Security, Safety, Risk Management
The cluster addresses the research of technologies, methods, and models for developing safer, robuster cyber-physical systems (CPS) and services, including interaction with human users. Theory-based methods are connected with model-oriented approaches from engineering, via participating university chairs. The cluster explores theoretical approaches in order to precisely capture, ensure, and verify the security features (Security and Safety) from CPS, as well as observe them during their runtime. New security architectures and system services are designed, which are based on mathematical methods and approaches from engineering. This should enable privacy maintenance during data collection and use, and even allow one to recognize anomalies in behavior early on and with higher precision. Moreover, the cluster investigates methods and models for securing software for (safety-critical) cyber-physical systems throughout their entire lifecycle.
The goal of the cluster is to make the results for security-relevant application domains (such as autonomous driving, networked production, or networked healthcare) useable. Specific protection measures for privacy are also taken into account.
In SIBASE, a modular system of standardized, interlocked security components for embedded systems in hardware and software is developed, in order to provide longterm security. A tool for the modeling and analysis of security requirements at the software architecture and design levels, based on the Unified Modeling Language (UML/OCL), is being developed at the Department Chair for Security in Computer Science. Symbolic execution is used for the analysis of safety characteristics of C/C++ software at the implementation level (Sourcecode). Additionally, a tool is being developed for the automatic recognition of weaknesses that could be misused for Remote Exploits or Privilege Escalation Exploits.
The focus lies on errors in information flow (Information Exposure), memory access (Buffer Overflow, etc.), as well as those regarding number format (Integer Overflow, etc.).
A tool for the automatic generation of quick-fixes for error correction or for the defusing of weaknesses (fail-secure error mitigation) is also in development. The tools are being integrated in the Eclipse Integrated Development Environment.
TUM as a member of IUNO is responsible for creating novel techniques to defend against the emerging threats of the Internet of Things (Industrie 4.0). More precisely, one of our tasks is to create new anomaly detection algorithms that can identify in real time suspicious behaviors in the industrial networks. Additionally, we develop tools that can automatically discover the vulnerabilities in the firmware of the industrial components/sensors and propose automatic solutions (patches). Finally, we research Virtual Machine Introspection solutions and more specifically how they can be applied in the concept of Industrie 4.0. As a matter of fact, we have developed a solution that can transform any operating system that is based on Intel’s VT-x architecture to a virtual machine on the fly. This can aid network and security administrators of industries to apply an "antivirus-like" solution to any workstation without any prior action. We plan to extend our solution to a wider variety of architectures including ARM which is nowadays the most-used architecture in the Internet of Things.
Complex and adaptive attacks on IT systems demonstrated the weakness of standard defensive countermeasures. The ForSEc project tries to tackle this challenge of securing increasingly complex systems using a synergy of three phases in security:
- Response and
- Recovery, Auditing and Forensics.
The research activities of TUM focus (1) on security monitoring on ARM devices and (2) anomaly and intrusion detection under resource constraints. To address the first research area, Virtual Machine Introspection (VMI) is used to monitor the OS Kernel activities and to reconstruct kernel's behaviors on a smart device. VMI allows one to detect control-flow hijacking attacks, and also to detect and prevent the non-control-flow attacks. Furthermore, new methods are researched to detect and prevent variants of JIT-based attacks. The second research area is addressed by developing machine learning-based anomaly detection methods that use data retrieved through VMI for malware detection. To achieve reliable results for malware detection and analysis, methods such as topic modeling, neural networks, and semi-supervised learning are investigated. Existing anomaly detection methods are adapted to the resource constraints present in mobile devices, like memory, power, and bandwidth.