Groß-Bieberau, March 19, 2019: accessec GmbH has set the goal of developing a decentralized and manageable machine identity based on IOTA distributed ledger technology for industrial applications as part of the scientific accompanying project IUNO Insec. The focus is on the handling of key material, on the basis of which machines and devices can be created an identity and subsequently authenticated. In order to be able to prove the applicability in production facilities, IT protection goals and secure communication have top priority. The following key questions must be examined: 1. How can a seed be mapped in a Trusted Platform Module (TPM) or in a Secure Element? 2. Is it possible to sign an IOTA transaction with a secure element without the seed leaving the secure element? 3. What requirements does a secure element have to meet in order to support signing? "At the moment, we are confident that the resulting concept can also be mapped in a production network in the future," explains Markus Soppa, Head of Research at accessec. "The demonstrator is intended to be the first step towards machines that can be managed decentrally in the future. IT security and the manageability of machine identities are of paramount importance for us and our customers". Distributed Ledger is the technological basis of virtual currencies. It is to be understood as [...]
“Industrial IT Security: Efficient protection of networked production lines”: Vogel Verlag publishes textbook by Sebastian Rohr
Groß-Bieberau, 07 March 2019. Since 26 February 2019, the first book by Sebastian Rohr (CEO at accessec GmbH) is available in stores. The book, which was published jointly with Vogel Communications Group GmbH & Co. KG is aimed at employees and production managers, site managers, production planners and product developers, IT-savvy maintenance engineers, commissioning engineers and suppliers of automation technology for automated plants. "In the book, readers will find the essential aspects of secure IT for production plants," explains Rohr. "Increasingly complex data and information flows in industrial manufacturing are leading to increased cross-company communication. This has a direct impact on the necessary protective precautions for IT, production and production data". A lack of intelligent and forward-looking security measures causes too high risks, for example for manipulation of processes, data and machines and thus for production equipment and products. For this reason, modern Identity and Access Management (IAM) will play an important role in the future. Rohr will focus on the following topics: Organisational requirements for the establishment of Industrial IT Security Automated production systems (IT) network technology and directory services in production Security of applications and SCADA/ICS components Risk management and industrial IT security Industry outlook 4.0 With his book, Rohr strengthens the necessary problem awareness for the vulnerability of control technology and standard information technologies in industrial companies. Along the automation [...]
Feb 28 2019 Darmstadt, Germany This week, the Darmstadt Germany-based security and identity management company accessec GmbH released its long awaited Car Wallet and PoS (Point of Sales) demonstrator. “We have been waiting with much anticipation to finally showcase our own development and are proud of what our development team has achieved in 2018 using IOTA technology” says Sebastian Rohr, founder and CEO of the company. Having a valid and properly working Car Wallet and PoS Terminal solution at the same time enables both the automotive suppliers, OEMs and charging infrastructure companies to equip any automotive ECU or charging station PoS with compatible technology. Despite a small number of previously launched wallets to conduct payments with the IOTA Tangle or blockchain- based solutions, accessec took the solution further by adding a simple, but trustworthy mutual authentication and validation process which provides clear advantages for all stakeholders. The security components in particular have been thoroughly investigated as the whole development followed a strict Secure Software Development Lifecycle (SDLC) process that comprised a full threat modelling and risk analysis to mitigate any possible threats to the solution stack. As this formal modelling can be re-used for production-ready deployments, many operational security issues of existing and deployed wallets or PoS terminal software modules can be ticked off the list. Despite current negotiations, accessec is open for [...]
Groß-Bieberau, 05 October 2018. accessec GmbH has strengthened its research team in September 2018. Our new Research Consultant Sven Feuchtmüller is now supporting the development of concepts, training and research in the areas of Distributed Ledger Technology and Internet of Things. "We are very pleased to have Sven Feuchtmüller in our team," says Sebastian Rohr, CEO of accessec, "especially with regard to future-oriented research projects such as Sedafa or follow-up projects to IUNO, he will set important impulses." Feuchtmüller has many years of experience in teaching complex subjects - in Germany and during his master's degree in Sweden. In addition to his work at accessec, he is doing his doctorate with focus on decentralized artificial intelligence.
Groß-Bieberau, 06 September, 2018. accessec GmbH is starting autumn 2018 with its own Youtube channel. The consulting company, which specialises in holistic IT security strategies, is responding to the wish of its customers and business partners to be able to understand complex, IT security-relevant relationships even better. Sebastian Rohr, Managing Director of accessec GmbH, will - together with his employees - from now on regularly upload videos that address current and exciting issues. "The IT world is becoming increasingly complex," explains Rohr. "A few years ago, divergence and identity and access management were new terms, but today there is IOTA and Blockchain. Many managing directors, CTOs or IT managers of our customers would like to receive more information on these topics. In particular, they need answers to the question of which IT security risks they need to protect themselves against and which opportunities can be derived from the new technical possibilities for their own organization". With help of the Youtube channel accessec would like to impart knowledge on the one hand and on the other hand to give suggestions on where and how current but also continuous challenges in the area of IT security can be mastered. accessec focuses on the following topics: PKI, Certificates and Authentication Cloud application security Federation and comprehensive Identity Management Trusted Platform Modules (TPM) in the industrial environment [...]