Our Research Projects
There is often no direct route to quickly achieving goals in IT security. The tasks are mainly complex and a lot of know-how, experience and endurance are necessary to find intelligent solutions. However, it is just these tasks that fascinate us – and it is results from this type of research that repeatedly allow the development of useful innovations and lead to improvements in the security of modern information technology.
In order to find good solutions, it often makes sense to combine differing skills, viewpoints and resources and for this reason genua participates in research projects. Here we work together with universities, research institutions and other organizations, in order to solve fundamental problems in IT security. We exchange know-how with others taking part and discuss the results obtained, with all parties profiting from the knowledge we gain. The sponsored projects therefore make a valuable contribution to knowledge transfer as well as strengthening the role of Germany as an economic and research center.
Please direct queries about our research projects to our Technical Ambassador:
Alexander von Gernler
tel +49 89 991950-0
Active Project Participation
RiskViz: Search Engine for Security Weaknesses in Industrial Control Systems
Nowadays Industrial Control Systems (ICSs) are in use almost everywhere. In industry, for example, they regulate power station turbines and robots on production lines and in the public sector they regulate computer tomographic scanners in hospitals and building access control and air conditioning systems. ICSs are, however, not designed for access from the Internet and thereby often inadequately or completely unprotected against attack, making them an easy prey for hackers. Against this background, the aim of the RiskViz research project was to develop procedures and tools to determine the vulnerabilities of industrial systems in a legal and responsible manner. The project’s first stage will involve the development of a search engine that will detect security weaknesses in internal networks. The partners in this project, which is led by the Hochschule Augsburg, are the Freie Universität Berlin, Koramis, the Brandenburg Institute for Society and Security, the Lechwerke AG, Munich Re, the Technologie Centrum Westbayern and genua. This cooperative research project is to last three years and is supported by the German Federal Ministry of Education and Research.
INDI: Intelligent Intrusion Detection Systems for Industrial Networks
Critical infrastructure such as the energy and water supplies are essential services and therefore require special protection against cyber attack. At the same time, only minimal intervention in the internal functioning of existing security solutions can be made. Conventional approaches either cannot be used at all or only implemented to a limited extent. The goal of the INDI project is to use non-invasive data collection, machine learning procedures and controlled network separation to create a security solution that provides an optimum of security and reliability. The research consortium is made up of the University of Göttingen, the BTU Cottbus-Senftenberg, a notable energy supplier and the genua GmbH. The project is supported by the German Federal Ministry of Education and Research.
APT Sweeper: Early Detection and Defense Against Advanced Persistent Threats
Current security technology such as virus scanners and sandboxes are not able to recognize targeted attacks – these are usually detected months or years later through suspicious activity in internal networks or when leakage of sensitive data is determined. The aim of the APT Sweeper project is provide early detection and defense against malicious software. A particular focus of the project is the context and structure of data transmission by mail and web. In this project we are cooperating with the Friedrich-Alexander University of Erlangen, the University of Göttingen as well as our associated partner Siemens and the German Federal Office for Information Security, BSI. The project is supported by the German Federal Ministry of Education and Research.
SarDiNe: SDN-based Network Security for Companies and Government Agencies
Software Defined Networking (SDN) is a technological development that makes network administration significantly simpler and more flexible. However, the change from hardware- to software-based solutions requires that particular care is taken in the specification and design of the security systems. The goal of the SarDiNe project was to use SDN to make a secure specification and design possible. Our partners were the Technische Universität München, the University of Würzburg and the company Infosim GmbH & Co. KG. The project was supported by the German Federal Ministry of Education and Research.
squareUP: A Digital Signature for Post-Quantum Cryptography
The public key encryption procedures currently in use will no longer be secure once the first quantum computers come into use. The reason for this is that quantum computers will be able to solve these otherwise difficult tasks quickly. This also applies for digital signatures: They too are based on the public key procedure and will no longer be secure in the post quantum era. Digital signatures are used today, for example, by software manufacturers to guarantee to their customers that software updates are genuine. A team of researchers from the Technical University of Darmstadt and genua have taken up the challenge presented by this situation and have started the squareUP project. This has the goal of developing a market-ready signature procedure that will resist quantum computers and will run until 2017. This project is sponsored by the Deutsche Forschungsgemeinschaft (German Research Foundation) and the Bavarian Ministry of Economic Affairs.
