Current information from HFU about the Corona virus: www.hs-furtwangen.de/coronavirus

IT security work group

The IT Security work group at the Faculty of Computer Science at Furtwangen University is involved, within the framework of teaching and research, in the theory and practice of secure and robust distributed IT systems in both a wired and a wireless context. In the Computer Networking (BSc) and Computer Science (BSc) programmes, besides taking lectures on IT security, cryptography and coding, and company security, students are also able to examine certain systems and architectures from the point of view of a hacker (offensive security). In the area of applied research, the topics of data protection, cloud security, securing of IT infrastructures, security management and industrial IT security are covered.

More information about our research activities can be found here: Internal link opens in the same window:Institute for Data Science, Cloud Computing and IT Security (IDACUS).

Research projects

Current projects

BISS: 4.0 - Blockchain technologies in the switch cabinet

Digital transformation of companies will increase digital networking between companies encouraging the development of new customized, hybrid business models. These cross-company business models require secure, reliable and comprehensive ways of logging and monitoring the contractually agreed exchange of information between the partners. The BISS:4.0 project is a cooperation between Furtwangen University, Offenburg University and associated partners. BISS:4.0 aims to guarantee secure, reliable and traceable data exchange between machine tools, operators and service providers. Research results will be implemented using two model cases and demonstrated on the "BISS:4.0 platform".

Internal link opens in the same window:Further information on the project

KOSMoS - Collaborative Smart Contracting Platform for digital value-added networks

KOSMoS aims to develop a platform for inter-company networking of production and process data. The basic technology used for this is the blockchain. New offers and business models should be able to be integrated into the platform, e.g. clear maintenance concepts, dynamic leasing or an easier way to prove the quality of products delivered. This business model benefits all firms working together, for example through cheaper prices, lower maintenance or easier product sales.

The Institute for Data Science, Cloud Computing and IT-Security at HFU will carry out the sub-project for secure and data protection-compliant data management in the collaborative Smart Contracting Platform for digital value-creation networks.

Internal link opens in the same window:Further information on the project

Completed projects

ProSeCCo, Doctoral theses on the Provision of Security Enhancements for Cloud Computing

Two doctorates were achieved at the Faculty of Computing Science within the framework of the ProSeCCo project (Promotionsvorhaben zur Erarbeitung von Sicherheitserweiterungen für das Cloud Computing).

Cloud Computing, the provision of IT services over the World Wide Web, is currently one of the greatest drivers of growth in information and communications technology. Thus IT resources such as software, processing power and data storage can be downloaded from the internet as required. For companies this means substantial cost-savings because they do not have to buy and run soft- and hardware. Because storage takes place on an external server in cloud computing, data security and protection are of prime importance. Even the most trustworthy cloud providers run the risk of a hacker attack. In this project, scientists from Furtwangen University aimed to develop data protection-friendly solutions to be integrated into the basic design of cloud applications.

Duration01.11.2013 - 31.10.2016
Executionuntil WS 2014/15 at Furtwangen University
Third party fundingGerman Ministry for Education and Research (BMBF)
Funding amount€432,000
Contact detailsProf. Dr. Dirk Westhoff (at HFU until September 2014)

UNIKOPS, Security Solutions for cyber-physical Systems

The main aim of the UNIKOPS (Universell konfigurierbare Sicherheitslösung für Cyber-Physikalische Systeme) project was to find universally configurable security solutions for embedded tools and systems. A wide range of applications were addressed, such as SCADA, Smart Metering, the internet of things (IoT) and most importantly, Ambient Assisted Living. The security solutions developed should meet both energy efficiency and storage requirements. Subsidiary goals of the project to ensure system integrity were, among other things, to develop and implement the following: a protection system; a function that can be switched on as required; confidential data fusion of monitored and transferred data; recognition of attacks and attempts at manipulation.

UNIKOPS was funded by the German Ministry for Education and Research (BMBF) under the "Security in insecure environments" priority measures.

Duration01.03.2013 – 31.08.2015
Executionuntil WS 2014/15 at Furtwangen University
Third party fundingGerman Ministry for Education and Research (BMBF)
Fördersumme Gesamtprojekt:€1.5m
Project partnersESCRYPT GmbH, IHP GmbH Frankfurt Oder, RUB (Ruhr Universität Bochum)
Contact detailsProf. Dr. Dirk Westhoff (at HFU until September 2014)

SAaaS (Security Audit as a Service)

SAaaS is based on a cloud intrusion detection system with distributed agents deployed at logical key locations of a cloud infrastructure (e.g. VMs, VM hosts, cloud management), in order to monitor occurrences in the cloud. An occurrence can be a simple successful login event, a series of unsuccessful login attempts or the network connections between VMs or increasing CPU consumption of a certain VM. Distributed attacks on or misuse of a cloud computing environment will thus be detected early.

Further information on the project

See also Cloud Computing Work Group

Duration01.07.2011 – 30.06.2013
Third party fundingGerman Ministry for Education and Research (BMBF)
Funding amount€239,751.60
Project partnersSCHUTZWERK GmbH, ToasterNET GmbH
Contact detailsProf. Dr. Christoph Reich (Email application is started:christoph.reich(at)hs-furtwangen.de)

Teaching

Problems with and applications of IT security are common headlines and part of our everyday life. The Faculty of Computer Science is well aware of their wide-ranging implications. Since winter semester 2011/12, IT security has been a focus of the Computer Networking (CNB) programme together with mobile systems. Currently the following aspects of IT security are covered in the bachelor's and master's programmes of the Faculty of Computer Science:

  • Mathematical principles of IT security and cryptography and coding
  • Cryptography and coding
  • Secure programing
  • Company security

Other activities

Hack2Improve - the Furtwangen hacking event

At regular intervals since 2008, the Faculty of Computer Science has organized one-day or multiple-day Hacking Events with partner companies. Industry experts report on the latest developments in the computer security sector. In a hacking lab, practical exercises allow students to experience for themselves gaps in security gaps and to work out measures to avoid these. The event is a lot of fun for participants and the event is always booked out early. Hack2Improve is a hands-on event, closely linking theory and practice. The 10th Furtwangen Hacking Event took place at Furtwangen University in May 2019 with the theme "eXplore eXploits".

www.hack2improve.de

Penetration Test

The Penetration Test has become a standard method to test the IT security of networked computer infrastructures. Using his experience and special tools, the tester takes on the role of the hacker and attempts to find weak points. To prepare the penetration tester well for the practical test, practice in an isolated, near-reality virtual environment is important. For this purpose a Pentest Lab has been built at Furtwangen University. Networked virtual machines with inbuilt weaknesses provide hackable scenarios.