Industrial software security vulnerabilities

Cybersecurity Analysis tool exposes security vulnerabilities in industrial software

2023-12-04 Source: University of Paderborn | Translated by AI 1 min Reading Time

Related Vendors

Taiwan Machine Tool & Accessory Builders' Association (TMBA)

SIMTOS (Seoul International Machine Tool Show)

Software has been indispensable in the industry for a long time. However, it can also be an entry point for cybercriminals. A new tool is expected to make it easy to find various security vulnerabilities soon.

Attacks by hackers can cause high damage. The increasingly connected industry is considered to be particularly vulnerable.(Image: MrPanya - stock.adobe.com) — Attacks by hackers can cause high damage. The increasingly connected industry is considered to be particularly vulnerable.
(Image: MrPanya - stock.adobe.com)

Researchers at the University of Paderborn/Germany have started developing an analysis tool for security vulnerabilities in industrial software. According to a statement, this is primarily intended to detect incorrect use of "Application Programming Interfaces" (API) – codes.

APIs contain commands for general functions or enable interaction with an external system. The use of APIs is helpful for adhering to standards or complicated programming tasks, it continues. However, incorrect use can also lead to security vulnerabilities and enormous costs.

To uncover such errors, researchers aim to further develop the program "CogniCrypt." So far, it only detects the incorrect use of cryptographic APIs. The static analysis tool is intended to be adapted within the scope of the new project so that programmers can use it for their individual application areas. The researchers' goal is a precise and easily adaptable analysis program for developers in the industry.

In designing the tool, the focus is not only on the easy adaptability of the analysis to the context of use but also on providing understandable feedback to developers, the researchers say. This is intended to help them identify where the programming error or the incorrect use of the API lies.

Subscribe to the newsletter now

Don't Miss out on Our Best Content

Business E-mail

Please enter a valid mailadress.

By clicking on „Subscribe to Newsletter“ I agree to the processing and use of my data according to the consent form (please expand for details) and accept the Terms of Use. For more information, please see our Privacy Policy. The consent declaration relates, among other things, to the sending of editorial newsletters by email and to data matching for marketing purposes with selected advertising partners (e.g., LinkedIn, Google, Meta)

Date: 08.12.2025

Naturally, we always handle your personal data responsibly. Any personal data we receive from you is processed in accordance with applicable data protection legislation. For detailed information please see our privacy policy.

Consent to the use of data for promotional purposes

I hereby consent to Vogel Communications Group GmbH & Co. KG, Max-Planck-Str. 7-9, 97082 Würzburg including any affiliated companies according to §§ 15 et seq. AktG (hereafter: Vogel Communications Group) using my e-mail address to send editorial newsletters. A list of all affiliated companies can be found here

Newsletter content may include all products and services of any companies mentioned above, including for example specialist journals and books, events and fairs as well as event-related products and services, print and digital media offers and services such as additional (editorial) newsletters, raffles, lead campaigns, market research both online and offline, specialist webportals and e-learning offers. In case my personal telephone number has also been collected, it may be used for offers of aforementioned products, for services of the companies mentioned above, and market research purposes.

Additionally, my consent also includes the processing of my email address and telephone number for data matching for marketing purposes with select advertising partners such as LinkedIn, Google, and Meta. For this, Vogel Communications Group may transmit said data in hashed form to the advertising partners who then use said data to determine whether I am also a member of the mentioned advertising partner portals. Vogel Communications Group uses this feature for the purposes of re-targeting (up-selling, cross-selling, and customer loyalty), generating so-called look-alike audiences for acquisition of new customers, and as basis for exclusion for on-going advertising campaigns. Further information can be found in section “data matching for marketing purposes”.

In case I access protected data on Internet portals of Vogel Communications Group including any affiliated companies according to §§ 15 et seq. AktG, I need to provide further data in order to register for the access to such content. In return for this free access to editorial content, my data may be used in accordance with this consent for the purposes stated here. This does not apply to data matching for marketing purposes.

Right of revocation

I understand that I can revoke my consent at will. My revocation does not change the lawfulness of data processing that was conducted based on my consent leading up to my revocation. One option to declare my revocation is to use the contact form found at https://contact.vogel.de. In case I no longer wish to receive certain newsletters, I have subscribed to, I can also click on the unsubscribe link included at the end of a newsletter. Further information regarding my right of revocation and the implementation of it as well as the consequences of my revocation can be found in the data protection declaration, section editorial newsletter.