#WeKnowCybersecurity

Cybersecurity Blog of Fraunhofer AISEC

Quantum Computing
Fraunhofer AISEC

From Early Warning Signs to the Workbench: the PQC Update 2026 Shows that the Post-Quantum Era Has Begun

As we kicked off the PQC Update 2026, one question hung in the air: Is post-quantum cryptography still a distant dream – or has it long since become part of everyday life for government agencies, industry, and standards bodies? The answers from our speakers were surprisingly concrete: Dutch guidelines, German ID cards with PQC, new security chips, updated internet standards, roadmaps for critical infrastructure, and tools that can already reveal your legacy cryptographic vulnerabilities today. If you just want to know whether you need to take action now: Yes. If you want to know how, read on.

Read Article »
Fraunhofer AISEC 8. May 2026
Cybersecurity
Tanja Sadler

Hardware Security in a Networked World | Threat Scenarios, Protection Against Manipulation and the Role of Trust Anchors

How can we trust the hardware that forms the backbone of our connected world? In this interview, Dr. Matthias Hiller, head of the Hardware Security department at Fraunhofer AISEC, explains how trust anchors, secure chiplets, and advanced protection mechanisms help safeguard IT systems against tampering, and why hardware security is becoming a strategic factor for Europe in the age of quantum-based threats.

Read Article »
Tanja Sadler 28. April 2026
Cybersecurity
Michael Weiß

Secure System-On-Chip: Protecting Operating Systems and Hardware

How can we trust chips and operating systems that power IoT, industry and the cloud? In this interview, Fraunhofer AISEC cybersecurity researcher Dr. Michael Weiß explains how GyroidOS, secure system-on-chip and open standards like RISC-V create verifiable, tamper-resistant platforms for tomorrow’s critical infrastructure.

Read Article »
Michael Weiß 12. March 2026
‚Industrial Security‘
Patrick Wagner

Mastering Cross-Divisional Cybersecurity Risk Management in the Automotive Industry

Modern cars are interconnected systems of software, sensors, and cloud services. As automotive companies divide their work across engineering, production, and backend divisions, cybersecurity risks often fall through the cracks. While standards such as ISO/SAE 21434, the ISO/IEC 27000 family, and the IEC 62443 series provide important building blocks, none fully explain how to align cybersecurity across divisions. Our research at Fraunhofer AISEC reveals the consequences: hard-to-compare risk assessments, unclear communication, and fragmented security strategies. The solution lies in a cross-divisional approach that connects processes, tools, and terminology. Based on a structured analysis of key cybersecurity standards and interviews with experts from six automotive manufacturers, this article contrasts what the standards expect with how organizations work today – and outlines concrete steps to close the gaps.

Read Article »
Patrick Wagner 27. January 2026
Cybersecurity
Christian Banse

Automated cloud certification with EMERALD: Architecture, evidence, and trustworthy security

In the face of growing complexity and regulatory requirements, the security of cloud services is becoming increasingly challenging. However, conventional certification procedures require considerable financial and time investment to meet these requirements. That is why the EU research project EMERALD is pursuing a new approach: It is developing a framework for continuous, automated security certification based on semantically structured evidence. This article will discuss the concepts, methods, and validation approaches of the EMERALD platform.

Read Article »
Christian Banse 30. October 2025
Quantum Computing
Sebastian Issel

Towards Classical Software Verification using Quantum Computers

In this post, we explore the possibility of accelerating the formal verification of classical programs using quantum computers. Common programming errors, such as null-pointer dereference and out-of-bound access, are prevalent sources of security flaws. Our approach involves generating a Satisfiability (SAT) instance from code snippets, which is satisfiable if the undesired behavior exists. This instance is then converted into an optimization problem, solved using quantum algorithms, thus potentially achieving asymptotically polynomial speedup.

Read Article »
Sebastian Issel 13. August 2025
‚Industrial Security‘
Sebastian N. Peters

Gateway to the Danger Zone: Secure and Authentic Remote Reset in Machine Safety 

Modern manufacturing is rapidly digitizing, unlocking new business models and unprecedented efficiency. While remote operation has become commonplace, machine safety has still required hands-on, local intervention — until now. Our latest work at Fraunhofer AISEC bridges this gap with a secure, authentic remote reset system for safety events, blending future-proof cryptography and robust safety design. Here’s how we’re redefining the boundaries of safe, remote manufacturing.

Read Article »
Sebastian N. Peters 22. July 2025
Trusted Artificial Intelligence
Dariush Wahdany

Using Prototypes for Private Machine Learning 

How can machine learning respect privacy without sacrificing fairness? Discover DPPL, a prototype-based method that provides strong privacy guarantees while boosting accuracy for underrepresented groups. By addressing bias in differentially private models, this approach ensures ethical and inclusive AI development without compromising performance.

Read Article »
Dariush Wahdany 30. May 2025
Cryptography
Thomas Bellebaum

Multi-Party Computation in the Head – an Introduction

In 2016, the National Institute of Standards and Technology (NIST) announced a standardization process for quantum-secure cryptographic primitives. The goal was to find secure key encapsulation mechanisms (KEM) and signature schemes. One unique approach was the PICNIC signature scheme, a scheme utilizing the MPC-in-the-Head (MPCitH) paradigm. This made PICNIC an interesting approach, since its security relies on well researched block ciphers and hash functions. PICNIC was announced as an alternative candidate by NIST. A lot of follow-up schemes based on PICNIC, like BBQ, Banquet, and FEAST, were proposed using different block ciphers and variations on the original construction paradigm. In 2022, NIST announced a second call specifically for signature schemes. MPC-in-the-Head-based signature schemes became their own category, with multiple submissions in this call. This articel explains the core idea and functionality of early MPCitH based signature schemes and how we at Fraunhofer AISEC make use of the concepts.

Read Article »
Thomas Bellebaum 30. April 2025

Most Popular

Never want to miss a post?

Please submit your e-mail address to be notified about new blog posts.
 
Bitte füllen Sie das Pflichtfeld aus.
Bitte füllen Sie das Pflichtfeld aus.
Bitte füllen Sie das Pflichtfeld aus.

* Mandatory

* Mandatory

By filling out the form you accept our privacy policy.
Twitter Linkedin Youtube Xing Rss