We are happy to be once again part of the
Security Forum Hagenberg
The Security Forum is the annual ICT security conference of the Hagenberger Kreis and traditionally takes place on two days in spring. Visitors are offered technical as well as management-oriented presentations on both days. For nearly 20 years now the event organized by the FH Oberösterreich is a guarantee for high quality talks and a professional atmosphere. The participants come from all over Austria, Germany and Switzerland.
Agenda
The agenda is online and can be found on the website of the Security Forum.
Talks from SBA Research
We are proud that our colleague Reinhard Kugler talks about Tracing the Invisible: how to create Observability on Edge Devices with eBPF on day 1.
Abstract
Cyber-physical systems, such as industrial electronics, cars and medical devices transition to cloud-native technologies and have already adopted the Internet Protocol many years ago. Those former isolated systems have been connected to the Internet which exposes them to a broader community of attackers. A common pain point is the observability of such devices, since the available processing and memory resources are limited, even on Linux-based devices.
Therefore, many instances of attacks remain unnoticed on this device class, while the IT operates detection capabilities such as a SOC. How can companies step up the protections without taking an extensive toll on resources? Soft- ware using IP-based protocols, such as HTTP, MQTT and TLS already have access to an arsenal of security observability tools. Not so for non-IP protocols and on-board communication with pro- tocols such as SPI, UART, CAN and I2C, which is customized in many cases. How can a baseline of defenses be extended to the Edge?
With the eBPF technology the Linux Kernel can be extended by custom programs on the fly. This allows to integrate observability code into an embedded device. eBPF extends the system with in- depth protocol inspection as well as behavior tracking of the operating system. But does the gained observability surcharge the embedded system? This talk showcases in a hands-on fashion how to utilize container technologies in concert with eBPF to create a deeply integrated observability system to spot attack techniques of capable threat actors.
And on day 2, our scientific director Edgar Weippl will present on Companies and research institutions facing major challenges in the field of IT security.
Abstract
The presentation highlights why and how companies can benefit from collaborating with research institutions. It first examines what motivates companies to invest in IT security research. In addition to risk mitigation through innovative solutions, competitive advantages and access to highly qualified talent are key factors.
Another focus is on publicly funded research projects in Austria. The mechanisms of funding through the Austrian Research Promotion Agency (FFG), the Christian Doppler Research Association (CDG), and EU programs like Horizon Europe are explained. These programs provide companies with a structured framework for cooperating with research institutions. The presentation also offers practical advice on how companies and research institutions can collaborate most effectively to achieve sustainable results.
Furthermore, it discusses why it is important for university of applied sciences (FH) graduates — even those not directly involved in research — to understand the research landscape. This knowledge broadens career prospects and helps strategically leverage research projects.
Finally, the presentation explains the benefits for companies of supporting their employees’ doctoral studies and why pursuing a doctorate can be worthwhile. In addition to promoting innovation, it also strengthens employee retention.
Registration
You can get tickets for the event via the Security Forum Website.