Whether it’s Industry 4.0, self-driving cars or smart home solutions – connected machines and high-value goods need security mechanisms that can be updated. The objective of the ALESSIO research project under the leadership of Infineon Technologies AG is to develop and assess these security mechanisms. Project partners from Munich are Fraunhofer Institute for Applied and Integrated Security (AISEC), Giesecke & Devrient GmbH, Siemens AG and the Technical University of Munich (TUM) as well as Karlsruhe-based WIBU-SYSTEMS AG. The project runs until the end of 2019 and is funded by the Federal Ministry of Education and Research (BMBF) with approximately Euro 3.9 million.
Every new connected device in the Internet of Things is a potential target: sensitive data and information that are not sufficiently protected could be captured and used for further attacks. This is why reliable protection for safety-critical information is based on a combination of software and hardware. The hardware – a security chip – is comparable to a safe: a highly protected area in which data and security keys are stored separately from the software. But due to the long life-span of industrial facilities e.g. manufacturers need to be able to respond to changed or new attack methods. Hence the data and security-relevant information in these devices and industrial plants have to be updatable.
Within the next three years, the ALESSIO research partners will develop updatable security solutions for such embedded systems. One of the approaches is a conventional hardware-based Secure Element with updatable software. A Secure Element in complex, programmable logic devices (FPGA, field-programmable gate array) is also underway. In the end, three practice-oriented prototypes will show the solutions’ feasibility and functional capabilities.