Summary
Cybersecurity is the basis for successful digitization and for innovation in all sectors, e.g. in digital production (Industry 4.0), smart energy supply, logistics and mobility, healthcare, public administration, and cloud-based services, too. The role of cybersecurity [13][11] is to protect companies and their values and to prevent damage or at least limit the impact of any potential damage. Cybersecurity encompasses measures to protect IT-based systems (hardware and software) from manipulation and thus safeguards their integrity. Furthermore, it includes concepts and processes that guarantee the confidentiality of sensitive information and the protection of the private sphere as well as the availability of functions and services. Guaranteeing integrity, confidentiality, and availability are the familiar safety objectives already pursued by traditional IT security, but achieving them has become increasingly difficult and complex with digitization and networking and the accompanying connection between the digital and physical worlds.
The article that follows provides an insight into current trends and developments in the field of application-oriented cybersecurity research and makes use of selected example applications to outline challenges and potential solutions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Sources and literature
https://www.bundesdruckerei.de/de/studie-it-sicherheit, Abruf am 11.7.2017
https://www.bmwi.de/Redaktion/DE/Publikationen/Studien/kompetenzen-fuer-einedigitale-souveraenitaet.pdf? blob=publicationFile&v=14, Abruf am 11.7.2017
https://www.bitkom.org/Presse/Presseinformation/IT-Sicherheit-Cloud-Computing-und-Internet-of-Things-sind-Top-Themen-des-Jahres-in-der-Digitalwirtschaft.html, Abruf am 11.7.2017
Fry, A., Chiasson, S., & Somayaji, A. (2012, June). Not sealed but delivered: The (un) usability of s/mime today. In Annual Symposium on Information Assurance and Secure Knowledge Management (ASIA’12), Albany, NY.
https://arstechnica.com/security/2013/06/encrypted-e-mail-how-much-annoyance-will-you-tolerate-to-keep-the-nsa-away/3/, Abruf am 21.7.2017
https://www.sit.fraunhofer.de/de/securityindex2016/, Abruf am 12.7.2017
https://codeinspect.sit.fraunhofer.de, Abruf am 13.7.2017
Klein, A., Shulman, H., Waidner, M.: Internet-Wide Study of DNS Cache Injections, IEEE International Conference on Computer Communications (INFOCOM), Atlanta, GA, USA, May 2017.
Shulman H., Waidner M.: One Key to Sign Them All Considered Vulnerable: Evaluation of DNSSEC in Signed Domains, The 14th USENIX Symposium on Networked SystemsDesign and Implementation (NSDI), Boston, MA, USA, March 2017.
Simpson, A. K., Roesner, F., & Kohno, T. (2017, March). Securing vulnerable home iot devices with an in-hub security manager. In Pervasive Computing and Communications Workshops (PerCom Workshops), 2017 IEEE International Conference on (pp. 551-556). IEEE, 2017
Solms, R. and Van Niekerk, J., 2013. From information security to cyber security. computers & security, 38, pp.97-102. 2013
Waidner, M., Backes, M., Müller-Quade, J., Bodden, E., Schneider, M., Kreutzer, M., Mezini, M., Hammer, Chr., Zeller, A. Achenbach, D., Huber, M., Kraschewski, D.: Entwicklung sicherer Software durch Security by Design,. SIT Technical Report SIT-TR-2013-01, Fraunhofer Verlag, ISBN 978-3-8396-0567-7, 2013
Claudia Eckert: IT-Sicherheit: Konzepte – Verfahren – Protokolle, 9th Edition, De Gruyter, 2014
Claudia Eckert. „Cybersicherheit beyond 2020! Herausforderungen für die IT-Sicherheitsforschung“. In: Informatik Spektrum 40.2 (2017), pp. 141–146.
Claudia Eckert. „Cyber-Sicherheit in Industrie 4.0“. In: Handbuch Industrie 4.0: Geschäftsmodelle, Prozesse, Technik. Ed. by Gunther Reinhart. München: Carl Hanser Verlag, 2017, pp. 111–135.
Bundesamt für Sicherheit in der Informationstechnik (BSI), „Die Lage der IT-Sicherheit in Deutschland 2016“, https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/
Martin Salfer and Claudia Eckert. „Attack Surface and Vulnerability Assessment of Automotive Electronic Control Units“. In: Proceedings of the 12th International Conference on Security and Cryptography (SECRYPT 2015). Colmar, France, July 2015.
D. Angermeier and J. Eichler. „Risk-driven Security Engineering in the Automotive Domain“. Embedded Security in Cars (escar USA), 2016.
F. Fischer, K. Böttinger, H. Xiao, Y. Acar, M. Backes, S. Fahl, C. Stransky. „Stack Overflow Considered Harmful? The Impact of Copy & Paste on Android Application Security“ , IEEE Symposium on Security and Privacy 2017.
