Sperrfristmeldungen
11.09.2023 15:17
Research projects, Contests / awards

Demonstrable IT security through formal verification

New research project "Ecosystem Trustworthy IT" (EvIT) plans provable IT security through formal verification . Photo: freepik/Cyberagentur
Hinweis zur Verwendung von Bildmaterial: Die Verwendung des Bildmaterials zur Pressemitteilung ist bei Nennung der Quelle vergütungsfrei gestattet. Das Bildmaterial darf nur in Zusammenhang mit dem Inhalt dieser Pressemitteilung verwendet werden. Falls Sie das Bild in höherer Auflösung benötigen oder Rückfragen zur Weiterverwendung haben, wenden Sie sich bitte direkt an die Pressestelle, die es veröffentlicht hat.
New research project "Ecosystem Trustworthy IT" (EvIT) plans provable IT security through formal verification . Photo: freepik/Cyberagentur | Quelle: freepik/Cyberagentur | Copyright: Cyberagentur | Download

New research call “Ecosystem formally verifiable IT” (EvIT)

Demonstrable IT security through formal verification

The Agentur für Innovation in der Cybersicherheit GmbH (Cyberagentur) has launched a call for groundbreaking research on an “Ecosystem formally verifiable IT” (EvIT) to strengthen the cyber security of IT systems. The aim is to develop methods for the formal verification of security properties of hardware and software in order to make them provably secure. Tenders can be submitted until 30 November 2023.

"The project," says project leader Dr Sebastian Jester, "focuses on two core elements: The development of technologies and tools for end-to-end formally verified IT components and the establishment of an ecosystem of IT developers among commercial providers as well as end users."

“Formal verification” provides mathematical and logical proof that IT systems are free of security vulnerabilities. The approach enables a previously unattained level of protection, especially for highly complex systems. Current verification methods are however time-consuming and require specialised knowledge. To overcome these limitations, the Cyberagentur is calling for tenders for an “Ecosystem formally verifiable IT” (EvIT) as a new large research project.

"The innovative approach behind EvIT is to make formal verification more accessible and efficient," explains Dr Jester, Head of Secure Hardware and Supply Chains in the Cyberagentur Secure Systems Department. A key feature of the approach is improved usability – for example, the ability quickly to verify software changes, rather than having to re-verify the system in its entirety. Another focus is on active community building. This is because the mathematical-logical procedures used require specialised knowledge, even among computer scientists, and are not easy or quick to apply to hardware and software of today's complexity. The new community is intended to offer researchers a platform to exchange ideas and to jointly make formal verification applicable to more complex systems and with a greater degree of automation, and to (further) develop the methods and software tools necessary for this. A further goal is to attract more IT talent to formal verification.

The selected project or projects is to define and implement reference systems of different levels of complexity, from simple microprocessors to servers. Using a stepwise approach, initial tests will focus on less complex systems. Possible approaches have been examined in five EvIT preliminary studies (“ÖvIT-Vorstudien”) for the Cyberagentur.

A successful project could fundamentally change the landscape of IT security with an ecosystem of researchers, commercial providers, and businesses and public administration as users. The project has the potential to close common security gaps in a wide range of IT systems, whether standard office systems or hardened IT for critical infrastructure or national security, and to make "cybersecurity by design" more widespread as a philosophy.

Researchers have until 30 November 2023 to formulate concepts and submit tenders to the Cyberagentur. This pre-commercial procurement is open to businesses, research and higher education institutions, and natural persons located in the European Union (EU), the European Economic Area (EEA), Switzerland, NATO member countries as well as Australia and New Zealand.

The invitation to tender with the contract number 2023/S 173-542341is published in the Supplement to the Official Journal of the European Union: https://www.evergabe-online.de/tenderdocuments.html?0&id=536095

Further information:

https://www.cyberagentur.de/oevit/
https://www.cyberagentur.de/oevit-vorstudien/

Contact

Michael Lindner
Press Officer of the Cyberagentur
Phone: +49 151 44150 645
E-mail: presse@cyberagentur.de

Background: Cyberagentur

The Agentur für Innovation in der Cybersicherheit GmbH (Cyberagentur) was founded in 2020 as a fully in-house company of the Federal Government under the joint leadership of the Federal Ministry of Defence and the Federal Ministry of the Interior and Home Affairs with the aim of taking a cross-departmental view of internal and external security in the area of cybersecurity that is related to application strategy. Against this background, the work of the Cyberagentur is primarily aimed at the institutionalised implementation of highly innovative projects that are associated with a high risk with regard to the achievement of objectives, but at the same time can have a very high disruptive potential if they are successful.

The Cyberagentur is part of the National Security Strategy of the Federal Republic of Germany.

The Cyberagentur is headed by Prof. Dr Christian Hummert as Research Director and Managing Director and Daniel Mayer as Commercial Director.

Wissenschaftlicher Ansprechpartner:
Dr. Sebastian Jester

Originalpublikation:
https://www.cyberagentur.de/gesucht-ansaetze-fuer-beweisbare-it-sicherheit-durch-formale-verifikation/

Weitere Informationen:
https://www.cyberagentur.de/oevit/
https://www.cyberagentur.de/oevit-vorstudien/

Die semantisch ähnlichsten Pressemitteilungen im idw