Innovation workshop: Security requirements for embedded systems - especially in the IoT
On November 21, 2018, CERT@VDE and the Open Source Automation Development Lab (OSADL) eG will be hosting an innovation workshop on the topic of "Security requirements for embedded systems - especially in the IoT" in Frankfurt/Main, to which we would like to cordially invite you today.
The increasing complexity of today's embedded systems makes it more and more difficult to write software that can be used unchanged throughout its entire service life. For this reason, it is necessary to develop and implement suitable update mechanisms and processes so that embedded systems are protected against attacks from initially unknown security vulnerabilities.
Although many developers of embedded systems have many years of experience in working with microcontrollers, they sometimes lack the special knowledge to master the aforementioned system security challenges. For this reason, we have organized the innovation workshop "Security requirements for embedded systems - especially in the IoT". The current state of the art will be presented in lectures by proven specialists, some with live presentations.Translated with DeepL.com (free version)
Lecture language:
The lecture language of the workshop is predominantly German.
Informationen zur Veranstaltung:
Alle Informationen rund um den Innovationsworkshop (Veranstaltungsort, Hotelempfehlungen, Anreise, etc.) finden Sie unter folgendem Link.
Anmeldung:
Bitte nutzen Sie für Ihre Anmeldung zum Security-Workshop das auf der folgenden Homepage hinterlegte Anmeldeformular.
Für Mitarbeiter von OSADL- und CERT@VDE-Kooperationspartner ist die Teilnahme am Workshop kostenfrei. Für alle anderen beläuft sich die Teilnahmegebühr auf 500 EUR.
Wir würden uns sehr freuen, Sie bei unserem Innovationsworkshopin Frankfurt willkommen zu heißen!
On November 21, 2018, CERT@VDE and the Open Source Automation Development Lab (OSADL) eG will be hosting an innovation workshop on the topic of "Security requirements for embedded systems - especiall…
CERT@VDE at the "IMI 2018" - IT meets Industry
At this year's "IT meets industry" (IMI) Congress will focus on cyber security in industry and critical infrastructures. In addition to IEC 62443 and Security for Safety, you can also exchange ideas and information with representatives of CERT@VDE. For appointments, please send an e-mail to: info@cert.vde.com
At this year's "IT meets industry" (IMI) Congress will focus on cyber security in industry and critical infrastructures. In addition to IEC 62443 and Security for Safety, you can also exchange ideas …
On 16.10.2018 the CERT@VDE is organizing an operator workshop. Further information can be found in our invitation.
This year, functional safety in the context of Industry 4.0 will be discussed at the SIL consultation. Have your questions about SIL answered on 18.09.2018 + 19.09.2018!
Dr. Dennis-Kenji Kipker has published a new article on Chinese Cybersecurity Law in the journal Datenschutz und Datensicherheit.
The new "Cyber Security Law" was passed in the People's Republic of China back in November 2016. As a result, it was predicted that VPN connections between Germany and China would be "shut down" across the board and that this would lead to a loss of international competitiveness. However, this article shows that it is by no means the intention of the "Cyber Security Act" to hinder technical development, meaning that the numerous fears expressed are likely to prove unfounded, at least for the time being.
Dr. Dennis-Kenji Kipker has published a new article on Chinese Cybersecurity Law in the journal Datenschutz und Datensicherheit.
The new "Cyber Security Law" was passed in the People's Republic of Chi…
2. VDE-Praxisforum: Chinesische Cybersicherheitsverordnung
Dear participants in the Chinese Cybersecurity Group in the VDE,
I would like to invite you to the second meeting of our interest group. After we were able to identify various issues relating to the shutdown of VPN tunnels and the certification of foreign products that are to be sold on the Chinese market at our first meeting on May 23, 2018, our second meeting will focus primarily on future legal requirements and their technical implementation through Chinese and international standards. The VDE has not only received various product catalogs, but also drafts of several technical standards that specify the requirements for the Chinese market. We are also planning to conduct a survey on whether and how companies have recently been required by Chinese authorities to use state-licensed VPN connections. As last time, all questions will be discussed openly and jointly by the participants - and of course there will also be plenty of opportunity to share experiences.
Participation fee: As considerable costs have been incurred in the past and will continue to be incurred in the future as a result of necessary research work, we charge a small contribution towards expenses to finance the further work of the Chinese Cybersecurity Group, which is calculated as follows for each session:
CERT@VDE supporters: free of charge
VDE-Members: 120€
Other: 200€
Further information can be found under Dates. I look forward to welcoming you again at the VDE House in Frankfurt.
Dr. Dennis-Kenji Kipker
Dear participants in the Chinese Cybersecurity Group in the VDE,
I would like to invite you to the second meeting of our interest group. After we were able to identify various issues relating to the s…
Advisories are security warnings that draw attention to vulnerabilities and potential attacks in hardware and/or software.These warnings are intended to make users aware of the vulnerability and enable them to take the resulting (counter)measures.
However, there are a number of questions for the authors and recipients of an advisory that cannot be answered without consulting experts.
In the workshop on June 27, 2018, we would like to address a number of key questions to make it easier for participants to deal professionally with advisories.
Advisories are security warnings that draw attention to vulnerabilities and potential attacks in hardware and/or software.These warnings are intended to make users aware of the vulnerability and enab…
Development and exchange of best practices on the new Chinese IT legislation
What is it about?
Numerous German companies maintain extensive trade and technology relationships with China.Since 2016, cyber security legislation in China has been tightened considerably, for example with the shutdown of VPN tunnels, national security checks on ICT products exported to China, the obligation to store data domestically and drastic measures for data encryption. A large number of companies in this country are affected by the new regulatory measures, which raises the question of how to deal with the new political, legal and technical framework conditions when data is processed in China and transferred there.
What are the problems?
So far, there has been no approach to bring together German and European companies affected by the new Chinese cybersecurity law to exchange best practices in dealing with the new regulations and jointly develop solution models. In addition, many of the Chinese laws are open to interpretation, which results in legal uncertainty. However, as the regulations from China are already having an impact, there is an acute need for affected companies to take action and therefore also for information.
Dr. Dennis-Kenji Kipker will offer a practical forum on the Chinese Cyber Security Law on May 23, 2018.
Development and exchange of best practices on the new Chinese IT legislation
What is it about?
Numerous German companies maintain extensive trade and technology relationships with China.Since 2016, cyb…