Software manufacturers consider IT security both a risk and an opportunity in global competition. The three competence centers for IT security funded by the Federal Ministry of Education and Research (BMBF), CISPA, EC SPRIDE, and KASTEL, support manufacturers in developing secure software: In their latest strategy report “Entwicklung sicherer Software durch Security by Design” (Secure Software by Design), they discuss challenges and solutions. KASTEL is the Competence Center for Applied Security Technology at Karlsruhe Institute of Technology (KIT).
Software manufacturers know that IT security will gain importance in addition to functionality. To increase the security of software products, IT security aspects have to be taken into account from the very beginning of the manufacturing process. If they are considered too late, costs will arise for the later elimination of deficiencies and payment of damages. Long-term loss of image and trust may result. In the future, problems will even be aggravated: The complexity of software will increase and later provision of software security will be more complex and expensive. An early systematic consideration of security in software manufacture is of strategic dimension and may even be an advantage in competition. The competence centers CISPA, EC SPRIDE, and KASTEL now list approaches to enhancing software security in their trend and strategy report. “Security by design considers security aspects from the very beginning. It is important to keep complexity manageable. Security cannot be installed in a finished product later on,“ Professor Dr. Jörn Müller-Quade, spokesperson of KASTEL, explains.
The centers analyzed challenges and problems of today’s software industry as regards IT security. They identified questions that will have to be answered to improve software quality. Some proposals made in the report can be implemented immediately by software industry, others still require industrial pre-commercialization phase research. All aspects have to be considered by the funding partners when planning future research programs, by the respective research institutions, and by the research departments of software industry. The centers want to decisively advance research and support partner companies. “IT systems are highly complex and IT security therefore has to be of interdisciplinary character. It is a major objective of research to develop a common language beyond individual disciplines,” Müller-Quade points out.
The Competence Center for Applied Security Technology (KASTEL) pools the IT security competences of Karlsruhe Institute of Technology (KIT), the Fraunhofer Institute for Optronics, System Technologies, and Image Exploitation (IOSB), and the Research Center for Information Technology (FZI) in order to master future challenges in the area of IT security. It is aimed at replacing isolated partial solutions by the development of a holistic approach to implementing integrated security.
Click here to download the trend and strategy report:
www.sit.fraunhofer.de/secure-software-trends
Being “The Research University in the Helmholtz Association”, KIT creates and imparts knowledge for the society and the environment. It is the objective to make significant contributions to the global challenges in the fields of energy, mobility, and information. For this, about 10,000 employees cooperate in a broad range of disciplines in natural sciences, engineering sciences, economics, and the humanities and social sciences. KIT prepares its 22,800 students for responsible tasks in society, industry, and science by offering research-based study programs. Innovation efforts at KIT build a bridge between important scientific findings and their application for the benefit of society, economic prosperity, and the preservation of our natural basis of life. KIT is one of the German universities of excellence.