IT security in a comic
Researchers of the Max Planck Institute for Security and Privacy participate in innovative science communication
In an era of increasing digitalisation, IT security is becoming an increasingly important issue, not only for large organisations but also for individuals. However, the complex science behind it often makes this abstract topic inaccessible. The Casa Cluster of Excellence (Cybersecurity in the Age of Large-Scale Attackers) and researchers at the Max Planck Institute for Security and Privacy want to reach as many people as possible with their research and are using science comics to communicate the scientific basis in an understandable way.
With the participation of researchers from the Max Planck Institute for Security and Privacy, the Casa Cluster of Excellence communicates to a broad public what lies behind the concept of IT security. The third comic in its series, entitled "A Deep Dive Into Hub B and the Swirl of Embedded Security," describes in a clear and accessible way how the two beavers Paul and Carl work to stabilize their smart dam. But no matter how hard they try, they can't seem to solve the problem, and the cause of the trouble remains a mystery. Encouraged by their mother's tale of a mysterious settlement of security experts at the bottom of their river, Beaver Paul begins an adventurous dive.
Of Trojans in the Beaver’s Lodge
Research Hub B is by no means fantasy. As part of this research focus at Casa, scientists are investigating how security systems interact with their physical environment. The comic also takes a very concrete look at what lies behind the term "embedded security." Readers learn about the ways in which potentially malicious users can penetrate supposedly secure hardware systems - via hardware Trojans or side-channel attacks. The researchers the beavers meet in the course of the comic show them the defense mechanisms being researched and how attacks can be detected and prevented. In the comic, however, the authors not only present the various Casa research projects, but also add real-life stories and a Casa wiki that explains technical terms in more detail.
“With this exciting visual tale, we want to take both experts and laypeople into the fascinating world of embedded security, make complex concepts understandable, and arouse the curiosity of readers with different backgrounds,” explains Christof Paar, Director at the Max Planck Institute for Security and Privacy and Leader of Research Hub B at Casa. Steffen Becker, one of the contributors to the comic, also describes the process of creating the comic with the Ellery Studio agency from Berlin as rewarding: “As scientists, we are constantly looking for new ways to communicate our research beyond the academic world. Working with a skilled and experienced team of comic artists was an immensely rewarding experience.”
The original publications about the concepts and methods presented in this comic can be found here:
- On the Design and Misuse of Microcoded (Embedded) Processors — A Cautionary Note
- Red Team vs. Blue Team: A Real-World Hardware Trojan Detection Case Study Across Four Modern CMOS Technology Generations
- IRShield: A Countermeasure Against Adversarial Physical-Layer Wireless Sensing
- Anti-Tamper Radio: System-Level Tamper Detection for Computing Systems
- Automated Generation of Masked Hardware
- SILVER – Statistical Independence and Leakage Verification