Infineon/Fraunhofer develop security for PLC-based industrial automation systems

April 13, 2015 // By Graham Prophet
Infineon Technologies and the Fraunhofer Institute for Applied and Integrated Security (AISEC) have developed a solution that protects PLC (programmable logic controller)-based industrial automation systems from unauthorised access and manipulation.

Increasing networking of production demands significantly higher security standards in industrial automation than has previously been the case. Threats based on malware, incorrect firmware updates, and counterfeit components can bring entire production lines to a standstill and cause significant costs.

“Our security solution improves the availability and efficiency of production systems,” says Juergen Spaenkuch, Head of Platform Security at Infineon Technologies. “It can be easily integrated into industrial automation systems to increase the protection against IT attacks and manipulation.”

The security solution consists of Infineon’s OPTIGA Trust product family security chips as a hardware-based trust anchor, together with complementary software. Security chips and software are both are available and can be optimised to customer- and application-specific needs.

Access to the system is granted only to components or machines that can identify themselves reliably and that therefore are considered trustworthy. Counterfeit replacement parts or unauthorised repair tools can be detected and rejected. The solution also secures programming or programming processes from manipulation due to malware or an incorrect software update – an aspect that will gain in importance as the remote service and remote repair of industrial facilities grows more common. The combination of security chips that are comparable to a data safe and encryption prevents the PLC code from extraction and therefore protects valuable intellectual property and process know-how from theft.


Fraunhofer AISEC; Fraunhofer AISEC is focused on development of application-oriented security solutions and their precise and tailored integration into existing systems. Core competences of over 90 scientific and technical members of staff lie in the areas of hardware security and the security of embedded systems, product and intellectual property protection, network security, and security in cloud- and service-oriented computing;