Download-Material
Images
The following material may be used free of charge, as long as it is related to the National Research Center for Applied Cybersecurity ATHENE. The images are to be marked with the copyright information »ATHENE«.
Prof. Michael Waidner
Studies & Reports
Privacy und Big Data
Analyzing large amounts of data enables numerous improvements - in the fight against climate change as well as in medicine. At the same time, today's big data analysis options create completely new risks for people's privacy. If data volumes from different sources are combined during analysis, supposedly anonymized data can often be merged into personal profiles, sometimes with unforeseeable consequences for the individuals concerned. The study therefore shows how big data technologies can be used without harming the privacy of individuals.
Eberbacher Gespräch on AI, Security & Privacy
Despite numerous opportunities for innovation, many companies and authorities are still hesitant to use artificial intelligence (AI) in the area of cyber security. One of the main reasons for this is that the performance of systems is often difficult to assess. This report summarizes recommendations developed by experts from science and industry on how obstacles to the use of AI can be overcome, such as specific quality criteria and testing options.
System Security Mechanisms for Electric Vehicles and Charge Points Supporting ISO 15118 - Proposal for a Technical Guideline
This technical guideline provides recommendations for the secure operation of an emobility charging infrastructure. The focus is on system security of the Electric Vehicle (EV) and Charge Point (CP) / Electric Vehicle Supply Equipment (EVSE), with their respective communication control units, the Electric Vehicle Communication Controller (EVCC) and the Supply Equipment Communication Controller (SECC), as well as the secure usage of their communication protocols. Both systems are required to be equipped with a Hardware Security Module (HSM), providing a hardware trust anchor for secure storage and usage of their corresponding private credentials. The trust anchor is also used to provide more advanced security features like software integrity validation or secure firmware updates. Additional recommendations are given, aiming to increase the security of the communication between EVCC and SECC using ISO 15118 [10] as well as the backend communication of the SECC.
Security Module for the Electric Vehicle Charging System - Proposal for a Protection Profile
In the field of eMobility, Electric Vehicles (EVs) are charged using a Charge Point (CP). To enable a trustworthy and reliable charging and billing process for the transferred electrical energy, data is exchanged between the vehicle and the CP through the charge cable and specific protocols are applied. Further, the CP is part of an infrastructure that connects the point on the one hand to the energy grid and to an energy provider, billing system, and other valueadded service providers on the other hand. The international standardisation system has created a basis for communication between an electric vehicle and the charging infrastructure in the form of international standard ISO/IEC15118, which is already in place. ISO/IEC15118 defines the communication between the electric vehicle and the CP. However, some protocols that are required for the value-added services are extensions of ISO/IEC15118.
Eberbacher Gespräch: Next Generation Cryptography
From online-banking to the blockchain – most IT security mechanisms for protecting data and digital communication are based on cryptography. Quantum computers and new forms of attacks are threatening many of these IT security mechanisms. How businesses and society can protect the cyber-world from such devastating threats in the future was discussed by experts in the realm of business, research, and politics at the “Eberbacher Gespräch” on “Next Generation Cryptography”. The experts’ opinion: Cryptography must become more flexible in order to be able to react quickly to technical changes.
Books
Post-Quantum Crypto for Dummies
The e-book "Post-Quantum Crypto for dummies" offers a comprehensive overview of the current state of post-quantum cryptography on 40 pages:
- The most important areas of post-quantum cryptography research today
- Practical approaches to defending against future attacks based on quantum computing
- Using an HSM to implement quantum-safe cryptography