A. Zankl, J. Heyszl, G. Sigl, „Automated Detection of Instruction Cache Leaks in RSA Software Implementations“, 15th International Conference on Smart Card Research and Advanced Applications (CARDIS 2016)
N. Jacob, J. Heyszl, A. Zankl, C. Rolfes, G. Sigl, „How to Break Secure Boot on FPGA SoCs through Malicious Hardware“, Conference on Cryptographic Hardware and Embedded Systems (CHES 2017)
C. Teichmann, S. Renatus and J. Eichler. „Agile Threat Assessment and Mitigation: An Approach for Method Selection and Tailoring“. International Journal of Secure Software Engineering (IJSSE), 7 (1), 2016.
Niels Fallenbeck and Claudia Eckert. „IT-Sicherheit und Cloud Computing“. In: Industrie 4.0 in Produktion, Automatisierung und Logistik: Anwendung, Technologien, Migration“, ed. by Thomas Bauernhansl, Michael ten Hompel, and Birgit Vogel-Heuser. Springer Vieweg, 2014, pp. 397–431.
N. Jacob, J. Wittmann, J. Heyszl, R. Hesselbarth, F. Wilde, M. Pehl, G. Sigl, K. Fisher: „Securing FPGA SoC Configurations Independent of Their Manufacturers“, 30th IEEE International System-on-Chip Conference (SOCC 2017)
M. Huber, J. Horsch, M. Velten, M. Weiß and S. Wessel. „A Secure Architecture for Operating System-Level Virtualization on Mobile Devices“. In: 11th International Conference on Information Security and Cryptology Inscrypt 2015. 2015.
J. Schütte and G. Brost. „A Data Usage Control System using Dynamic Taint Tracking“. In: Proceedings of the International Conference on Advanced Information Network and Applications (AINA), March 2016.
P. Stephanow, K. Khajehmoogahi, „Towards continuous security certification of SoftwareasaService applications using web application testing“, 31th International Conference on Advanced Information Networking and Applications (AINA 2017)
Kolosnjaji, Bojan, Apostolis Zarras, George Webster, and Claudia Eckert. Deep Learning for Classification of Malware System Call Sequences. In 29th Australasian Joint Conference on Artificial Intelligence (AI), December 2016.
Steffen Wagner and Claudia Eckert. „Policy-Based Implicit Attestation for Microkernel-Based Virtualized Systems“. In: Information Security: 19th International Conference, ISC 2016,Springer 2016, pp. 305–322.
Lengyel, Tamas, Thomas Kittel, and Claudia Eckert. Virtual Machine Introspection with Xen on ARM. In 2nd Workshop on Security in highly connected IT systems (SHCIS), September 2015.
Kilic, Fatih, Benedikt Geßele, and Hasan Ibne Akram. Security Testing over Encrypted Channels on the ARM Platform. In Proceedings of the 12th International Conference on Internet Monitoring and Protection (ICIMP 2017), 2017.
Muntean, Paul, Vasantha Kommanapalli, Andreas Ibing, and Claudia Eckert. Automated Generation of Buffer Overflows Quick Fixes using Symbolic Execution and SMT. In International Conference on Computer Safety, Reliability & Security (SAFECOMP), Delft, The Netherlands, September 2015. Springer LNCS.
M. Huber, J. Horsch, J. Ali, S. Wessel, „Freeze & Crypt: Linux Kernel Support for Main Memory Encryption“ ,14th International Conference on Security and Cryptography (SECRYPT 2017).
B. Otto et. al: Industrial Data Space, Whitepaper, https://www.fraunhofer.de/de/forschung/fraunhofer-initiativen/industrial-data-space.htm
https://www.bitkom.org/Presse/Presseinformation/Die-zehn-groessten-Gefahren-im-Internet.html Abruf am 30.06.2017
L. Heiny (2017): Die Jagd auf Avalanche. http://www.stern.de/digital/online/cyberkriminalitaet--die-jagd-auf-avalanche-7338648.html Abruf am 30.06.2017
M. Suby, F. Dickson (2015): The 2015 (ISC)2 Global Information Security Workforce Study. A Frost & Sullivan White Paper.
https://www.allianz-fuer-cybersicherheit.de/ACS/DE/_/downloads/BSI-CS_037.pdf? blob=publicationFile&v=2 Abruf am 30.06.2017
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer-Verlag GmbH Germany, part of Springer Nature
About this chapter
Cite this chapter
Eckert, C., Waidner, M. (2019). Safety and Security. In: Neugebauer, R. (eds) Digital Transformation. Springer Vieweg, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-58134-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-662-58134-6_16
Publisher Name: Springer Vieweg, Berlin, Heidelberg
Print ISBN: 978-3-662-58133-9
Online ISBN: 978-3-662-58134-6
eBook Packages: EngineeringEngineering (R0)