Institute for Automation and Applied Informatics

KASTEL (security of critical infrastructures, security of networked infrastructures)

KASTEL - Competence Center for Applied Security Technology, Research Project Security of Networked Infrastructures (SVI), Project “Model-based plausibility check for security-critical infrastructures of the Energy Lab 2.0”, PL

In KASTEL the working group is involved in two projects. One in SVI - secure networked infrastructures and one in SKI - secure critical infrastructures. Topics are similar to those mentioned above: secure software, secure system components, anomaly detection and protocol analysis.

In POF IV, the working group is active in the research area Information in the program “Program 1 Engineering Digital Futures (Supercomputing, Data Management and Information Security for Knowledge and Action)”. Here we are responsible for the work of the "Subtopic 2 Engineering Security for Energy Systems" in the “Topic 3 Engineering Secure Systems”. Hubert Keller is Principal Investigator here.

"The main objective of the subtopic is to develop and evaluate concepts, methods, and system technologies (hard- and software) for the secure integration of ICT into energy supply systems with the aim of creating a reliable and secure energy supply. In order to address the communication between the grid participants as well as the application and operational software, a special lab will be set up for energy systems security containing a small smart energy grid model. This model will be used to analyze existing vulnerabilities and possible attack scenarios, including the consequences for the overall grid stability energy supply. For the identified consequences of vulnerabilities, a risk quantification will be applied in cooperation with ▸ Subtopic 1 and adequate countermeasures will be developed and validated. The long-term goal of this subtopic is to develop methods for a secure and safe example smart grid which demonstrate new approaches and countermeasures that substantially mitigate new risks based on hardened existing software systems.