Filters

2018 - 2020 4
3 1
4
Reset filters

Settings
Author: Reith, Steffen ×

Publications Search Results

Now showing 1 - 4 of 4
  • Publication
    Secure IT without vulnerabilities and back doors
    ( 2020)
    Weber, Arnd
    ;
    Heiser, Gernot
    ;
    Kuhlmann, Dirk
    ;
    Schallbruch, Martin
    ;
    Chattopadhyay, Anupam
    ;
    Guilley, Sylvain
    ;
    Kasper, Michael
    ;
    Krauß, Christoph
    ;
    Krüger, Philipp S.
    ;
    Reith, Steffen
    ;
    Seifert, Jean-Pierre
    Increasing dependence on information technology calls for strengthening the requirements on their safety and security. Vulnerabilities that result from flaws in hardware and software are a core problem which market mechanisms have failed to eliminate. A strategy for resolving this issue should consider the following options: (1) private- and public-sector funding for open and secure production, (2) strengthening the sovereign control over the production of critical IT components within an economic zone, and (3) improving and enforcing regulation. This paper analyses the strengths and weaknesses of these options and proposes a globally distributed, secure supply chain based on open and mathematically proved components. The approach supports the integration of legacy and new proprietary comp onents.
  • Publication
    Open source value chains for addressing security issues efficiently
    ( 2018)
    Weber, Arnd
    ;
    Reith, Steffen
    ;
    Kuhlmann, Dirk
    ;
    Kasper, Michael
    ;
    Seifert, Jean-Pierre
    ;
    Krauß, Christoph
    It is suggested to improve the level of security by applying the open source paradigm to the entire IT supply chain and by subjecting the resulting components to verification when required. This would lead to a new trajectory for IT product development which could even increase the efficiency of addressing novel types of hardware-oriented attacks or employing stealthy hardware features. This could require increased transparency of semiconductor fabs. For designing open hardware several nuclei already exist. The proposed path would hold particular promise for security-critical components, which could be specified in such a way as to precisely match hardware characteristics. As some components would continue to be built using existing components for some time, a generalized a priori statement about the security of the complete supply chain, such as "verified" or "proven", will initially be impossible.
  • Publication
    Souveränität und die IT-Wertschöpfungskette
    ( 2018)
    Weber, Arnd
    ;
    Reith, Steffen
    ;
    Kasper, Michael
    ;
    Kuhlmann, Dirk
    ;
    Seifert, Jean-Pierre
    ;
    Krauß, Christoph
    Das Karlsruher Institut für Technologie, Fraunhofer SIT und Fraunhofer Singapur, die Hochschule RheinMain und die TU Berlin haben ein aktuelles White Paper vorgelegt, das die transnationalen Wertschöpfungsketten der IT-Industrie unter den Aspekten Sicherheit und Fairness problematisiert.