Industrial IoT and Cyber-Physical Systems Security

Security, Privacy and Trust for Industrial IoT and Industrial Digital Service Architectures

The emerging Internet of Things (IoT) is expected to encompass every aspect of our lives, generating a paradigm shift towards a hyper-connected society. IoT devices range from sensors and security cameras to vehicles and production machines, and are used in the industry, energy, mobility, smart home, and smart city application domains. The IoT raises major security and privacy concerns. Security weaknesses in these systems not only lead to severe privacy breaches, but also have safety-relevant implications if safety-critical components are attacked. As more and more devices get connected, the number of attack vectors and possibilities for adversaries will grow rapidly. Maintaining privacy requires solid security that is built hardware-up.

In the industrial space, with Industrie 4.0, companies have recognized that cyber- and information security is of central importance. Hyper connectivity of cyber-physical systems will lead to a shift in the structure of the current industrial economic system and society. Industrie 4.0 including (I)IoT is no short-term hype, but a vision which can be implemented in many small steps. Even if I4.0 looks revolutionary, in retrospect, the implementation of I4.0 is rather evolutionary. Confidence in data security, functional safety and trust are decisive for success in the implementation and the global competitiveness of smart services and technology.

At Fraunhofer Singapore, our research is focused on solving a broad set of key problems in the areas of industrial cyber security for emerging technologies and services. We research and develop mechanisms and technology for protecting interconnected industrial systems and cyber-physical systems where data is exchanged to facilitate new services and business processes in smart industrial ecosystems. Our research therefore provides a basis for creating and using secure and reliable services, while at the same time ensuring the digital sovereignty of data owners.

We provide research on Internet of Things (IoT) and the security of its connected underlying communication technology, eg. LoRaWAN and NB-IoT. We have extensive technical background in cyber-physical systems and embedded security and in particular with physical attacks and hardware security components such as TPMs and HSMs. Additionally, we have an understanding of the economics surrounding embedded and network security. We work on solutions that not only fulfill stringent security requirements but that also take into account the limited available resources in embedded systems as well as their economic realization.

Industrial IoT Security Architectures

As IoT continues to revolutionize the way devices and services connect and interact with one another, there are a number of security and privacy challanges. At Fraunhofer Singapore we confront these challanges and provide R&D that addresses the security and data protection aspects in industrial and IoT environments, e.g. in Industrie 4.0, Maritime 4.0, as well as Smart Transportation and Automotive. The pillars of IoT and IIoT device and infrastructure security include:

  • IoT and IIoT Security and Trust Architectures
  • Wireless (I)IoT communication security (e.g., mobile IoT, NB-IoT, LoRaWAN, BLE)
  • IoT Node Protection and Device Hardening
  • IoT Secure and Trusted Microservices for IoT and Compartmentarization
  • IoT Network Security, Authentication, Encryption and PKI
  • IoT Testbed for Security Evaluation

Fraunhofer is running an IoT Security Lab to analyse IoT and IIoT components and communication used in the field. The IoT Security Lab facilitates a testbed and evaluation environment for (I)IoT services and devices. We help to develop processes for securing communication links, software and hardware based security solutions for IIoT systems, services, and procedures for secure remote software updates and remote maintenance. Furthermore we provide penetration tests (white box, grey box, and black box) of both individual components and larger systems as well. The lab will be expanded continuously in order to accommodate current customer requirements concerning security tests.

Digital Sovereignty and Hardware Trust

Increasing dependence of industrial societies on the smooth operation of their information technology continues to fuel concerns about the actual and future reliability of its IT systems and networks. The recent wave of sophisticated attacks, exploits and flaws in the design of soft- and hardware (Stuxnet, WannaCry, Mirai, Meltdown etc.) underline that such concerns are justified. Additional types of attacks must be anticipated, such as weaknesses of hardware components, viruses in fabs, backdoors in hardware or stealthy attacks on hardware. Nation states are active, be it with manipulating hardware, putting secret sections onto chips or planning for logic bombs. Hence the whole supply chain needs to be addressed. Fraunhofer Singapore is working on questions on how to make information technology secure by bundling existing secure technologies  together in meaningful ways embedded in a framework of open development and verification tools the entire value chain, even up to semiconductor production and considering proven verification.

Open IoT Hardware Approach and Trusted ICs: IoT devices could become a large market for sovereign FOSH (free-and-open-source-hardware) devices and sovereign Deep Tech that is based on a radical open design and engineering approach. From this premisse, “Sovereignty in the Internet of Things“ - or for short SIoT - has the potential to strengthen the security, safety and trustrworthiness by opening and regaining control over the supply-chain of CPS. It has the potential to contribute positively to economic profit in industry as well as the social product of nation states or political unions and associations like the EU or ASEAN countries. SIoT might having profound impact on Deep Tech in segments including autonomous systems, smart cities, medical devices, clean tech, energy efficiency, smart mobility, smart production and many more developing or emerging application areas in the IoT. SIoT has enabling power and potential to catalyse change.

At Fraunhofer Singapore, we work on RISC-V-based open-source SIoT cryptographic building blocks in hard- and software to open up and secure the supply chain, from software to hardware. We work on how certain trust-sensitive components can be built openly.

Publications & Activities



Security, Safety, and Fair Market Access by Openess and Control of the Supply Chain



Security, Safety, and Fair Market Access by Openess and Control of the Supply Chain


Software Platform for TPM 2.0

More Security and Trust for CPS, Industrial IT, Automotive and IoT

How to Work with Us

Industrial Corporations and Commercial Clients

How Fraunhofer can support partner from industry and commercial business. 

Contract research and development

Consulting services and studies 

Test and Training

Academia and Research Institutions

How Fraunhofer you can collaborate with Fraunhofer as academia.

Research Collaboration with Fraunhfoer Singapore and Fraunhfoer SIT Germany

Joint Research Projects 

Researcher and Engineers

How can you join us and work with Fraunhofer as a research fellow, engineer or student.

Job Offers at Fraunhofer 

International exchange and Internships 

Student thesis in Singapore or Germany



Fraunhofer Workshop Series

Fraunhfoer Singapore offers outstanding workshops, seminars based on the research activities in collaboration with selected and prestigious partners from university and industry


Learn more about Fraunhofer Activities on Cyber Security in Singapore


Learn more about Fraunhofer Research Activities on Cyber Security in Germany