While previous projects relied on a monolithic, top-down approach with predefined methods, PROTECT (Proving Next Generation Secure Systems) takes a bottom-up approach. Rather than rigidly prescribing methods and tools, the project develops a flexible combination of various formal methods and tools. These are designed to be seamlessly integrated into existing IT architectures, allowing users to selectively choose individual security components and expand existing systems with a high level of security.
“With PROTECT, we are establishing future-proof standards for secure and sustainable digital infrastructure. The innovative bottom-up approach enables the development of customized security solutions that can be tailored to the specific requirements of different IT systems. To achieve this, we are collaborating with leading partners from both academia and industry," explains Prof. Dr. Christoph Lüth, project manager at DFKI in Bremen.
Access for all: open standards and open source
Another key feature of PROTECT is its commitment to open source and open science. All tools and methods developed will be made available as open-source software whenever possible, enabling widespread use and adaptation by the scientific community, industry, and other stakeholders. Simultaneously, the scientific results of the project will be accessible to the public through open access publications.
A reference system based on RISC-V
In PROTECT, the project partners are developing a reference system based on a RISC-V processor. RISC-V is an open, license-free processor architecture that enables particularly flexible and adaptable hardware solutions for safety-critical applications. This openness allows the development of customized, cost-effective solutions that are specifically tailored to the security requirements of systems. The reference system is used to develop advanced hardware-based security mechanisms that protect against highly specialized attacks such as side-channel attacks using transient code. Another innovation is the use of a digital twin (virtual prototype) of the reference system to identify and eliminate potential security vulnerabilities at an early stage.
Enhanced security for companies and digital infrastructure
The results of PROTECT have the potential to significantly improve the IT security of companies and public institutions and to set new standards for the development of cyber-secure hardware and software. In particular, small and medium-sized enterprises will benefit from open source solutions that provide easy access to advanced security features. In the long term, PROTECT will help to strengthen trust in digital infrastructures and promote IT security on a broad basis.
The PROTECT consortium
The project is coordinated by the DFKI research department Cyber-Physical Systems in Bremen. Other partners are RWTH Aachen University, Cryspen SARL (Paris, France), the Gesellschaft für Informatik e.V. (Berlin/Bonn), the Technical University of Kaiserslautern, LUBIS EDA GmbH (Kaiserslautern) and the University of Lübeck.
PROTECT is funded by the Cyberagentur as part of the program "Ecosystem Trustworthy IT – Proven Cybersecurity" (ÖvIT) in four annual tranches with a total amount of approximately 9.15 million Euro (plus VAT) from 20.12.2024 to 19.12.2028 as a research contract.