Software manufacturers consider IT security both a risk and an opportunity in global competition. The three competence centers for IT security funded by the Federal Ministry of Education and Research (BMBF), CISPA, EC SPRIDE, and KASTEL, support manufacturers in developing secure software: In their latest strategy report “Entwicklung sicherer Software durch Security by Design” (Secure Software by Design), they discuss challenges and solutions. KASTEL is the Competence Center for Applied Security Technology at Karlsruhe Institute of Technology (KIT).
Software manufacturers know that IT security will gain importance in addition to functionality. To increase the security of software products, IT security aspects have to be taken into account from the very beginning of the manufacturing process. If they are considered too late, costs will arise for the later elimination of deficiencies and payment of damages. Long-term loss of image and trust may result. In the future, problems will even be aggravated: The complexity of software will increase and later provision of software security will be more complex and expensive. An early systematic consideration of security in software manufacture is of strategic dimension and may even be an advantage in competition. The competence centers CISPA, EC SPRIDE, and KASTEL now list approaches to enhancing software security in their trend and strategy report. “Security by design considers security aspects from the very beginning. It is important to keep complexity manageable. Security cannot be installed in a finished product later on,“ Professor Dr. Jörn Müller-Quade, spokesperson of KASTEL, explains.
The centers analyzed challenges and problems of today’s software industry as regards IT security. They identified questions that will have to be answered to improve software quality. Some proposals made in the report can be implemented immediately by software industry, others still require industrial pre-commercialization phase research. All aspects have to be considered by the funding partners when planning future research programs, by the respective research institutions, and by the research departments of software industry. The centers want to decisively advance research and support partner companies. “IT systems are highly complex and IT security therefore has to be of interdisciplinary character. It is a major objective of research to develop a common language beyond individual disciplines,” Müller-Quade points out.
The Competence Center for Applied Security Technology (KASTEL) pools the IT security competences of Karlsruhe Institute of Technology (KIT), the Fraunhofer Institute for Optronics, System Technologies, and Image Exploitation (IOSB), and the Research Center for Information Technology (FZI) in order to master future challenges in the area of IT security. It is aimed at replacing isolated partial solutions by the development of a holistic approach to implementing integrated security.
Click here to download the trend and strategy report:
www.sit.fraunhofer.de/secure-software-trends
In close partnership with society, KIT develops solutions for urgent challenges – from climate change, energy transition and sustainable use of natural resources to artificial intelligence, sovereignty and an aging population. As The University in the Helmholtz Association, KIT unites scientific excellence from insight to application-driven research under one roof – and is thus in a unique position to drive this transformation. As a University of Excellence, KIT offers its more than 10,000 employees and 22,800 students outstanding opportunities to shape a sustainable and resilient future. KIT – Science for Impact.