In February 2019, the EU launched a cyber security initiative to advance Europe in this critical area. ThreatGet is an Austrian product that was developed at the AIT Austrian Institute of Technology. It supports developers in identifying threats at an early stage and quickly assessing the associated risks.
In order to introduce ThreatGet to the market more quickly, AIT commissioned the Lieber.Group to create a holistic consulting approach. This new method has now been awarded 1st place at the Constantinus Award 2021 in the Digitalisation / Internet of Things (IoT) category. With its help, the target group of IT security consultants with end customers in the environment of security-critical infrastructure is to be addressed and supported in a more targeted manner. Helmut Leopold, Head of Center for Digital Safety & Security at AIT: "We congratulate the Lieber.Group on their great success at the Constantinus Award. The Lieber.Group developed a holistic consulting concept for the effective implementation of new digital security technologies in markets with high security requirements based on the Security by Design tool ThreatGet, which was developed at AIT and is a modern cyber security management system that addresses the automotive industry, among others. The cooperation with the Lieber.Group as a specialist for model-based system development and internationally networked software consulting house is an important prerequisite for a demand-oriented and responsible introduction of new security technologies."
Methodical cyber security consulting
The market for cyber security solutions is growing strongly worldwide, as on the one hand legal regulations are finally becoming binding and on the other hand the attraction for criminal attacks is growing. In contrast to other countries, Europe is clearly positioning itself as a security-conscious market.
With the new approach, security experts now receive a methodical approach for their consulting services that is unique in its holistic approach. Fritz Mehl, project manager at Lieber.Group and responsible for partner management: "We are very pleased that our holistic concept was chosen as the winner at the renowned Constantinus Award. We see this as confirmation that Cyber Security by Design with ThreatGet offers a clear competitive advantage in the field of security consulting. Through the automated analysis during the entire development process, it is possible to accompany companies holistically in the analysis of insecure system architectures. At the same time, this also increases the quality of consulting."
With ThreatGet, a consultant no longer addresses the security department exclusively, but introduces the process model as early as the system development stage. In this way, new target groups - people from the enterprise or system architecture and those responsible for quality - are reached at the customer. At the same time, the consultants get to know a methodology that will become established in many industrial sectors in the coming years: Model-based system development.
Models as a basis for product and partner concept
To complement AIT's ThreatGet technology, a completely new consulting approach was designed. The technology as well as the consulting method were developed for the underlying processes with the widely used modelling platform Enterprise Architect (Sparx Systems). In this way, the innumerable advantages of model-based development, which is becoming more and more prevalent in safety-critical industries today (cars, aircraft, train traffic, etc.), can be utilised.
The special approach of ThreatGet is that security analyses are not only carried out at the end of the development process, but accompany the entire process from the idea to implementation. Leopold: "For (cyber) security to gain the importance it needs to be effective, it must become an integrative part of the functionality. Security by design means that corresponding analyses accompany the entire development process. This is a completely new approach, but an absolutely necessary prerequisite for the development of security-critical systems in our comprehensive networked world.
About AIT
The AIT Austrian Institute of Technology is Austria's largest non-university research institution. With its eight centres, the AIT sees itself as a highly specialised research and development partner for industry. In the Center for Digital Safety & Security, state-of-the-art information and communication technologies (ICT) and systems are developed to make critical infrastructures secure and reliable in the context of comprehensive and global networking and digitalisation. In the Dependable Systems Engineering (DSE) research area, experts have been investigating the interactions between safety, security and reliability for many years and developing new methods and tools to ensure the holistic safety of systems. The experts play a leading role in the industry standards of tomorrow, e.g. ISO TC 22 (automotive sector), ISO TC 299 (robotics), IEC TC 56 (dependability), IEC TC 62 (medicine), IEC TC 65 (control technology for industrial processes) and AIOTI WG03 (M2M). These many years of experience and expertise are also made available to customers in the form of training and consulting.
https://www.threatget.com/