We are pleased to announce the press release for the start of our project. The press release is written in German language and accessible here.
An English translation of the press release follows below.
Industrial processes are becoming increasingly interconnected, both internally and externally. Advancing digitalization and threats from quantum computers are creating a need for new digital security technologies. The Fraunhofer Institute for Applied and Integrated Security AISEC (consortium management), Technical University of Munich (TUM), Siemens AG and a high-tech company TRUMPF are working together on the project “Post-Quantum Secure Communication for Industrie 4.0 (PoQsiKom)”, funded by the Federal Ministry for Economic Affairs and Climate Action (BMWK), to develop an innovative hardware trust anchor for operating equipment and edge devices (routers, switches etc.). The hardware trust anchor is intended to have a future-proof cryptographic module is with increased level of security.
The fast-growing trend towards intelligent manufacturing means more communication between different operating equipment and their components. As this communication is increasingly taking place across company boundaries and country-borders, it’s not sufficient to have only locally authenticated and secure communication link. There needs to be a way to verify trustworthiness of the data generated and exchanged by the devices.
Take the operational safety of machines and equipment as an example, where lack of trustworthiness of components and communication is normally compensated by physical presence of an authorized trustworthy person. As cryptographic modules—known as security primitives—can be implemented into each individual device, they could also be used as basis for innovative business models that are currently impossible to implement. One example is fully remote operation of a machine or piece of equipment without an operator being physically present.
To make these far-reaching security primitives a reality, the partners are developing a hardware trust anchor that can be leveraged by shopfloor devices. Particular attention is being given to the future ability to integrate the trust anchor into the design of the devices themselves. In this project, research is being done to efficiently leverage trust anchor to protect data that is transferred or processed by shopfloor devices, and for the verification of trustworthiness of such data. The trust anchor will be designed to be secured against attacks by quantum computers and research into the efficient use of post-quantum cryptography will be conducted. A secure, real-time-capable operating system is also necessary to prevent the data from being compromised during processing. This is to be achieved by making the operating system resistant to malware attacks. The trust anchor will also be designed to guarantee and certify that the status of remote systems is correct and unmodified.
An API (application programming interface) definition is also planned in order to guarantee that the security features of the hardware trust anchor can be efficiently used by developers and integrators. This is being done by incorporating international standardization activities such as “ISO/IEC TS 30168 Internet of Things (IoT)—Generic Trust Anchor Application Programming Interface for Industrial IoT Devices.” Additionally, research is being done into new encryption algorithms and the optimization of existing algorithms so that they can run on devices with limited resources or implemented in special FPGA (field programmable gate array) solutions.
Within the project, TUM is responsible for the FPGA-based hardware platform for the trust anchor and, together with Siemens AG, for the implementation of the cryptographic post-quantum algorithms. Fraunhofer AISEC is responsible for making the real-time-capable operating system resistant to attacks and Siemens AG is responsible for the design and development of the trust anchor and the associated API, in conjunction with applicable international standardization activities. TRUMPF is in-charge of the development of remote operation demonstrator, which uses the trust anchor developed in the project for secure communication.
The project is receiving 2.4 million euros in funding from the Federal Ministry for Economic Affairs and Climate Action (BMWK) following a decision by the German Federal Parliament (Bundestag) and will run until November 30, 2024. Internationally, it is associated with the South Korean KOSMO (Korean Smart Manufacturing Office).
More information on the project can be found at: www.poqsikom.de
Ernst Stöckl-Pukall, Head of the “Industrie 4.0, Digitalisation” devision of the BMWK: “Trust and security are integral parts of every innovative Industry 4.0 application, and essential for the automated exchange of data in advanced industrial data spaces. By supporting the PoQsiKom project, we are funding the development of innovative solution concepts that will help to secure data exchange in a globalized world; we are also supporting key objectives of the Platform Industry 4.0. The involvement of Korean partners also strengthens the development of a shared international perspective on developing a data-driven manufacturing industry.”
Prof. Georg Sigl, Chair of Security in Information Technology at the Technical University of Munich (TUM) and Institute Director of Fraunhofer AISEC, says: “The PoQsiKom project brings together industry and research to work hand in hand on new digital encryption technologies for networked industrial processes. This ensures that knowledge can be transferred from the laboratories of research institutions, universities, and industrial research centers directly to users’ workshops.”
Klaus Bauer, Head of Research and Development in the Smart Factory department at TRUMPF, also sees data security as extremely important for the modern sheet metal manufacturing industry: “Working securely with sensitive data allows TRUMPF, as a solution provider, to develop innovative business models both for our customers and for our own manufacturing business. This includes, for example, the ability to operate TRUMPF machinery entirely remotely on an equipment-as-a-service (EaaS) model. This creates competitive advantages for our customers and allows us to build on our position as a leader in digitally networked manufacturing.”
Dr. Wolfgang Klasen, speaking on behalf of Siemens AG, adds: “The results of our implementation of trust anchors in embedded systems support future technologies for secure communication as part of Industrie 4.0 and are being incorporated into international standards. Within the framework of the German Plattform Industrie 4.0 led by the BMWK, we are engaged in close international cooperation with KOSMO in Korea.”