Our Research Projects
There is often no direct route to quickly achieving goals in IT security. The tasks are mainly complex and a lot of know-how, experience and endurance are necessary to find intelligent solutions. However, it is just these tasks that fascinate us – and it is results from this type of research that repeatedly allow the development of useful innovations and lead to improvements in the security of modern information technology.
In order to find good solutions, it often makes sense to combine differing skills, viewpoints and resources and for this reason genua participates in research projects. Here we work together with universities, research institutions and other organizations, in order to solve fundamental problems in IT security. We exchange know-how with others taking part and discuss the results obtained, with all parties profiting from the knowledge we gain. The sponsored projects therefore make a valuable contribution to knowledge transfer as well as strengthening the role of Germany as an economic and research center.
Please direct queries about our research projects to our Technical Ambassador:
Alexander von Gernler
tel +49 89 991950-0
RiskViz: Search Engine for Security Weaknesses in Industrial Control Systems
Nowadays Industrial Control Systems (ICSs) are in use almost everywhere. In industry, for example, they regulate power station turbines and robots on production lines and in the public sector they regulate computer tomographic scanners in hospitals and building access control and air conditioning systems. ICSs are, however, not designed for access from the Internet and thereby often inadequately or completely unprotected against attack, making them an easy prey for hackers.
Against this background, the aim of the RiskViz research project was to develop procedures and tools to determine the vulnerabilities of industrial systems in a legal and responsible manner. The project’s first stage involved the development of a search engine that detects security weaknesses in internal networks. The partners in this project, which was led by the Hochschule Augsburg, were the Freie Universität Berlin, Koramis, the Brandenburg Institute for Society and Security, the Lechwerke AG, Munich Re, the Technologie Centrum Westbayern, and genua.
The project expired in 2018 and was supported by the German Federal Ministry of Education and Research.
INDI: Intelligent Intrusion Detection Systems for Industrial Networks
Critical infrastructure such as the energy and water supplies are essential services and therefore require special protection against cyber attacks. At the same time, only minimal intervention in the internal functioning of existing security solutions can be made. Conventional approaches either cannot be used at all or only implemented to a limited extent.
The goal of the INDI project was to use non-invasive data collection, machine learning procedures, and controlled network separation to create a security solution that provides an optimum of security and reliability. The research consortium was made up of the University of Goettingen, the BTU Cottbus-Senftenberg, a notable energy supplier and genua.
The project expired in 2017 and was supported by the German Federal Ministry of Education and Research.
APT Sweeper: Early Detection and Defense Against Advanced Persistent Threats
Current security technology such as virus scanners and sandboxes are not able to recognize targeted attacks – these are usually detected months or years later through suspicious activity in internal networks or when leakage of sensitive data is determined. The aim of the APT Sweeper project was to provide early detection and defense against malicious software. A particular focus of the project was the context and structure of data transmission by mail and web. Our partners were were the Friedrich-Alexander University of Erlangen, the University of Goettingen as well as our associated partner Siemens, and the German Federal Office for Information Security, BSI.
The project expired in June 2017 and was supported by the German Federal Ministry of Education and Research.
SarDiNe: SDN-based Network Security for Companies and Government Agencies
Software Defined Networking (SDN) is a technological development that makes network administration significantly simpler and more flexible. However, the change from hardware- to software-based solutions requires that particular care is taken in the specification and design of the security systems. The goal of the SarDiNe project was to use SDN to make a secure specification and design possible. Our partners were the Technical University Munich (TUM), the University of Wuerzburg and the company Infosim GmbH & Co. KG.
The project expired in February 2018 and was supported by the German Federal Ministry of Education and Research.
squareUP: A Digital Signature for Post-Quantum Cryptography
The public key encryption procedures currently in use will no longer be secure once the first quantum computers come into use. The reason for this is that quantum computers will be able to solve these otherwise difficult tasks quickly. This also applies for digital signatures: They too are based on the public key procedure and will no longer be secure in the post quantum era. Digital signatures are used today, for example, by software manufacturers to guarantee to their customers that software updates are genuine. A team of researchers from the Technical University of Darmstadt and genua took up this challenge and developed a market-ready signature procedure that withstands quantum computers.
This project expired in 2017 and was sponsored by the Deutsche Forschungsgemeinschaft (German Research Foundation) and the Bavarian Ministry of Economic Affairs.
