Print-Logo Deutscher Zukunftspreis

Nominee 2012

Integrity Guard

Integrity Guard – Security for a Networked World

Dr.-Ing. Stefan Rüping (Spokesperson)
Dipl.-Ing. (FH) Marcus Janke
Dipl.-Ing. Andreas Wenzel
Infineon Technologies AG, Neubiberg

(f.l.t.r.) Dipl.-Ing. (FH) Marcus Janke, Dipl.-Ing. Andreas Wenzel, Dr.-Ing. Stefan Rüping

More and more data worldwide is being recorded, processed, stored and exchanged in digital format. Yet in our networked world it is all the more vital that electronic communication takes place not just rapidly, but that maximum data security is guaranteed. But how can sensitive and personal data be protected optimally from attacks?

Engineers Dr. Stefan Rüping, Marcus Janke and Andreas Wenzel found a solution to this challenge that is unique worldwide – by integrating an innovative safety device directly in the heart of the microchip.
Stefan Rüping is responsible for secure chip architectures in the Chip Card & Security division of Infineon Technologies AG. Andreas Wenzel works as a development manager in this segment of the Munich company, and Marcus Janke is responsible for product security.

Electronic payment transactions, phone calls with mobile devices, emails and surfing on the Internet – chips based on the “Integrity Guard” security concept from Infineon help secure these kinds of applications. These security chips are to be found in credit cards, smart phones, laptops, in the new electronic health insurance cards as well as in electronic identity cards and passports. Chip cards and personal identity documents contain personal data that should not fall into the wrong hands. Consequently, technologies that protect data from misuse or manipulation – such as during payment transactions or identification over the Internet – top the wish list for digital communication.

Developers are creating ever more sophisticated technologies and procedures, while attackers are constantly coming up with new tricks to get hold of sensitive data. In the past, they were hindered by two substantial restrictions: on the one hand, data at the heart of the security chip, the processor core, had to be unencrypted.

On the other hand, the processor that processes the data only had one single arithmetic unit – which made controlling security difficult. Stefan Rüping, Marcus Janke and Andreas Wenzel succeeded in removing both obstacles: The “Integrity Guard” security concept developed by the nominees uses two arithmetic units that cross-check each other and make it possible for the first time to work with encrypted data in the processor core.

Protecting chip cards and electronic identity documents from security threats is time-consuming and costly. Every year hundreds of new attack scenarios become known which these applications must guard against. “Integrity Guard” reduces the effort required to protect against attack and increases the level of security at the same time. A first product family to use the new technology is the electronic German identity card, for example. Moreover, other areas of application such as the securing of payment transactions with cell phones or networked critical infrastructures such as intelligent electricity meters are opening up. Infineon has already sold 80 million security chips using Integrity Guard technology worldwide – proof of the ready acceptance of this new security concept.

Integrity Guard as a security concept “Made in Germany” from Germany boosts confidence in the networked world and in doing so inspires further developments in information technology – an inestimable value for the economy and society.

The right to nominate outstanding achievements for the Deutscher Zukunftspreis is incumbent upon leading German institutions in science and industry as well as foundations.

The project “Integrity Guard – Security for a Networked World” was nominated by acatech – the Council for Technical Sciences of the Union of German Academies of Sciences and Humanities.

more details

Resumes

Dr.-Ing. Stefan Rüping

Dr.-Ing. Stefan Rüping

11.11.1962
Geboren in Dortmund
1982 - 1990
Studium der Elektrotechnik an der Universität Dortmund
1990 - 1991
Applikations-Ingenieur für Design Tools DOSIS GmbH, Dortmund und USA
1991 - 1995
Wissenschaftlicher Mitarbeiter an der Universität Dortmund, Lehrstuhl für Bauelemente der Elektrotechnik, Prof. Dr.-Ing. K. Goser
Abschluss: Promotion zum Dr.-Ing. mit dem Thema “VLSI-gerechte Umsetzung und eingebettete Anwendung neuronaler Netze”
1995 - 2000
Oberingenieur am Heinz Nixdorf Institut der Universität Paderborn, Fachgebiet Schaltungstechnik, Prof. Dr.-Ing. U. Rückert,
Leitung einer Forschungsgruppe, die sich mit dem Thema “Dezentrale, intelligente Systeme der Automatisierungstechnik” befasst
2000 - 2002
Innovationsthemen, Konzepte und Spezifikationen für 32-Bit-Chip-Card-Controller, Infineon Technologies AG
2002 - 2004
Verantwortlich für das “Concept Engineering” der 8-Bit-Chip-Card-Controller, Infineon Technologies AG
2005
Projektleiter für Konzept und Spezifikation der neuen 16-Bit-Produktarchitektur und Sicherheitstechnologie „Integrity Guard“, Infineon Technologies AG
2006 - 2008
Leitung der “Concept Engineering“-Gruppe für alle 8-Bit- und 16-Bit-Sicherheitscontroller mit „Integrity Guard“, Infineon Technologies AG
2007
Ernennung zum Principal Security Chip Architectures
2008
Projektleiter für Konzept und Spezifikation der neuen 32-Bit-Chip-Card-Plattform und Gruppenleiter Concept Engineering, Infineon Technologies AG
Seit 2010
Leitung des Technischen Marketings im Bereich Secure Mobile & Transactions, Infineon Technologies AG

