Information and data security

The topic area information security has a long tradition at Fraunhofer ISI. As early as the 1990s the former department Information and Communication Systems worked on issues of IT security.

Currently research in the area of information security deals primarily with the security of critical infrastructures such as networked IT worlds. Furthermore, the impact of new technologies (in particular surveillance and security technologies) on privacy and data protection are investigated and privacy impact assessments are made.

Fraunhofer ISI contributes its expertise to the Fraunhofer Big Data Alliance.

Projects and Publications

While new emerging communication and information technologies offer users increasingly varied possibilities for communication, they often neglect their privacy and data protection. The research area addresses this issue and investigates the impacts of new technologies on society and particularly on data protection and privacy. There is also the question how data protection can be taken into account more and integrated while the technology is being developed. Relevant research projects consider very different perspectives, although primarily political, economic and (data protection) legal aspects become important.


  • Bieker, F.; Friedewald, M.; Hansen, M. et al. (2016): A Process for Data Protection Impact Assessment under the European General Data Protection Regulation. In: Rannenberg, K.; Ikonomou, D. (Hrsg.): Privacy Technologies and Policy APF 2016. Heidelberg u.a.: Springer.
  • Wright, D.; Friedewald, M.; Gellert, R. (2015): Developing and Testing a Surveillance Assessment Methodology. In: International Data Privacy Law 5(1), S. 40-53.
  • Friedewald, M.; Pohoryles, R. J. (Hrsg.) (2014): Privacy and security in the digital age. London: Routledge.
  • Hallinan, D.; Schütz, P.; Friedewald, M.; de Hert, P. (2014): Neurodata and Neuroprivacy: Data Protection Outdated? In: Surveillance & Society 12(1), S. 55-72.
  • Wright, D.; Friedewald, M. (2013): Integrating privacy and ethical impact assessment. In: Science and Public Policy 40(6), S. 755-766.
  • Finn, R. L.; Wright, D.; Friedewald, M. (2013): Seven types of privacy. In: Gutwirth, Serge; Leenes, Ronald; de Hert, Paul and Poullet, Yves (Hrsg.): European Data Protection: Coming of Age? Dordrecht: Springer, S. 3-32.

Modern technologies are increasingly used to guarantee security in public spaces. Examples such as video surveillance, automatic license plate recognition, biometric access systems or the collection of personal user data on the internet show this very clearly. In this context the research projects at Fraunhofer ISI develop criteria for the use of surveillance practices and technologies that take technological, societal and political as well as legal, ethical and moral aspects into account. Another focus is the research into the impacts of surveillance on the privacy of individuals. The target groups are political decision makers, technology developers but also citizens.


  • Friedewald, M.; van Lieshout, M.; Rung, S. (2016): Modelling the relationship between privacy and security perceptions and the acceptance of surveillance practices. In: Aspinall, D.; Camenisch, J. et al. (Hrsg.): Privacy and Identity 2015, IFIP AICT, vol. 476. Heidelberg, Berlin: Springer (IFIP Advances in Information and Communication Technology, 476), S. 1-18.
  • Friedewald, M.; Burgess, J. P.; Cas, J. et al. (Hrsg.) (2016): Surveillance, Privacy and Security: Citizens’ Perspectives. London: Routledge (PRIO New Security Studies).
  • Goos, K.; Friedewald, M.; William, C.; Webster, R.; Leleux, C. (2015): The co-evolution of surveillance technology and surveillance practices. In: Wright, David and Kreissl, Reinhard (Hrsg.): Surveillance in Europe. Abingdon and New York: Routledge, S. 51-100.
  • Braun, S.; Friedewald, M.; Valkenburg, G. (2015): Civilizing drones: Military discourses going civil. In: Science & Technology Studies 28, Nr. 2, S. 73-87. 

A consequence of digitalization is the creation of ever increasing volumes of data. For enterprises, private users and public institutions they are becoming more and more difficult to handle. The research area looks more closely at the concrete challenges when dealing with big data and explores current and future areas of application and their economic as well as business potential with a focus on societal, economic, (data protection) legal and technical framework conditions of big data.


