Migrating security knowledge between industry domains since 2010.
Cybersecurity is relevant for most industries that work with embedded systems. ITK provides engineering services in many industries and cybersecurity is no exception. The cross-domain knowledge that we generate this way enables our security experts to migrate security solutions and methodologies between domains and often leads to a quick solution, especially when problems were already solved by other industries.
Connected car and autonomous driving are challenging trends in the automotive domain. Both trends already have had an impact on different aspects of the traditional vehicle technology and underline the need for cybersecurity: secure diagnostics, secure over-the-air (OTA) updates, secure onboard communication (SecOC) and secure boot are just a few examples. Furthermore, security standardization progressed with ISO/SAE 21434 and AUTOSAR.
Cybersecurity technologies and methodologies affect OEMs as well as Tier1 and Tier2 suppliers. ITK works actively for all of them, making sure that no information gets lost on the way and addressing potential security pitfalls for our customers before they become a difficult challenge. To be as close to these upcoming technologies as possible, ITK is a premium partner of the Adaptive AUTOSAR consortium and is actively contributing both in safety and security working groups.
While the agricultural industry is closely looking at the developments in the automotive domain for some technologies, it is way ahead in others. A huge variety of use cases and special requirements are very specific to the agriculture industry because of the nature of the industry itself (e.g. interfacing with third-party equipment on a very low level) or new trends like smart farming.
Based on our cross-domain knowledge, we are able to transfer security technologies and customize solutions if necessary – not only conceptually but also in code. ITK is actively participating in the Agricultural Industry Electronics Foundation (AEF) and develops concepts as well as libraries for secure Tractor Implement Management (TIM).
Medical devices have to become increasingly connected to provide patients with optimal care. At the same time, the healthcare infrastructure is increasingly targeted by attackers (e.g. via ransomware [25]). This is also recognized by national and international regulatory bodies that demand to take cybersecurity into account when developing healthcare products [17] [19] [20].
Since 1994, ITK has been providing engineering services to medical device manufacturers, so our engineers are very familiar with the relevant regulations and standards as well as the complex regulatory framework of the healthcare domain. (e.g. MDR, FDA, and ISO 13485).
The industry domain faces many trends that inadvertently lead to security challenges. Production processes are optimized for efficiency by connecting equipment to enable predictive maintenance and to automate factories. Collaborative robots (Cobots) are integrated into manufacturing environments. Information technology (IT) and operational technology (OT) increasingly converge. Digital twin technologies allow for the tracing of the manufacturing process and the components of products. All these trends have to be enabled by connecting a previously closed system to company networks or even to the outside world. This leads to attack possibilities, which is also recognized by upcoming standardization, such as IEC 62443 [14].
ITK assists in making use of the industry 4.0 trends with contributions to general software and process consulting services. The technical and process expertise that we gathered in these projects helps to design tailored solutions that also merge well with existing systems and the according boundary conditions.
The rail industry faces connectivity trends, including electronically connected grade-crossing, digitally connected railway stations, European Rail Traffic Management System (ERTMS), European Train Control System (ETCS), GSM Rail (GSM-R), electronic interlocking (ESTW), and predicted maintenance. This induces cybersecurity requirements which are also captured by upcoming standards (e.g. DIN VDE 0831-100 [26]. and IEC 62443 [14]). Introducing cybersecurity mechanisms is especially challenging for the railway domain, which is a complex ecosystem of technologies that already exist, and new technology has to be compatible to the legacy systems. Also, the lifetime of these systems is much longer than in other industries. Laying out security mechanisms that are also secure in 30+ years constitutes a big challenge.
ITK has been actively contributing software to the rail industry since 2015. We are used to designing security under boundary conditions, tailoring existing solutions, or building new solutions from scratch, if required.
Connected car and autonomous driving are challenging trends in the automotive domain. Both trends already have had an impact on different aspects of the traditional vehicle technology and underline the need for cybersecurity: secure diagnostics, secure over-the-air (OTA) updates, secure onboard communication (SecOC) and secure boot are just a few examples. Furthermore, security standardization progressed with ISO/SAE 21434 and AUTOSAR.
Cybersecurity technologies and methodologies affect OEMs as well as Tier1 and Tier2 suppliers. ITK works actively for all of them, making sure that no information gets lost on the way and addressing potential security pitfalls for our customers before they become a difficult challenge. To be as close to these upcoming technologies as possible, ITK is a premium partner of the Adaptive AUTOSAR consortium and is actively contributing both in safety and security working groups.
While the agricultural industry is closely looking at the developments in the automotive domain for some technologies, it is way ahead in others. A huge variety of use cases and special requirements are very specific to the agriculture industry because of the nature of the industry itself (e.g. interfacing with third-party equipment on a very low level) or new trends like smart farming.
Based on our cross-domain knowledge, we are able to transfer security technologies and customize solutions if necessary – not only conceptually but also in code. ITK is actively participating in the Agricultural Industry Electronics Foundation (AEF) and develops concepts as well as libraries for secure Tractor Implement Management (TIM).
Medical devices have to become increasingly connected to provide patients with optimal care. At the same time, the healthcare infrastructure is increasingly targeted by attackers (e.g. via ransomware [25]). This is also recognized by national and international regulatory bodies that demand to take cybersecurity into account when developing healthcare products [17] [19] [20].
Since 1994, ITK has been providing engineering services to medical device manufacturers, so our engineers are very familiar with the relevant regulations and standards as well as the complex regulatory framework of the healthcare domain. (e.g. MDR, FDA, and ISO 13485).
The industry domain faces many trends that inadvertently lead to security challenges. Production processes are optimized for efficiency by connecting equipment to enable predictive maintenance and to automate factories. Collaborative robots (Cobots) are integrated into manufacturing environments. Information technology (IT) and operational technology (OT) increasingly converge. Digital twin technologies allow for the tracing of the manufacturing process and the components of products. All these trends have to be enabled by connecting a previously closed system to company networks or even to the outside world. This leads to attack possibilities, which is also recognized by upcoming standardization, such as IEC 62443 [14].
ITK assists in making use of the industry 4.0 trends with contributions to general software and process consulting services. The technical and process expertise that we gathered in these projects helps to design tailored solutions that also merge well with existing systems and the according boundary conditions.
The rail industry faces connectivity trends, including electronically connected grade-crossing, digitally connected railway stations, European Rail Traffic Management System (ERTMS), European Train Control System (ETCS), GSM Rail (GSM-R), electronic interlocking (ESTW), and predicted maintenance. This induces cybersecurity requirements which are also captured by upcoming standards (e.g. DIN VDE 0831-100 [26]. and IEC 62443 [14]). Introducing cybersecurity mechanisms is especially challenging for the railway domain, which is a complex ecosystem of technologies that already exist, and new technology has to be compatible to the legacy systems. Also, the lifetime of these systems is much longer than in other industries. Laying out security mechanisms that are also secure in 30+ years constitutes a big challenge.
ITK has been actively contributing software to the rail industry since 2015. We are used to designing security under boundary conditions, tailoring existing solutions, or building new solutions from scratch, if required. .
