Topic 3 Engineering Secure Systems

Topic 3 focuses on engineering secure systems for critical infrastructures. Its research ranges from methodology, e.g. the quantification of security, to the security of concrete applications.

All innovative scenarios in the societally important fields energy supply, mobility, and production share the following three properties: (i) they are realized through the massive use of IT, driven by software-based functionalities, (ii) they are assumed to work securely and dependably, and (iii) they collect vast amounts of data related to individuals. As a consequence, there is a need for methods to engineer secure software-intensive systems.

Engineering in the context of Topic 3 refers to systematically achieving working solutions that are not only secure (in the view of this Topic, security also includes privacy and safety), but also yield guaranteed quality properties (e.g., performance, dependability, usability, and also costs) and achieve the best possible trade-offs between conflicting goals regarding different quality properties as well as societal aspects.

The ambitious key objective of Topic 3 is therefore the quantification of security and its application to engineering secure software-intensive systems, particularly in energy, mobility, and production systems.

Topic 3 is organized along two dimensions in a way that fosters collaboration and exchange between researchers working on foundational problems and practice-oriented challenges.

Three method-focused research groups solve challenges that cross application boundaries:
• Quantifying Security
• Secure Computation and Communication
• Human and Societal Factors

Comprehensive security for real-world systems is researched in three application-specific security labs:
• Engineering Security for Energy Systems
• Engineering Security for Mobility Systems
• Engineering Security for Production Systems