05. February 2021
SCCH Develops Protection Against Hacking and Piracy
The DEPS (Dependable Production Systems) project aims to protect production systems against the theft of intellectual property, industrial espionage and sabotage. Led by SCCH, a group of major players from science and industry are working as partners to develop software that offers protection against attacks and reverse engineering.
Products are becoming ever more intelligent. Beginning with the smart toothbrush, almost every electronic device now contains a software component. The amount of software in products is increasing all the time. This has an influence on both cost and functionality. The intelligence of production machinery is also based increasingly on software. This is reflected in the cost.
“What this means is that software is containing more and more valuable knowledge, making it an increasingly attractive target for hackers,” explains Dr Thomas Ziebermayr, Area Manager Software Science at SCCH. “It is therefore essential to protect the software and intellectual property rights. Numerous solutions are already available, but there is still room for improvement with regard to both their application in practice and security. For this reason, we are developing a new approach in order to solve this complex problem. The objective is to protect the software from attacks from outside, prevent piracy and thereby safeguard the company’s intellectual property.” In association with the Universität der Bundeswehr in Munich (Institute of System Security), the École Polytechnique Fédérale de Lausanne, KU Leuven (Department of Computer Science) in Belgium and the Embedded Systems Lab at the University of Applied Sciences Upper Austria, Hagenberg campus, researchers at SCCH are developing completely new ways of achieving this.
Copy-proof and unalterable operating software
Describing this new approach, Ziebermayr says: "In software, a monoculture has established itself. That means that if an attacker succeeds in hacking a code he will have no difficulty attacking all that manufacturer’s devices because the programs are the same on every machine. We prevent that by diversifying the software. In the same way that biodiversity makes an ecosystem more resilient, diversity increases the resilience of IT systems. Attacks can now only affect one device. Additionally, we link the software inseparably with the hardware using new methods. This makes it impossible to produce pirate copies. Combining several methods means that considerable time and effort is required to reverse engineer the operating software, making it no longer lucrative for hackers.”
Project partners needed for research programme
The technical foundations are already being laid in the current project, and first prototypes are being developed at SCCH in close cooperation between research and industry. “Despite last year’s challenges we have been able to obtain essential findings and gather the most important requirements for methods for protecting machine software in collaboration with our partner companies,” says Markus Manz, CEO of Software Competence Center Hagenberg. “This is a good starting point for the research project (EUR 3.75 million, 4 years) that we are submitting. What is important to us is to have practical input from industry at this early stage. For this reason, interested companies are very welcome to contribute to the current project as well as to the planned COMET module. The research programme receives support from the Upper Austrian government.”
Companies interested in secure operating software still have the chance to participate in the follow-up project and the new COMET module. Because the project will be conducting basic research the investment required of the companies is moderate. The topic can be of particular use to mechanical engineering companies, software firms and manufacturers of medical equipment. Detailed information on the research project will be provided at an online presentation on 17 February from 9 a.m. to 10:30 a.m. and participants will have an opportunity to ask questions.
Information on the online presentation and the COMET module is available from Dr Thomas Ziebermayr
e-mail: email@example.com, phone +43 50 343 890
For details on the current project, visit https://www.scch.at/de/sae-projekte-details/deps-pilot