HardFIRE: Hardware-accelerated Firewall Without Backdoors
The ever increasing performance requirements required of today's firewalls show up the limits of classical software-based solutions – and explain why hardware acceleration is becoming more widely used. Modern hardware firewalls however bring some disadvantages with them: They are complex and expensive to develop and – in contrast with software solutions – are inflexible, which makes adaption to meet new requirements difficult. In addition, backdoors that are practically undetectable can be implemented in hardware – a scenario that has already become reality. The HardFIRE concept has been developed to solve these problems by using reconfigurable logical blocks (FPGAs): This approach provides flexibility and performance and allows the manufacturer full control over all functions. The HardFIRE project was supported by the German Federal Ministry for Economic Affairs and Energy.
SSGLB: Secure Smart Grid Load Balancer
The SSGLB system is intended to allow network operators to stabilize their networks by drawing control reserve from larger customer household devices that can be temporarily switched off. To this end, a so-called Micro Smart Meter (MSM), which exchanges information with the network operator, is installed upstream from the customers’ devices. This enables network operators to switch off and on uncritical consumer devices such as washing machines as required and thereby shift peak loads to periods of lower demand. The end customer profits from reduced prices. Our partners in this project were EBSnet | eEnergy Software GmbH, evopro systems engineering AG, R-Tech GmbH, SenerTec-Center Nord-Ost Bayern GmbH, Stadtwerke Kelheim GmbH & Co KG and the Ostbayerische Technische Hochschule Regensburg. The project was supported by the Bavarian State Ministry of Economic Affairs.
SIBASE: Modular Security System for Secure Embedded Systems
Embedded systems control more and more processes in our lives today, with a multitude of such systems being built in cars, airplanes, medical equipment or production machinery and controlling vitally important processes. It is therefore necessary that these systems are protected against attack and manipulation. The goal of the SIBASE project was the development of a modular security system for such embedded systems. Our partners in this project were the Technical University Munich (TUM), Fraunhofer Gesellschaft, Giesecke & Devrient GmbH, Infineon AG, Mixed Mode GmbH, SYSGO AG and Siemens AG. The project started in August 2013 and was supported by the Federal German Ministry of Education and Research.
vmFIRE: Firewall for Virtualization Hosts
Several virtual machines can be operated on the same hardware – saving resources and costs. The problem is to secure the virtual machines – the communication within the host system cannot be detected by conventional firewalls. Therefore, the Brandenburg Technical University Cottbus and genua developed a firewall for virtualization hosts. The project "vmFIRE" was estimated for a duration of two years and was supported by the Federal German Ministry of Education and Research.
Mobile Internet Joint Project: Work and Payment
Mobile Internet opens many new possibilities for working and making payments on the move but these processes have to be reliably secured. In this project genua was developing a laptop that meets the highest security requirements by using a microkernel and separation technology. Our partners in this project were the Ludwig-Maximilians-Universität München, Allianz Managed Operations & Services, Giesecke & Devrient GmbH, Virality GmbH and Wirecard AG. The project started in June 2013 and was supported by the Bavarian State Ministry of Economic Affairs, Infrastructure, Transport and Technology.
PADIOFIRE: Web 2.0-Firewall
The goal of the PADIOFIRE project was to develop a new type of firewall for the comprehensive analysis of Web 2.0 applications. This is necessary, as the current generation of firewalls cannot analyze all protocols – in particular Web 2.0 protocols that are nested within one another in the application layer. Our partners on this project were the Brandenburg University of Technology Cottbus and the Friedrich-Alexander-University of Erlangen-Nürnberg. genua was responsible for the asynchronous coupling of the firewall and the analysis mechanisms. PADIOFIRE started in July 2011 and was supported for two years by the Federal German Ministry of Education and Research.
Security Framework for VoIP
The SUNsHINE project contained the development of a security framework for recognizing and preventing potentially fraudulent attacks centered on the widely used Voice over IP (VoIP) communication. It was a cooperation with the University of Duisburg-Essen, Fraunhofer FOKUS and the ISACO GmbH. As a firewall specialist, our main interest was packet analysis of VoIP protocols. SUNsHINE started in May 2011 an expired in July 2013. It was supported by the Federal German Ministry of Education and Research.