Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Open source value chains for addressing security issues efficiently

 
: Weber, Arnd; Reith, Steffen; Kuhlmann, Dirk; Kasper, Michael; Seifert, Jean-Pierre; Krauß, Christoph

:

Institute of Electrical and Electronics Engineers -IEEE-; IEEE Reliability Society:
IEEE 18th International Conference on Software Quality, Reliability, and Security Companion, QRS-C 2018. Proceedings : 16-20 July 2018, Lisbon, Portugal
Piscataway, NJ: IEEE, 2018
ISBN: 978-1-5386-7839-8
ISBN: 978-1-5386-7840-4
S.599-606
International Conference on Software Quality, Reliability, and Security (QRS) <18, 2018, Lisbon>
Workshop on Cyber Resilience Economics <2018, Lisbon>
Englisch
Konferenzbeitrag
Fraunhofer SIT ()

Abstract
It is suggested to improve the level of security by applying the open source paradigm to the entire IT supply chain and by subjecting the resulting components to verification when required. This would lead to a new trajectory for IT product development which could even increase the efficiency of addressing novel types of hardware-oriented attacks or employing stealthy hardware features. This could require increased transparency of semiconductor fabs. For designing open hardware several nuclei already exist. The proposed path would hold particular promise for security-critical components, which could be specified in such a way as to precisely match hardware characteristics. As some components would continue to be built using existing components for some time, a generalized a priori statement about the security of the complete supply chain, such as "verified" or "proven", will initially be impossible.

: http://publica.fraunhofer.de/dokumente/N-520024.html