In summer 2023, the PoQsiKom consortium achieved the project’s second milestone: the first successful remote acknowledgement for a machine’s safety controller has been issued using the project’s integrated security system.
In the project’s use case, a camera attached to a secure and integrated system serves as eyes for a human operator acknowledging the safety of a machine’s operational area from a remote location. As the operator is located off-site, a new concept for the remote acknowledgement of the safety environment via the public Internet is required. It is based on secure and trustworthy data transferred between the operator and the machine’s camera and safety controller.
Since the project’s system design phase has concluded in the summer of 2022, the project partners collaboratively developed the integrated security system required for the camera and safety controller to establish a trustworthy connection to the remote operator. In reaching the second milestone, the integrated security system has been developed at Fraunhofer AISEC using a hardened Linux-based operating system, GyroidOS, that includes security features such as a strict application isolation (sandboxing) and a deep-rooted support for secure elements. Together with TRUMPF, the applications required to implement the new concept for the remote acknowledgement, i.e., the secure streaming of the camera’s video feed, the trustworthy data exchange between the smart factory and the remote operator, and a specific data evaluation mechanism for guaranteeing safety, have been integrated into the security system. At TRUMPF, the backend infrastructure, required to connect the remote operator to the machine, and the remote operator terminal, required for the remote operator to view the video feed and acknowledge the machine’s safety area, have been developed and tested. The security device was integrated in the demonstrator at TRUMPF.
The PoQsiKom project focusses on future-proof post-quantum-secure communication. TUM is developing an OpenTitan-based trust anchor with support for the post-quantum algorithms Dilithium and Kyber, while Siemens AG is implementing the soon to be standardized Generic Trust Anchor (GTA) API, with which TUM’s trust anchor shall be integrated into the project’s security system. The development and integration of the trust anchor and the GTA API will be the goal for the next milestone, ought to be reached by the end of the first quarter in 2024.
For further details please contact us.