Type of work

Masterthesis (Bachelorthesis with reduced complexity)

Technical background

Fieldbuses are used in industrial and building automation systems to connect sensors, actuators and controller modules. They are ignored with regard to IT security and represent a major door for attackers.

We are researching new approaches to securing the fieldbus level in automation systems. An Intrusion Detection System (IDS) is to be developed for the fieldbus level. In this thesis we want to investigate how agents of intrusion detection systems can be equipped with special listening tasks.

A possibility must be created to monitor the network traffic in different segments. This task is performed by the agents in the IDS. Due to the low data rate, it should be ensured that the agents are assigned a special interception task and thus monitor the network traffic in a targeted manner. Only in the event of an alarm is a message transmitted in order not to block network capacities.

Task Description

The following questions are to be answered:

  • Is it possible to equip the agents of intrusion detection systems with a large part of the logic of the system without getting disadvantages compared to a conventional IDS?
  • How can an intercept order for an agent of an IDS be formally mapped?
  • How can interception jobs be optimally synchronized?
  • Does an additional coordination between the agents make sense?

Possible steps in the process

  • Consideration of the protocols to be investigated at the field level (specifically KNX).
  • Examination of the state of the art for intrusion detection systems.
  • Conception and formalization of interception orders for the monitoring of network traffic.
  • Consideration of the minimization of communication of the components of the IDS (optional).
  • Implementation
  • Testing
  • Evaluation

The exact determination of the topic is made in consultation with the supervisors, taking into account any topics already assigned to other students. It may be possible for several students to work on different sub-themes together.

Literature and Resources

  • Sokollik, Frank; Helm, Peter; Seela Ralph; "KNX für die Gebäudesystemtechnik in Wohn- und Zweckbau"; ISBN: 978-3-8007-4055-0; Berlin: VDE-Verlag; (2017).
  • Northcutt, Stephen; "Inside network perimeter security"; ISBN: 0-672-32737-6; Indianapolis: Sams Publishing; (2005)
  • Mundt, Thomas; Dähn, Andreas; Sass, Stephan; "An Intrusion Detection System with Home Installation Networks"; University of Bahrain: International Journal of Computing and Digital Systems; (2014)


No special; programming knowledge in a higher programming language and knowledge in simulation are advantageous. A basic understanding of the electrical properties of networks is helpful.