Involved PIs: Hannes Hartenstein, Jörn Müller-Quade, Andy Rupp (Head), Ali Sunyaev

Active Researchers: Shalini Banerjee, Dennis Faut, Valerie Fetzer, Niclas Kannengießer, Marc Leinweber, Tapas Pal, Markus Raiber

Research Area “Secure Protocol” (PPCDT) aims for practicality, comprehensible security and privacy, and distributed trust when designing privacy-preserving computation techniques dedicated to real-world applications. Regarding practicality, we do not only refer to computational and communicational efficiency but also to compliance with domain-specific laws and regulations, business models, value-added services, or user requirements, enabling a practical deployment in the first place. The technologies we apply and improve to achieve these goals include secure multi-party computation (MPC), zero-knowledge proofs (ZKPs), trusted execution environments (TEEs), and distributed ledger technology (DLT).

Involved PIs: Bernhard Beckert (Head), Hannes Hartenstein, Anne Koziolek, Ralf Reussner (Head), Martina Zitterbart

Active Researchers: Sophie Corallo, Matthias Grundmann, Sebastian Hahner, Frederik Reiche, Jonas Schiffl

Research Area "Secure Software" has the goal to contribute methods for developing secure software. We envision various frameworks for secure development. One such framework focuses on security requirements validation that connects all levels of software development and adapts to changes over time. This involves modeling security-related requirements and assumptions at the top level, tracing them to the software architecture using natural language techniques, and performing both design and code analyses to validate the requirements and ensure comprehensive security. Another focus is on Smart Contracts (SCs), which manage resources on decentralized platforms in conjunction with a distributed ledger. While SCs offer transparency and valuable applications, they are often rewarding targets for attacks precisely because they manage valuable resources and their immutable code makes them vulnerable. We explore possible SC applications and develop methods for their secure development through formal specification and verification of functional and security properties.

Involved PIs: Jürgen Beyerer, Veit Hagenmeyer, Thorsten Strufe, Martina Zitterbart (Head)

Active Researchers: Sine Canbolat, Ghada Elbez, Christian Haas, Ankush Meshram, Felix Neumeister, Jonas Vogl

Research Area “Secure Communication” (ASCCI) focuses on resilient and secure communication in future production and energy communication networks. In particular, research in ASCCI addresses aspects of network isolation to protect potentially vulnerable systems, redundancy (multi-path routing and packet duplication) for enhanced network resilience, network attack detection and mitigation, as well as automatically assessing the risk of attacks based on the devices present in the network. The specific application to production and energy systems introduces novel challenges resulting from constrained resources as well as from real-time requirements of control processes. In order to enable flexible integration and adaptation of security and resilience mechanisms, Research Area ASCCI leverages emerging networking technologies such as Software-Defined Networking (SDN).