HardFIRE: Hardware-accelerated Firewall Without Backdoors
The ever increasing performance requirements of today's firewalls show up the limits of classical software-based solutions – and explain why hardware acceleration is becoming more widely used. Modern hardware firewalls however bring some disadvantages with them: They are complex and expensive to develop and – in contrast with software solutions – are inflexible, which makes adaption to meet new requirements difficult. In addition, backdoors that are practically undetectable can be implemented in hardware – a scenario that has already become reality. The HardFIRE concept has been developed to solve these problems by using reconfigurable logical blocks (FPGAs): This approach provides flexibility and performance and allows the manufacturer full control over all functions.
The project expired in August 2016 and was supported by the German Federal Ministry for Economic Affairs and Energy.
SSGLB: Secure Smart Grid Load Balancer
The SSGLB system is intended to allow network operators to stabilize their networks by drawing control reserve from larger customer household devices that can be temporarily switched off. To this end, a so-called Micro Smart Meter (MSM), which exchanges information with the network operator, is installed upstream from the customers' devices. This enables network operators to switch off and on uncritical consumer devices such as washing machines as required and thereby shift peak loads to periods of lower demand. The end customer profits from reduced prices. Our partners in this project were EBSnet | eEnergy Software GmbH, evopro systems engineering AG, R-Tech GmbH, SenerTec-Center Nord-Ost Bayern GmbH, Stadtwerke Kelheim GmbH & Co KG and the Ostbayerische Technische Hochschule Regensburg.
The project expired in September 2016 and was supported by the Bavarian State Ministry of Economic Affairs.
SIBASE: Modular Security System for Secure Embedded Systems
Embedded systems control more and more processes in our lives today, with a multitude of such systems being built in cars, airplanes, medical equipment or production machinery and controlling vitally important processes. It is therefore necessary that these systems are protected against attack and manipulation. The goal of the SIBASE project was the development of a modular security system for such embedded systems. Our partners in this project were the Technical University Munich (TUM), Fraunhofer Gesellschaft, Giesecke & Devrient GmbH, Infineon AG, Mixed Mode GmbH, SYSGO AG, and Siemens AG.
The project expired in November 2016 and was supported by the Federal German Ministry of Education and Research.
vmFIRE: Firewall for Virtualization Hosts
Several virtual machines can be operated on the same hardware – saving resources and costs. The problem is to secure the virtual machines – the communication within the host system cannot be detected by conventional firewalls. Therefore, the Brandenburg Technical University Cottbus and genua developed a firewall for virtualization hosts.
The project expired in November 2014 and was supported by the Federal German Ministry of Education and Research.
Mobile Internet Joint Project: Work and Payment
Mobile Internet opens many new possibilities for working and making payments on the move but these processes have to be reliably secured. In this project genua was developing a laptop that meets the highest security requirements by using a microkernel and separation technology. Our partners in this project were the Ludwig-Maximilians-University Munich, Allianz Managed Operations & Services, Giesecke & Devrient GmbH, Virality GmbH, and Wirecard AG.
The project expired in November 2014 and was supported by the Bavarian State Ministry of Economic Affairs, Infrastructure, Transport, and Technology.
PADIOFIRE: Web 2.0-Firewall
The goal of the PADIOFIRE project was to develop a new type of firewall for the comprehensive analysis of Web 2.0 applications. This is necessary, as the current generation of firewalls cannot analyze all protocols – in particular Web 2.0 protocols that are nested within one another in the application layer. Our partners on this project were the Brandenburg University of Technology Cottbus and the Friedrich-Alexander-University of Erlangen-Nürnberg. genua was responsible for the asynchronous coupling of the firewall and the analysis mechanisms.
The project expired in September 2011 and was supported by the Federal German Ministry of Education and Research.
SUNsHINE: Security Framework for VoIP
The SUNsHINE project contained the development of a security framework for recognizing and preventing potentially fraudulent attacks centered on the widely used Voice over IP (VoIP) communication. It was a cooperation with the University of Duisburg-Essen, Fraunhofer FOKUS and the ISACO GmbH. As a firewall specialist, our main interest was packet analysis of VoIP protocols.
The project expired in July 2013 and was supported by the Federal German Ministry of Education and Research.