QBayLogic will join forces with international research teams and industry partners in EvIT, a groundbreaking research project that aims to revolutionize IT security. The German “Agentur für Innovation in der Cybersicherheit GmbH” (Cyberagentur) has committed €42 million to this initiative, which brings together five specialized teams to tackle one of computing’s greatest challenges: creating systems that are mathematically proven to be secure from the ground up.
-
-
-
-
Delen
Beyond Traditional Security: A Paradigm Shift
Current IT security follows a predictable but problematic pattern. Hackers discover vulnerabilities, developers create patches, and the cycle continues with new vulnerabilities emerging. EvIT aims to break this cycle by fundamentally changing how they approach security.
“Instead of playing this endless game of cat and mouse with hackers, we’re developing technologies that allow us to mathematically prove the security of systems before they go live,” explains Felix Klein, Scientific Relations Lead at QBayLogic. “This represents a complete paradigm shift in how we think about system security.”
QBayLogic’s Unique Hardware Expertise
As hardware design specialists, QBayLogic brings distinctive expertise to the project. Their open-source Clash technology plays a central role in this initiative. Clash allows developers to create hardware designs using functional programming techniques, providing a robust foundation for verifiable security since it is already based on Haskell, a functional programming language.
They’re focusing their efforts on three key areas:
- Enhancing the Clash compiler to support comprehensive formal verification of hardware designs
- Creating new tools that bridge the traditional gap between hardware and software verification
- Developing practical, industry-ready solutions that make formal verification techniques accessible to everyday developers
From Theory to Practice: The Smartcard Demonstrator System
To prove the real-world viability of these technologies, They will develop a fully verified smartcard system. “We chose a smartcard system very deliberately,” Klein explains. “It’s a relatively simple system that everyone understands – think of your bank card or ID card – but one where security is absolutely critical. If we can prove that we can make such a system completely secure, we’ve made a significant breakthrough.”
The team will verify every component of the smartcard system, from the low-level hardware to the high-level software interfaces. This comprehensive approach will demonstrate how different verification techniques can work together to create a completely secure system.
Making Security Accessible
A key challenge in formal verification has always been its complexity. Most verification tools remain firmly in the academic realm, making them difficult for industry developers to use effectively. Through our involvement with EvIT, they aim to change this.
“There’s already a wealth of knowledge about formal verification,” Klein notes, “but most of it isn’t easily applicable in day-to-day development. We’re working to change that by creating tools that developers can actually use in their daily work.”
Open Source: Security for Everyone
All technologies QBayLogic develops during the project will be freely available, allowing the entire IT industry to benefit from these advances in security. This includes:
- New verification tools and methodologies
- The complete smartcard system implementation
- Documentation and best practices
- Integration guides for existing development workflows
Looking Forward
The four-year project represents a significant step toward creating inherently secure IT systems. QBayLogic will contribute its hardware design and verification expertise to this crucial initiative, helping to shape the future of system security.
“We’re not just creating better security tools,” Klein emphasizes. “We’re working to fundamentally change how the industry approaches security, moving from reactive patching to proactive verification.”
Photo: Cuberagentur
