For two of our startups, the new year begins with great news. Thanks to the support of the Technology Transfer department of the CISPA Helmholtz Center for Cybersecurity, the German Federal Ministry of Education and Research has now approved further funding applications for the "StartUpSecure" program. The CISPA supported startups Xpect and Hyde are each pleased to receive almost 0.8 million euros, which they will use to sustainably develop their ideas.
During a project period of one year, the following projects are to be brought to market with the funds provided:
Xpect AG receives funding for the sub-project "Xpect Semantic Process Studio" (XSPS). The team led by project manager Dr.-Ing. Mathias Bauer is developing a new type of solution for the secure and reliable management of corporate processes. XSPS is a software solution for interactive and partially automated correctness checks of processes with regard to relevant compliance and security properties. The technical solution approach was reviewed by CISPA postdoc Dr. Christopher Hahn and assessed as both an innovative and ambitious project with high potential benefits. The core innovation of XSPS is based on a novel approach to describe and analyze process models.
Currently, the solution is implemented as a proof-of-concept (PoC) in the form of a software development kit (SDK). The further development and testing of this PoC is one of the primary work packages to be completed within the project. In addition, a graphical process editor will be developed as a prototype. At a later stage, the team plans to make the solution accessible to third-party providers via an interface (API). It is also planned to establish a digital marketplace for modular process solutions based on XSPS via the API.
Hyde GmbH also receives funding within the second phase of the "StartUpSecure" program. The team around project leader Dr. Kurt Uwe Stoll has developed a solution for consumer analytics with a focus on data protection and data sovereignty.
Hyde wants to enable users to monetize the personal data they generate when using Internet services and thus to participate in the so-called "data economy". By establishing a marketplace for consumer data and the associated data protection-compliant handling of "digital capital," the project pays tribute to the principles of "Digital. Secure. Sovereign." of the funding program and has the potential to achieve great economic and social significance.
The technical approach to the solution was reviewed by CISPA faculty Dr. Sven Bugiel, head of the Trusted Systems research group, among others, and was judged to be both an innovative and ambitious project from an application perspective. Essentially, Hyde's solution is based on so-called "Trusted Execution Environments" (TEE). On the one hand, the solution allows private users to release the data they generate when using large Internet services such as Netflix, Spotify, etc. to Hyde for anonymized analysis. This resolves the previously existing conflict between data protection and data use. TEE provide encapsulated areas in the processor via an interface to enable calculations that are completely shielded from the rest of the system. By analyzing the data in the "secure enclaves," it is made impossible to later attribute the data to individuals and even Hyde does not get a glimpse of it at any time. B2C companies interested in market analyses can send their research in the form of search queries to Hyde in order to receive corresponding evaluations. In the future, this confidential personal and company-related data will be used to develop automatic AI agents.