Cyber security in production

Digitization needs IT security expertise in medium-sized businesses - Now also in Ostwestfalen-Lippe

The digital transformation of all areas of life and work increases the demands on system security and requires a deeper understanding of the interaction of networked devices, systems and users.

With the increasing digitalization of society, the threat potential of cyberattacks is growing significantly. In addition to previous attacks, attack scenarios on critical infrastructures and highly scaled attacks on industrial plants are coming to the fore. For this reason, IT security and cyber security is a cross-cutting and key technology for a functioning modern society and industry.

The rapid changes in information technology today do not only affect IT security professionals. Developers, users and testers, but also managers at various levels of decision making, especially in small and medium-sized enterprises and public authorities, require a wide range of qualifications and a deep understanding of the significance and consequences of IT security problems.

Cyber security is the first priority for the attainment of digital sovereignty. For this reason, business and public authorities require a sufficient number of highly qualified specialists in the field of cyber security. Politics and business agree that the issue of cyber security is of central importance. 


Our range of services

  • Learning Lab Cybersecurity
    The Learning Laboratory Cyber Security (Production Consortium) is a cooperation between Fraunhofer IOSB, Fraunhofer IOSB-INA and the Hochschule Ostwestfalen-Lippe at the locations Karlsruhe and Lemgo. Specialists and executives from industry and public administration receive a compact qualification in high-quality laboratories with up-to-date IT infrastructure. There, they simulate real threat scenarios, learn to recognize their significance and consequences and study suitable solution concepts in a practical manner in their application and efficiency. Based on proven cooperation models between Fraunhofer and universities of applied sciences, a model is being implemented for the further training of IT security specialists that integrates the universities of applied sciences as partners in cooperative research, in the development of further training concepts and teaching modules and finally in the teaching of the course content.
  • The establishment of the learning laboratory Cyber Security at the Lemgo site in Ostwestfalen-Lippe and the networking of the further education offers of various partner consortia will address users and decision makers. The modules are tailored to the needs of industry and public administration in terms of sectors, topics and functions.
    From the point of view of the economy, it is important that contents are modularly structured and are tailored to practical issues. Here it must be taken into account that the practical part of the training program is very extensive. In addition, it is necessary that further training for skilled workers can be combined as easily as possible with the employees' everyday working life. This means that the individual modules of the program are compact (one to three days) and do not tie up resources over long periods of time.
    The quality of the training is ensured by the involvement of the Fraunhofer Academy. The Fraunhofer Academy is responsible for incorporating the latest findings from learning and educational research into the development of the courses on offer and for end-to-end quality management.
  • Secure Industry 4.0 Communication
    Industrie 4.0 Anwendungsfällle, wie Condition Monitoring, Plug & Work und Optimierung, erfordern eine sichere Kommunikation. Diese Sicherheitsanforderungen können durch den Einsatz von OPC UA realisiert werden
    • Industry 4.0 Applications
    • Creation of information models
    • Securing communication
  • Protection according to IEC 62443 
    In the course of the digital transformation, companies must know their critical systems, assets and values in order to take appropriate protective measures. With IEC 62443, companies can protect themselves with a holistic security concept that supports the requirements of component manufacturers, machine builders and plant operators.
    • Overview IEC 62443 
    • Design and implementation of a Cyber Security Management System (CSMS)
    • Risk assessment and analysis
  • Cyber Detect: real-time detection of cyber attacks for production systems
    Cyber Detect is an analysis software for detecting network-based cyber attacks on industrial production systems. For this purpose, the communication between controllers and field devices is analyzed in real-time (see figure 1).
    The analysis software checks the communication data for anomalies. If an anomaly occurs, an alarm is generated. The alarm allows manual and automatic countermeasures to be initiated, e.g. the production system can be put into a safe state. Cyber Detect has standardized interfaces like OPC UA to ensure easy integration and configuration. 
    • Functions:Classification of cyber attacks
    • Anomaly detection
    • Real-time analysis
    • Deep Packet Inspection
    • Standardized interface through OPC UA
CyberDetect Demonstrator
  • ML-Protect: Hardening of machine learning methods
    ML-Protect is a software solution to protect neural networks against specific cyber attacks. Neural networks can be used as a component of a condition monitoring system in industrial production to detect errors in production systems at an early stage. When using neural networks, the following problem exists: It cannot be determined with absolute certainty whether all possible errors can be detected. This is because the data used for training does not contain all possible system states.
    In particular, the problem is made clear by so-called Adversarial Examples. These are specially manipulated data that make it possible to deceive a neural network. Hackers can use Adversarial Examples to manipulate production unnoticed by the condition monitoring system and thus cause malfunctions or damage. ML-Protect already starts during the training phase of neural networks to protect them. For this purpose, adversarial examples are calculated and are again included in the training. This enables the trained neural network to correctly evaluate manipulated data.
    • Protecting neural networks
    • Generieren von kontradiktorischen Beispielen
ML- Protect Systemarchitektur

Further Information

Research topics and projects


Service offerings