Security, Safety, Risk Management
Security, Safety, Risk Management deals with the exploration of technologies, methods and models for the development of cyber-physical systems (CPS) and services with higher security and robustness, also taking into account the interaction with human users. The participating chairs combine theory-based methods with model-oriented approaches from engineering. Security, Safety, Risk Management explores theoretical approaches to precisely record, ensure, verify and monitor the security features (security and safety) of CPS during their lifetime. New security architectures and system services are designed that are based on mathematical methods and engineering approaches. This should enable privacy to be preserved when collecting and using data and allow anomalies in behavior to be detected early and more precisely. In addition, Security, Safety, Risk Management examines methods and models for protecting software for (safety-critical) cyber-physical systems over their entire life cycle. The aim of Security, Safety, Risk Management is to make the results usable for safety-relevant application domains such as autonomous driving, networked production or networked healthcare. Special protection measures for privacy are also taken into account.
Claudia Eckert, Prof. Dr.
Matthias Heinig, Dr.
Helmut Krcmar, Prof. Dr. rer. oec.
Peter Struss, Apl. Prof. Dr. rer. nat. habil.
In SIBASE, a modular system of standardized, interlocked security components for embedded systems in hardware and software is developed, in order to provide longterm security. A tool for the modeling and analysis of security requirements at the software architecture and design levels, based on the Unified Modeling Language (UML/OCL), is being developed at the Department Chair for Security in Computer Science. Symbolic execution is used for the analysis of safety characteristics of C/C++ software at the implementation level (Sourcecode). Additionally, a tool is being developed for the automatic recognition of weaknesses that could be misused for Remote Exploits or Privilege Escalation Exploits.
The focus lies on errors in information flow (Information Exposure), memory access (Buffer Overflow, etc.), as well as those regarding number format (Integer Overflow, etc.).
A tool for the automatic generation of quick-fixes for error correction or for the defusing of weaknesses (fail-secure error mitigation) is also in development. The tools are being integrated in the Eclipse Integrated Development Environment.
More information about SIABASE (in German only)
TUM as a member of IUNO is responsible for creating novel techniques to defend against the emerging threats of the Internet of Things (Industrie 4.0). More precisely, one of our tasks is to create new anomaly detection algorithms that can identify in real time suspicious behaviors in the industrial networks. Additionally, we develop tools that can automatically discover the vulnerabilities in the firmware of the industrial components/sensors and propose automatic solutions (patches). Finally, we research Virtual Machine Introspection solutions and more specifically how they can be applied in the concept of Industrie 4.0. As a matter of fact, we have developed a solution that can transform any operating system that is based on Intel’s VT-x architecture to a virtual machine on the fly. This can aid network and security administrators of industries to apply an "antivirus-like" solution to any workstation without any prior action. We plan to extend our solution to a wider variety of architectures including ARM which is nowadays the most-used architecture in the Internet of Things.
Research Project IUNO (in German only)
Complex and adaptive attacks on IT systems demonstrated the weakness of standard defensive countermeasures. The ForSEc project tries to tackle this challenge of securing increasingly complex systems using a synergy of three phases in security:
- Response and
- Recovery, Auditing and Forensics.
The research activities of TUM focus (1) on security monitoring on ARM devices and (2) anomaly and intrusion detection under resource constraints. To address the first research area, Virtual Machine Introspection (VMI) is used to monitor the OS Kernel activities and to reconstruct kernel's behaviors on a smart device. VMI allows one to detect control-flow hijacking attacks, and also to detect and prevent the non-control-flow attacks. Furthermore, new methods are researched to detect and prevent variants of JIT-based attacks. The second research area is addressed by developing machine learning-based anomaly detection methods that use data retrieved through VMI for malware detection. To achieve reliable results for malware detection and analysis, methods such as topic modeling, neural networks, and semi-supervised learning are investigated. Existing anomaly detection methods are adapted to the resource constraints present in mobile devices, like memory, power, and bandwidth.