From October 11 to 14, 2022, the first German-Korean research workshop, between the two international sister projects PoQsiKom and IPSecICS, was held at Korea University’s School of Cyber Security in Seoul. The PoQsiKom project partners Fraunhofer AISEC, Siemens AG, and TRUMPF met with the IPSecICS project partners Korea University, CIOT Security, WAEM, and the Smart Manufacturing Research Association (SMRA) to strengthen the international project relations.
Participants (CIOT Security, Fraunhofer AISEC, Korea University, Siemens, SMRA, TRUMPF, and WAEM) of the workshop at Korea University’s School of Cyber Security in Seoul.
On the four days in Seoul, the German and Korean project partners discussed the joint research goals:
The German and Korean partners further were invited to the Korea Internet & Security Agency (KISA) for a discussion on common cybersecurity research topics and visited the project partners CIOT Security and Siemens Korea.
In succession to the fruitful workshop, the German and Korean project partners defined the joint research directions more concretely as follows.
The projects PoQsiKom and IPSecICS join forces to combine the security research of connecting industrial production systems to locally present operator terminals or off-site remote operator terminals. In case of an off-site operator, the PoQsiKom project focuses on developing secure communication channels to allow the remote acknowledgement of a production system’s safety functions. Especially with the long-life cycles of production systems, the researchers want to extend security functions having classic public key cryptography with post-quantum secure algorithms. The joint research evaluates the suitability of post-quantum cryptographic algorithms for the use in industrial communication and implements selected candidate algorithms from ongoing international evaluation projects on post-quantum public key cryptography in its RISC-V-based trust anchor. In addition to securing the data connection to remotely operated production systems, the systems themselves must be equipped with hardened software to withstand unauthorized tampering on-site. Locally accessible interfaces of the systems must be secured, for which the research project develops a security device capable of detecting malicious operations. The security device prevents malicious commands sent to a PLC and guarantees correct operation of the PLC.
A flexible and modular mechanism for realizing secure remote operation of production systems is achieved using a standardized cryptographic abstraction layer: the Generic Trust Anchor (GTA) API. With interchangeable and country-specific cryptographic algorithms, this abstraction supports the security of the system’s entire life cycle and allows the system operator to handle country-specific regulatory issues. The joint German-Korean activity design, develop and evaluate suitable trust anchors with appropriate lightweight cryptographic algorithms.