PQC) is advancing. To enable its efficient practical application the three-way abstraction gap between 1) cryptographers who design PQC algorithms, 2) platform experts who realize these algorithms on hardware, and 3) software developers who want to use these must be closed. In the project PORTUNUS the partners from Fraunhofer SIT, TU Darmstadt and Hochschule Darmstadt deal with this topic. While our partners deal with the description and realization of PQC algorithms on hardware, our focus at Hochschule Darmstadt is on easy-to-use and crypto-agile access to the PQC implementation, including support for runtime specific needs.

The project SEcure Automotive COmmunication Protocols (SEACOP) is part of the ATHENE research area Secure Autonomous Driving (SAD).

Contact: Prof. Dr. Christoph Krauß

Autonomous driving requires new automotive technologies that rely on increased computing power and increased data exchange within the vehicle and to the outside world. New technologies such as Automotive Ethernet are replacing or extending legacy technologies within a vehicle such as LIN, CAN, MOST, or FlexRay. Also new E/E architectures are used in autonomous vehicles including domain fusion, centralization, ECU consolidation / integration of multiple functionalities in one ECU (including mixed criticality), and increased backend connection. Also in the automotive world new approaches such as service-orientation are introduced with the AUTOSAR adaptive platform. From a security perspective, this technology change is ambivalent since it enables new attacks but also enables the use of (new) sophisticated security solutions or the use of established Internet security protocols within a vehicle. However, there are still many issues to solve. Internet protocols such as (D)TLS or IPsec using TCP/IP or UDP/IP have not been specifically designed to address automotive requirements, e.g., support for multicast communication, or latency and bandwidth guarantees. A thorough evaluation of such protocols and adaptions / improvements is required. In addition, entirely new protocols need to be developed for certain scenarios. Furthermore, designs for communication architectures, e.g., the use of firewalls, domain separation, filtering mechanisms, or VLANs, requires additional research. In addition to already intensively investigated ITS Vehicle2X communication, new communication protocols are rising. For example, autonomous electric vehicles will communicate wirelessly with charge points using ISO 15118 Edition 2. The vehicle communicates the estimated time of arrival, battery status, required energy, and desired point in time to continue the travel to the charging point, which enables optimal charging schedules as well as the optimization of the load management to use the energy grid effectively. In addition, protocols for secure over-the-air (OTA) code updates are required (which is also required by the UNECE WP.29 regulation).

The goal of SEACOP is to improve the communication security within the E/E system of autonomous vehicles and for selected external communication. To achieve this goal, we evaluate existing protocols, develop new protocols, and implement and evaluate our new solutions. Concrete, we address the following objectives:

  • Evaluation of (security) protocols used in the automotive domain and other domains which may be suitable for use in E/E architectures of autonomous vehicles
  • Development of improved and adapted protocols as well as new protocols for the use within vehicles
  • Evaluation of protocols used for external communication with focus on remote management and communication of electric vehicles with the charging infrastructure
  • Development of improved and adapted protocols as well as new protocols for the external communication
  • Prototypical implementation and evaluation

Thus, the results of this project are analyses of the applicability of security protocols, adapted and new protocols, and their prototypical implementation and evaluation.

The project Agile and Easy-to-use Integration of PQC Schemes investigates as part of the ATHENE research area Cryptography the praktical challenges introduced by the migration from classical to PQC schemes.

Contact: Prof. Dr. Alexander Wiesmaier

Post-quantum cryptographic schemes have been under development for several years. Very soon there will be standardized post-quantum algorithms replacing the previous standards, which will eventually become obsolete. In order for quantum-resistant cryptographic Measures to be utilized, one needs more than simply developing secure post-quantum algorithms. The migration towards PQC poses great challenges on different levels. Those are not only restricted to the integration into existing protocols, but also include performance issues such as hardware specifications and memory usage, and especially the uncertainty of long term security of the new algorithm families. Moreover, a major challenge lies within finding suitable means of communicating and negotiating new algorithms and protocol parameters between different IT-systems. This leads to the urgent need for establishing the concept of crypto-agility, so as to be prepared for the rapid changes of cryptography, and insure the compatibility in all possible scenarios and settings.

Our research group deals with the challenges of post-quantum cryptography migration, and searches for answers to the open questions in this field. We build upon our findings and analysis towards finding suitable solutions for achieving said migration and establishing crypto-agility in IT-systems. Our goal is to develop such solutions through design, strategies, frameworks and interfaces. On the one hand we conduct research on the newest findings regarding cryptographic measures and  their development state. On the other hand, we Contribute to cutting edge post quantum cryptography technologies and it's applications, as we transform our theoretical and scientific findings into practical solutions.

The project Pentester's Parcours deals with the development and provisioning of a practicing environment for offensive security, i.e. a dedicated target for white hacking attacks.

Contact: Prof. Dr. Alexander Wiesmaier

The environment simulates a company network consisting of multiple computers running different applications. Various vulnerabilities have been placed within the system, which allows attackers to successively invade the network. An important feature of the environment is the ability to be easily reset (after an attack) to its initial state. A further important feature is the ability to be easily replicated. Both is realized by applying virtualization technology. Last but not least, an easy management of the environment is provided by automation tools.

Funded by the German Federal Ministry for Economic Affairs and Energy (BMWi) the ZIM network Digital Shadows brings together experts from industry and academia with the purpose of conducting joined research and development projects in the area of digital shadows.

Contact: Prof. Dr. Alexander Wiesmaier

A digital shadow denotes all data that is gathered while executing or using a concrete process or service. Together with the digital master that models the general behavior and relations of the process or service, the digital twin can be generated. The latter is then a digital reflection of the concrete instance of the process or service.

Contact

Prof. Dr. Christoph Krauß

Communication
Office: D19, 3.07

+49.6151.16-30152
Short profile

Prof. Dr. Alexander Wiesmaier

Communication
Office: D19, 209

+49.6151.16-30185

Members

Nouri Alnahawi

Short profile

Jannis Hamborg

Dominik Heinz

Dustin Kern

Timm Lauser

Short profile

Marco Paulini