CA&D | Cyber Analysis & Defense

The Cyber ​​Analysis & Defense (CA&D) department is dedicated to protecting critical systems and infrastructures from cyberattacks by analyzing vulnerable systems, safeguarding friendly systems and infrastructure, and analyzing cyberattacks, attackers’ tools, and actors. With their expertise in these areas of cyber and information security, CA&D researchers make valuable contributions to protecting against cybercrime, espionage and sabotage.

Applied System Analysis

The Applied System Analysis research group deals with the state of security of friendly systems from the perspective of security analysis and resilience.

 

Secure Devices & Networks

The Secure Devices & Networks research group is focused on protecting friendly systems through prevention and attack detection. For this purpose, the group researches methods of automated firmware analysis, baiting systems for the investigation of attacker behavior, as well as kill chain detection through log data correlation and linking of IT security and process data.

 

Attack Intelligence & Mitigation

The Attack Intelligence & Mitigation research group focuses on analyses of malware, forensic incident analyses, attacker infrastructures and combating botnets. These activities serve the goals of accelerating and improving analyses, developing a basis for attribution and creating a situational picture of cyber threats. 

Some 50 researchers make a major contribution to security in the cyber and information space with their extensive technical expertise. The application of scientific methods, the latest techniques and practices, and deep roots in the scientific community assure a high level of technical sophistication. Collaboration with relevant authorities and industries ensures a strong real-world orientation. The main focus of the Cyber Analysis & Defense department's work is to protect Germany from existential threats from the cyber and information space. This is achieved through long-term, confidential cooperation with the relevant authorities.

 

Official bodies 

  • Expert Council for the Cyber ​​Security Situational Picture of the Federal Office for Information Security (BSI)
  • NATO Science & Technology Organization: Information Systems Technology Panel
  • NATO IST RTG-151 Cyber Security of Military Systems
  • NATO IST RTG-163 Deep Machine Learning for Cyber Defense
  • NATO IST RTG-164 Securing Unmanned and Autonomous Vehicles for Mission Assurance
  • NATO IST SP-166 Mission Assurance for Autonomous Unmanned Systems

 

Collaboration 

  • University of Bonn
    Through the director of Fraunhofer FKIE, Prof. Dr. Peter Martini, the Cyber ​​Analysis & Defense department offers comprehensive and extensive instruction in its bachelor's program in computer science as well as its Master of Computer Science program. Rooms are reserved at the institute’s Zanderstr. 5 location where students can engage in practical work as part of their relevant specialization.

  • University of Applied Sciences Bonn-Rhein-Sieg
    The Bonn-Rhein-Sieg University of Applied Sciences is another institution with close contacts to the department. Significant expansion of this strategic cooperation is expected in the near future.
 

Fraunhofer Center for Digital Energy

A secure power supply is something that our society takes for granted. Energy security 365 days a year is a must. Without electricity, there is no production, mobility, communication or trade. But the ongoing digitalization of the energy sector also entails considerable risks. As part of the Fraunhofer Center for Digital Energy, Fraunhofer FKIE is developing measures aimed at a cyber-secure power supply.

 

FKIE analysis tool shows security vulnerabilities

Interaction with networked systems is increasingly becoming part of everyday life: a morning look at the smartphone, telephone calls via the home router, switching on the heating with an Alexa-controlled thermostat. The multitude of »mini-computers« in private homes, public spaces and offices offers a huge target for computer crime. To address the risk factor of vulnerable networked systems, the Fraunhofer FKIE has developed the »Firmware Analysis and Comparison Tool« (FACT).

 

Cybersecurity in the power grid of tomorrow

The Innovations in System Control by 2030 (InnoSys 2030) research project is investigating novel approaches in system control for more efficient utilization of the power grid, including temporary relaxation of the strict principle of (n-1) security, which ensures an uninterrupted power supply even if any one component of the power grid fails.