  • Bachlechner, D.; Leimbach, T. (2016): Big Data Challenges: Impact, Potential Responses and Research Needs. In: Proceedings of the 2016 IEEE International Conference on Emerging Technologies and Innovative Business Practices for the Transformation of Societies (EmergiTech 2016), 3.-6. August 2016, Balaclava, Mauritius. [noch nicht erschienen]
  • Leimbach, T.; Bachlechner, D. (2015): Assessing Big Data: Results and Experiences from Germany. In: Scherz, C.; Michalek, T. et al. (Hrsg.): The Next Horizon of Technology Assessment: Proceedings from the PACITA 2015 Conference in Berlin, Technology Centre ASCR, Prag.
  • Leimbach, T.; Bachlechner, D. (2014): Big Data in der Cloud, TA-Vorstudie/Hintergrundpapier Nr. 19. Berlin: Büro für Technikfolgen-Abschätzung beim Deutschen Bundestag (TAB).

Establishing new digital information technologies inevitably requires the expansion of infrastructures which ideally keep up with technological developments. However, this also gives rise to new vulnerabilities which can result in serious problems for information systems. The research projects at Fraunhofer ISI indicate possible weaknesses of new IT trends and related infrastructures and show possibilities for protection. Furthermore they address resilience concepts, i.e. the ability of IT systems to resist external disruptions as well as averting and overcoming them.


  • Cyber security for Smart Cities
  • European Security Trends and Threats In Society (ETTIS)
  • Security in public space (SIRA)
  • E-safety Vehicle Intrusion proTected Application (EVITA)



  • Dönitz, E.; Shala, E.; Leimbach, T. (im Druck). Future Threat Scenarios for Identifying Societal Security Needs – The Methodological Approach Based on European Project ETTIS. (under review).
  • Lévy-Bencheton, C.; Darra, E.; Bachlechner, D. et al. (2015): Cyber security for Smart Cities: An architecture model for public transport. Heraklion: European Union Agency for Network and Information Security (ENISA).
  • Beyerer, J.; Bierwisch, A.; Grandt, S.; et al. (2014). Sicherheit im öffentlichen Raum – SIRA Schlussbericht. Karlsruhe: Fraunhofer ISI/IOSB.

For many technologies such as Industry 4.0 or autonomous driving the Internet of Things is an important requirement – because it connects technologies, devices and other “things“ so they can communicate and interact. In many societal and economic areas this entails immediate progress, it can, however, increase the vulnerability of technical systems due to possible technical problems or security flaws. Regarding the development of the Internet of Things Fraunhofer ISI researches in particular the technical, legal and societal framework conditions.


  • Zukunftsreport Ubiquitäres Computing
  • Safeguards in a World of Ambient Intelligence (SWAMI)
  • IT-Sicherheit für die Industrie 4.0


  • Bachlechner, D.; Behling, T.; Bollhöfer, E. et al. (2016): IT-Sicherheit für die Industrie 4.0: Produktion, Produkte, Dienste von morgen im Zeichen globalisierter Wertschöpfungsketten. Studie im Auftrag des Bundesministeriums für Wirtschaft und Energie. Berlin: Bundesministerium für Wirtschaft und Energie.
  • Friedewald, M.; Raabe, O.; Georgieff, P.; Koch, D. J.; Neuhäusler, P. (2010): Ubiquitäres Computing: Das „Internet der Dinge“ − Grundlagen, Anwendungen, Folgen (=Studien des Büros für Technikfolgen-Abschätzung beim Deutschen Bundestag, Bd. 31). Berlin: Edition Sigma.
  • Wright, D.; Gutwirth, S.; Friedewald, M. et al. (2008): Safeguards in a World of Ambient Intelligence. Dordrecht: Springer (International Library of Ethics, Law, and Technology 1).