Ehrungen:

 
gemeinsam mit Marcus Janke und Andreas Wenzel
2006
Sesames Award in der Kategorie "Beste Hardware-Innovation"
2008
Beste Hardware-Innovation, Auszeichnung der Chipkartenindustrie für "Die Entwicklung des Integrity Guard"
2010
Innovationspreis der Deutschen Wirtschaft 2010, gemeinsam mit Dr. Stefan Rüping und Andreas Wenzel

Dipl.-Ing. (FH) Marcus Janke

Dipl.-Ing. (FH) Marcus Janke

19.05.1969
Geboren in Neuwied
1994 – 1997
Studium Elektrotechnik – Datentechnik, Diplom Fachhochschule Hamburg
1997 – 1999
Leitung des Bereichs Prozessor-Chipkarten-Applikationen bei der NEWTEC-Ebert GmbH, Hamburg
1999
Spezialist für Sicherheitskonzepte und –analysen, Chip Card & Security, Infineon Technologies AG
2001
Director Development, Internationale Projektleitung, EU-Förderprojekt: Biometrische Finger-Card, Infineon Technologies AG
2003
Senior Staff Engineer Product Security, Security Concepts, Infineon Technologies AG
2005
Projektmitglied in der Konzeptionierung des „Integrity Guard“, Einbringung neuester Erkenntnisse aus der Angriffsentwicklung in das Sicherheitskonzept
2007
Ernennung zum Principal Product Security & Security Concepts, Infineon Technologies AG
Seit 2008
Leitung „Product and System Security“, Validierung von Sicherheitskonzepten, sicherheitstechnische Evaluierung und Zertifizierung, Infineon Technologies AG
2010
Erfolgreiche Sicherheitszertifizierung des ersten Produktes auf Basis der Sicherheitstechnologie „Integrity Guard“

Ehrungen:

 
gemeinsam mit Dr. Stefan Rüping und Andreas Wenzel
2006
Sesames Award in der Kategorie "Beste Hardware-Innovation"
2008
Beste Hardware-Innovation, Auszeichnung der Chipkartenindustrie für "Die Entwicklung des Integrity Guard"
2010
Innovationspreis der Deutschen Wirtschaft 2010, gemeinsam mit Dr. Stefan Rüping und Andreas Wenzel

Dipl.-Ing. Andreas Wenzel

Dipl.-Ing. Andreas Wenzel

29.01.1968
Geboren in Darmstadt
1989-1995
Studium der Elektrotechnik, Diplom an der Universität des Saarlandes
1995-1997
Ingenieur in der Konzeptentwicklung für Mikrocontroller, Siemens AG München
1997-1998
Ingenieur in der Konzeptentwicklung für Harddisk-Drive-Mikrocontroller, Siemens Microelectronics USA
1998-2000
Architekt für die C166/ST10-Mikroprozessorentwicklung in Kooperation mit ST Microelectronics (Grenoble, Frankreich), Siemens AG/Infineon Technologies AG München
2000-2005
Projekt- und Teamleiter für die erste 32-Bit-Mikroprozessorentwicklung für Sicherheitsanwendungen, Infineon Technologies AG
Seit 2006
Leiter Prozessorentwicklung, Infineon Technologies AG
Design und Implementierung der “Integrity Guard“-Sicherheitstechnologie,
Umsetzung der „Integrity Guard“-Sicherheitstechnologie in einem neu entwickelten Mikrocontrollersystem,
Design und Implementierung von Crypto-Prozessoren
Seit 2010
Ernennung zum Senior Principal, Infineon Technologies AG

Ehrungen:

 
gemeinsam mit Dr. Stefan Rüping und Marcus Janke
2006
Sesames Award in der Kategorie "Beste Hardware-Innovation"
2008
Beste Hardware-Innovation, Auszeichnung der Chipkartenindustrie für "Die Entwicklung des Integrity Guard"
2010
Innovationspreis der Deutschen Wirtschaft 2010, gemeinsam mit Dr. Stefan Rüping und Andreas Wenzel

Contact

Spokesperson

Dr.-Ing. Stefan Rüping
Principal Security Chip Architecture
Chip Card & Security Division
Infineon Technologies AG
Am Campeon 1-12
85579 Neubiberg
Tel.: +49 (0) 89 / 23 42 59 22
E-Mail: stefan.rueping@infineon.com

Press

Kay Laudien
Senior Director Media Relations
Infineon Technologies AG
Am Campeon 1-12
85579 Neubiberg
Tel.: +49 (0) 89 / 23 42 84 81
Mobil: +49 (0) 160 / 90 55 03 95
E-Mail: kay.laudien@infineon.com

A description provided by the institutes and companies regarding their nominated projects

Integrity Guard: Unique security technology for the connected world Security technology from Infineon featuring a digital security concept for chip cards and IT applications

The development of the modern ICT (Information and Communication Technology) society is based to a high degree on the availability of electronic data and a network of interconnected devices. Huge amounts of data are collected, processed, stored and distributed daily. This data is often sensitive and must not be allowed to be manipulated or stolen. And of course, all users want the secure exchange of their personal data to take place rapidly. Furthermore, many applications and business models are based on trust in their security, e.g. mobile payments using credit cards or smart phones, IT services like cloud computing, electronic identity documents issued by government agencies or critical infrastructure facilities like smart grids). Chips based on Infineon's Integrity Guard security technology help secure such applications.

