The path to a finished project demonstrator is taking shape: At the project meeting held at Hanover University of Applied Sciences and Arts, our staff members Prof. Henning Trsek, Natalia Moriz, and Robin Foster from the Networked Automation Systems research group participated to define the next milestones of the GraphWatch project together with the consortium partners.
Bringing Innovations to Life
The meeting focused on planning the central demonstrator. The goal is to consolidate the complex research findings into a self-contained system that clearly visualizes GraphWatch’s core innovations. The demonstrator will combine three key pillars:
- APT Detection: An illustration of the methods developed for the semi-automated identification of Advanced Persistent Threats.
- Graph-Based Machine Learning: The use of novel methods for the efficient analysis of complex network relationships.
- OT Integration via AAS: Utilizing the Asset Administration Shell (AAS) as a bridge to Operational Technology
The Administrative Shell as a Key Technology
A technical highlight of the project is the targeted use of the AAS for the structured storage of topological network information. This provides the detection system with comprehensive insight into the system structure and enables it to utilize semantic relationships.
Particularly practical: Appropriate interfaces enable the self-registration of OT devices. To ensure the security and trustworthiness of the management shell, the SignatureSubmodel—recently presented at IEEE ETFA 2025—is used.
The partners expressed their utmost satisfaction with the project's current progress. With the plans now finalized, the consortium is optimistic about implementing a compelling demonstrator that will showcase GraphWatch’s innovative capabilities.
Focus on APT Attacks
Advanced Persistent Threats (APTs) are complex cyberattacks that are specifically targeted at organizations over the long term. Attackers operate covertly to spy on sensitive data or gradually compromise systems. Due to their sophistication and persistence, APTs pose one of the greatest challenges to modern IT and OT security strategies. GraphWatch helps identify traces of these attacks as quickly as possible and provides effective support in protecting systems.
“Digital resilience begins with precise analysis. The methods used in GraphWatch provide in-depth insight into OT systems and help specialists implement effective defensive measures in a targeted manner,” summarizes the inIT team.