atsec information security
Research
Contributing to the future of IT security.
What we do
atsec actively promotes sound security standards, methodologies, and their application. Over the years, atsec has been involved in a number of research projects funded by the EU, such as Horizon 2020, as well as national projects, such as Vinnova in Sweden and BMWi/BMBF in Germany. For these projects, atsec is a partner contributing with competence on the topic of IT security evaluations and assessments in a range of industries, including telecom, transportation, iOT, and high-assurance components. With our know-how and independence from product development, we are open to participate in consortiums as a security partner.
Ongoing research projects include:
SUSTAIN
The aim of SUSTAIN is to develop methods, approaches, tools, and recommendations to secure the Industrial Internet of Things (IIoT) for distributed collaborative control systems in material handling.
Ag5G+
A project in the Cyber Security and Digital Sovereignty in the Communication Technologies 5G/6G program, Ag5G+ focuses on establishing the testing body for the NESAS CSS-GI-BSI scheme and is funded by the economic stimulus package (KoPa 45) of the German Federal Government.
Ag5G+ Forschungsprojekt (in German)
See also: www.bsi.bund.de
Completed projects include:
CSSTII
The Certifiable System-on-Silicon for Safety-Critical Applications In Industry (CSSTII) was a project funded by Vinnova in Sweden to address a gap in the security model of hardware/software systems where the interface between hardware and software lacked a contract. Project partners Cobham Gaisler AB and Chalmers University of Technology aimed to extend an existing hardware design to provide isolation between software instances. The project concluded in September 2023 with the development of a FPGA design with timing isolation properties within a multicore cluster and on the design’s Network-on-Chip interconnect. atsec performed a Common Criteria security evaluation of the developed platform, sharing years of expertise and know-how on performing security evaluations of hardware designs and complex system-on-chip designs.
CEST
The Confidential Evaluation of Software Trustworthiness (CEST) was a project funded by Vinnova in Sweden. The CEST project developed a confidential assurance environment that allowed independent 3rd party evaluators (regulators) to conduct software security analyses of vendor proprietary (sensitive) software while preserving the confidentiality of the analyzed software. Project partners Ericsson, Hyker, and RISE developed a prototype environment and methodologies for confidential software assurance, while atsec complemented the team with years of expertise and know-how on performing various security evaluations. atsec contributed to the success of this project by leading the security assurance tracks, conducting the studies that specified the assurance environment to be constructed, and defining the test use cases and their execution.
certMILS
A project funded by the European Commission Horizon 2020 program aiming to protect critical infrastructure against cyber-attacks by using compositional security evaluations and certifications, as well as delivering a certified MILS platform. This approach allows certMILS to develop technology prototypes early enough for later security evaluation and certification; certMILS also reuses compositional certification results across national borders, strengthening the Single Digital Market. This project resulted in a certified European MILS platform.
CITADEL
A collaborative project funded by the European Commission Horizon 2020 program based on MILS, an approach featuring modular construction and compositional assurance, to reduce the time and cost for development, certification, and maintenance of dependable systems. CITADEL certifies adaptive MILS systems, and the separation kernel-based MILS platform manages physical resources while establishing and enforcing a verified application architecture.
www.citadel-project.org (no https)
CYRAIL
A collaborative project funded by the European Commission under the Shift2Rail program for Rail Research and Innovation (R&I), addressing the topic “Threat detection and profile protection definition for cybersecurity assessment”.
PASS
The Platform for Automotive Apps Guaranteeing Security and Safety (PASS) is a German project funded by the German Ministry of Economy BMWK that focused on creating an app platform for the automotive industry to meet both safety and security requirements. The app needed to ensure that critical applications on the platform work reliably in real-time and are protected from possible external attacks. atsec focused on the evaluation of the overall PASS security architecture and the PikeOS separation kernel.
Work with us!
Please contact us if you have a research project regarding IT standards or general IT security and are looking for a knowledgeable partner.
The Information Security Provider
Read Our Latest Blog Articles
Learn the latest and greatest about information security. You’ll find insights and analyses of recent developments in technology and policy on our blog.
-
Final Call to Submit for Interim Validation
The CMVP is moving back to its normal certification process, which means interim submissions are being closed.
-
atsec at the PCI Community Meeting 2024
atsec recently presented at the PCI SSC Asia-Pacific Community Meeting.
-
atsec at the CCUF and ICCC24 in Qatar
atsec is attending the CCUF and ICCC24, where we’re excited to meet with colleagues from across the globe.
header photo by Niklas Ohlrogge on Unsplash