The Integrity Guard represents the newest generation of security technology and is unique in the world. It was developed especially for products which often require the highest data security for many years as well as special robustness and protection against manipulation. Important fields of application for Integrity Guard include official identity cards as well as bank and credit cards, in which Integrity Guard sets the technological standard for chip-based security. In addition, Integrity Guard can also help protect IT security applications such as smart phone payments or so-called embedded systems in industrial applications. In these applications, Integrity Guard plays a decisive role in securing the entire system.

A security chip has to store security-critical data – for example keys – and be able to protect the system in a wide range of totally different application fields. Attackers use probes to find out what is going on inside the chip or interfere with specific computing functions and illegally access the information stored on these chips. Over the years, chip manufacturers have constantly integrated more security functions in order to impede attacks. For a long time, this entailed reacting to specific attacks with individual protective measures, such as special sensors. This method no longer meets today’s requirements. For this reason, Infineon’s development team headed by the engineers Dr. Stefan Rüping, Marcus Jahnke and Andreas Wenzel has taken a different path and has chosen a completely new approach. This is based on digital security: they took the double helix (DNA) of a human cell as inspiration for the concept of Integrity Guard, whose development began in 2005. The idea behind it was that every biological cell is comparable to a "secure computer" that must securely store and process genetic information. With Integrity Guard, sensitive data is now encrypted along the entire data path during processing, including – for the first time in the history of security chips – in the chip's "heart", its processor core. If an attacker actually succeeds in accessing the data that are processed in the processor core, only encrypted information can be obtained which is of no use for the attacker. The security chip has two central processing units (Dual CPU-core). Utilizing sophisticated error detection methods, each unit continually checks that the other is correctly functioning. Should a unit detect that an operation has not been properly executed, it initiates the corresponding countermeasures. The chip is put in a state of alarm, which immediately stops the ongoing processes. This makes it possible to block the most varied kinds of attack.

Integrity Guard security technology has been evaluated by the accredited and internationally recognized TÜViT testing and certification authority. The outstanding results show Integrity Guard's clear lead over other security chips. The TÜViT confirmed: "With its Integrity Guard concept, now implemented in the 'SLE 78' security chip for the first time, Infineon is founding a new generation of security controllers. Infineon thus demonstrates a pioneering approach, especially for high-security applications with a long lifetime. "The Federal Office for Information Security (BSI) confirmed the high security of Infineon's Integrity Guard-based security chips according to "Common Criteria", an internationally recognized standard for the rigorous assessment and certification of security chips. Furthermore, the security controller meets the security requirements for payment cards from EMVCo (Europay, Mastercard, Visa).

Infineon has patented various basic Integrity Guard functions. These include a special method of error detection for the storage systems on the chip and a mechanism for internally encrypting data on the chip, which even enables data to be processed without decrypting it. All in all, over ten international patents protect individual Integrity Guard components. Infineon now intends to transfer this principle to additional new processor architectures and systems and acquire further patents.

Integrity Guard security technology is unique throughout the world – and an innovation "Made in Germany". It promotes Germany's global renown as a key location for high-level technology and innovation – which also includes the field of cutting edge security technology, now one of Infineon's key competencies across all business areas.

Infineon Technologies offers semiconductor-based security products for many chip card and security applications. For over 25 years the company has developed innovative solutions for chip-based security and has been the world leader for 14 years with a market share of 27% percent (according to the IMS market research institute, 2010). Infineon uses its expertise to increase security in an increasingly mobile and networked world, e.g. for mobile payments, system security and secure official electronic documents. The innovative Integrity Guard security technology will help Infineon secure and expand its position as a worldwide market leader in the chip card and security applications business over the long term. In fiscal year 2011, Infineon earned revenues of Euro 428 million in its Division Chip Card & Security.

About Infineon
Infineon Technologies AG, Neubiberg, Germany, offers semiconductor and system solutions addressing three central challenges to modern society: energy efficiency, mobility, and security. In the 2011 fiscal year (ending September 30), the company reported sales of Euro 4 billion with close to 26,000 employees worldwide. Infineon is listed on the Frankfurt Stock Exchange (ticker symbol: IFX) and in the USA on the over-the-counter market OTCQX International Premier (ticker symbol: IFNNY).

Further information is available at www.infineon.com

The right to nominate outstanding achievements for the Deutscher Zukunftspreis is incumbent upon leading German institutions in science and industry as well as foundations.

The project “Integrity Guard – Security for a Networked World” was nominated by acatech – the Council for Technical Sciences of the Union of German Academies of Sciences and Humanities

Nominee 2012 · TEAM 4