Cyberagentur visiting SOVEREIGN in Hamburg

19. July 2024

On July 16, 2024, Prof. Dr. Christian Hummert, head of the Agentur für Innovation in der Cybersicherheit (Cyberagentur), with Dr. Gerald Walther and Dr. André Müller visited the Universität Hamburg to meet up with the SOVEREIGN project members to get a hold of the current state of the project. The members presented a coherent modular architecture to detect and defend against advanced cyber threats.

SOVEREIGN’s low-latency FPGA firewall allows malicious traffic to be filtered in legacy KRITIS infrastructure.
Figure 1: SOVEREIGN’s low-latency FPGA firewall allows malicious traffic to be filtered in legacy KRITIS infrastructure.

One discussed topic is the attribution of threat actors based on software binaries. Additionally, the project also presented specialized hardware that allows it to be integrated into the existing legacy infrastructure of KRITIS to dynamically assess the risk and take action. Another addressed topic is the enrichment and correlation of existing alerts from Intrusion Detection Systems (IDS) to aid the detection of multi-stage attacks. The project members also addressed potential attack vectors of the SOVEREIGN architecture by enrolling attestation to all software components, thus detecting tampering attempts. The project outcomes enable KRITIS organizations to better protect their IT and Operational Technology (OT) from attacks.