Challenge #106
Calculating the value of cybersecurity.
Critical infrastructures such as our power grids are increasingly vulnerable to cyberattacks. We are arming these systems against an attack and demonstrating the scale of loss that a security gap would cause for us.
Participating centers
Our daily lives are increasingly being shaped by networked IT systems. In the future, we will have smart power grids, we will use autonomous vehicles, and industry will rely on intelligent production facilities (Industry 4.0). The security of these networks is therefore all the more important; otherwise, there will be a risk of economic damage and, in the worst case, danger to life and limb.
But reliable IT security systems are expensive, and some even limit the functionality of the systems they protect. Hence, in practice, users cannot always choose the most secure solution, but must weigh the costs of a defense system against the security gain it guarantees.
At KIT, we are therefore researching safety assessment methods that make such considerations possible in the first place. In doing so, we go beyond established statistical approaches to be able to build a profile of intelligent attackers. After all, they represent a major threat to networked infrastructures. For example, organized attacks on digital electricity meters – so-called smart meters – could jeopardize the stability of the entire power grid. The novelty of our idea is to identify the conditions under which a system is secure against intelligent attackers and to evaluate the plausibility of those conditions. This approach is highly interdisciplinary and promises results that can be put into practice. The first system whose security we are currently evaluating in this way is an encrypted video recording system in an industrial environment.
(Photo: KIT)