Safety & security by design

Developing software and technical systems securely from the outset

Safety and security by design refers to the consideration of all security aspects along the product life cycle of technical systems - from the beginning of the development process, not just in testing or during operation. Nowadays, operational safety and attack and information security are inextricably linked. Protecting people and the environment from system errors and failures goes hand in hand with protection against industrial espionage and tampering, because in the technical systems of today, there is no safety without security.

Safety and security by design are also becoming increasingly important in the planning of industrial plants and automated production processes. This is because the potential for attack increases as the software share increases and networking becomes more extensive. No matter if you are a manufacturer of technical systems or a software producer and operator, identifying suitable safety measures early on in the development process will help to avoid additional costs. The later safety or security vulnerabilities are discovered, the more time-consuming and expensive it is to fix them.



A woman and a man explain a graphic representation displayed on a screen to two other people.
© Fraunhofer IEM/ Wolfram Schroll
With safety & security by design, the safety aspects of technical systems are already considered in the development process.

What we are researching and working on

We research and develop processes, methods and tools to successfully implement safety and security by design in products and solutions. In the course of threat and risk analyses, we systematically identify potential vulnerabilities, assess risks and deduce appropriate protection targets. To achieve these targets, protective measures are already included in the system design and automatic code analysis tools are used during programming, which we also develop.

We support companies in setting up software development processes in accordance with applicable norms and security standards, and we teach methods and provide technologies for secure implementation. The aim is to jointly develop technical systems that can protect themselves, are resistant to attacks and at the same time are easy to control. We always develop security concepts in close coordination with the accountable IT departments as well as other specialist departments. In this way, we can exploit synergies in the development process and uncover conflicts and dependencies between safety and security measures.