"This site requires JavaScript to work correctly"

DIT Research

Pioneering & Vibrant

Institute ProtectIT.

Protection - Detection - Reaction

We conduct application-oriented research into the protection of industrial automation technology, critical infrastructures, electronic systems in automobiles and avionics, and other embedded systems against threats arising from the use of information technology. Targeted cyber attacks, trojans, viruses and even faulty configurations pose a threat to embedded IT and IoT systems. The disruption of technical processes in machines and plants can cause production downtimes, the non-availability of critical infrastructures, e.g. water or power supplies, or hazards to life and limb due to malfunctioning control systems. Together with our industrial and academic partners, we create practical solutions to protect these systems.



Professors, Staff Member & Contact Persons






Core Competencies

The core competencies of ProtectIT are in the field of protection and strengthening of networked embedded systems, detection of anomalies and attacks in network traffic, for example by means of artificial intelligence, as well as conception, development and analysis of suitable reaction measures to IT security incidents (reaction).

The working group Protection deals with the topic of cryptographic engineering, a relatively young, multidisciplinary field. This deals with the secure implementation of cryptographic procedures. The correct development, implementation and validation of state-of-the-art cryptographic methods in hardware and software requires the cooperation of experts in mathematics, electrical engineering and computer sciences. As is so often the case, however, the devil is in the detail. Apparently small changes can have serious effects on the security of the overall system.




Increasing digitalisation and networking, driven by the Internet of Things and Big Data, for example, are creating a much higher potential for attack. In addition, attacks are constantly evolving (Advanced Persistent Threats, APT). Firewalls and purely signature-based processes quickly reach their limits and are not sufficient for comprehensive protection in future communication networks.

The Detection working group has set itself the goal of developing Network Intrusion Detection systems together with industry partners that enable a systemic IT security strategy through a hybrid approach. Part of this hybrid approach are classical methods, e.g. rule-based anomaly detection with Snort, as well as modern machine learning methods, which are especially optimised for embedded systems, e.g. Isolation Forest, LODA. Target industries are the industrial sector (e.g. Industry 4.0) and the automotive sector (e.g. Car-to-X).



An important point in an overall IT security concept is the reaction to a detected incident. We work with companies to develop suitable concepts for them on how to react quickly to an incident. For this purpose, we develop suitable visualizations and suitable reporting and evaluation tools. However, measures are also developed, such as a relapse level in which the most important functions in the network can be maintained in order to be able to operate machines and plants in a protected manner in an emergency operation. Trusted Computing approaches are used that have been transferred to the embedded world.

In addition, we deal with systems that react semi-autonomously or fully autonomously and that can react independently in the event of a detected incident. For this purpose, suitable algorithms for the aggregation and correlation of alarm messages are being researched. The aim is to develop systems that can harden themselves, for example by creating suitable filters. Current research focuses on the use of Software Defined Networking (SDN) in industrial and automotive networks, which allows the reconfiguration of network components during operation. Using state-of-the-art technologies, such as P4, reaction mechanisms for real-time networks are also being researched.



Applied research and development at DIT is carried out in close cooperation with partners from industry. This industry-oriented research of the university differs from the classical basic research in the universities by the emphasis on application and use. For this purpose, special research groups have already been formed in the fields of technology and business in order to bundle competencies, ideas and know-how.

European cutting-edge technology is characterised by intensive cooperation between industry, universities and institutes. At the Deggendorf University of Technology this is taken into account by a wide range of research and development:

  • Research and development cooperations between companies, institutes and universities
  • Contract research and development for the SME's
  • Research within the framework of public funding programmes
  • Studies within the framework of university projects
  • Development of innovative technologies, products and ideas
  • Individual project or cooperation in "clusters

Feel free to contact our team and staff.



Finde our publications here.


Current projects:


The courses on "Cyber Security" are concerned with curbing potential dangers arising from the use of digital processes.
 "According to current studies, an estimated 1.8 million employees will be missing in the cyber security industry by 2022,
Prof. Dr. Martin Schramm (Head of ProtectIT)


The Cyber Security course comprises a total of seven semesters - six theoretical and one practical, which is designed as a 20-week internship.

In addition to detailed specialist knowledge, you will also acquire interdisciplinary key qualifications and additional methodological and social skills: We promote your personality development, support you in working methods and self-organisation and show you how to successfully plan and carry out projects. Already in the fourth semester, students independently deal with current topics of cyber security in the course of a selectable project work. Especially from the sixth semester onwards, you can choose individual modules from the technical range offered by the university. These options will be successively expanded so that you can choose your respective specialisation largely independently. In the seventh semester you will mainly be busy writing your bachelor thesis. As a rule, you do this in an industrial company or in the university's laboratories as part of industry-related research projects.

Individual study semesters, the industrial internship or the bachelor thesis can, of course, also be completed abroad.

Upon successful completion of the examinations and the final thesis, the Deggendorf University of Technology awards the academic degree "Bachelor of Science" (B.Sc.).

Further informationen about the bachelor programme Cyber Security can be found here.


The master for more IT security in your company, with the specializations

  •     Master Cyber Security, Automotive IT Security, M.Eng.
  •     Master Cyber Security, Industrial IT Security, M.Eng.


Further informationen about our Master Cyber Security programm can be found here.

Projects & Theses

Are you looking for an exciting, challenging and industry-oriented job? Then we look forward to getting to know you. We are regularly looking for students and engineers in the fields of electrical engineering, computer science and mechatronics who would like to meet the challenges in the field of embedded security. In addition, we offer Bachelor's and Master's theses (also in cooperation with our industrial partners), Master's of Applied Research topics and also regular employment as a research assistant or project engineer.

Bachelor's and Master's theses can be carried out as internships. In general, Master's theses can also be completed as Bachelor's theses under certain conditions. If you are interested, please contact the institute management or one of the staff members.

We look forward to receiving your unsolicited application and applications for job advertisements on Stellenbörse der THD.