Groß-Bieberau, March 19, 2019: accessec GmbH has set the goal of developing a decentralized and manageable machine identity based on IOTA distributed ledger technology for industrial applications as part of the scientific accompanying project IUNO Insec.
The focus is on the handling of key material, on the basis of which machines and devices can be created an identity and subsequently authenticated. In order to be able to prove the applicability in production facilities, IT protection goals and secure communication have top priority.
The following key questions must be examined:
1. How can a seed be mapped in a Trusted Platform Module (TPM) or in a Secure Element?
2. Is it possible to sign an IOTA transaction with a secure element without the seed leaving the secure element?
3. What requirements does a secure element have to meet in order to support signing?
“At the moment, we are confident that the resulting concept can also be mapped in a production network in the future,” explains Markus Soppa, Head of Research at accessec. “The demonstrator is intended to be the first step towards machines that can be managed decentrally in the future. IT security and the manageability of machine identities are of paramount importance for us and our customers”.
Distributed Ledger is the technological basis of virtual currencies. It is to be understood as a public, decentralized account book. It is used in digital payment and business transactions to record transactions from user to user without the need for a central location that legitimizes each individual transaction.
The IOTA-Tangle is primarily aimed at industrial companies. Free transactions in a distributed network will enable devices to share technical resources in real time, with minimal risk of downtime and transparency.
accessec GmbH, a specialist in IT security issues, was awarded the contract for the BMBF’s accompanying scientific project together with other partner companies in 2018. The project aims to develop a process model and tools for security assessment and migration, especially for SMEs, and builds on the threat and risk analysis developed in the national reference project on IT security in industry 4.0 (IUNO). The aim is to identify migration paths to an adequate level of protection for production companies and to provide recommendations for the use of solution modules.