Zum Hauptinhalt springen
2026-06-30

Strengthening Cybersecurity in Industrial Data Rooms: Fraunhofer AISEC and IOSB are Security Partners for Secure Data Exchange in the Semiconductor-X Project


An industry consortium comprised of Intel, Infineon, Siemens, SAP and Bosch will develop a joint data room infrastructure for semiconductor manufacturing by September in the Semiconductor-X project, funded by the German Federal Ministry for Economic Affairs and Energy (BMWE). The Fraunhofer Institute for Applied and Integrated Security (AISEC) and the Fraunhofer Institute for Optronics, System Technologies and Image Exploitation (IOSB) have now joined the consortium as cybersecurity partners and are developing a road map for secure data rooms. The goal is to enable companies to exchange sensitive production and process data securely along the value chain. The results are also intended to support other Manufacturing-X initiatives.

Industrial companies connect machines, facilities and partners along value chains but cybersecurity often lags behind. This is precisely the challenge confronting the Manufacturing-X projects that grew out of Gaia-X. One example is the Semiconductor-X project: It is intended to enable companies in the value chain to exchange sustainability, production and process data securely and reliably in a data room.

CRA and NIS2: Road Map for Secure Industrial Data Rooms

Since companies’ roles and protected interests vary widely depending on the type of data, respective data owners ought to be able to establish and monitor the rules governing the use of their data. This is why machine-readable data use agreements are the basis for data exchange. , It is essential to enforces these agreements with technical actions to provide appropriate security guarantees.  This necessitates advanced security mechanisms, such as securing the software stacks used by means of trusted and confidential computing, particularly when data are highly sensitive.

The European legal framework requires a proactive and risk-based approach to cybersecurity too. The Cyber Resilience Act (CRA) imposes mandatory requirements on manufacturers and developers of gateways, while the NIS2 directive establishes standards for operators of federated services or hosted gateways. , Research scientists at Fraunhofer AISEC and IOSB are developing a road map for secure industrial data rooms together with the present Semiconductor-X partners. To this end, they are particularly identifying vulnerabilities and blind spots that still have to be closed for industrial use.

The research scientists are also developing specifications for data room gateways to process data of varying criticality levels and concepts for data room governance, such as processes for onboarding and certifying data room members . Another priority are guidelines for the secure development and operation of components and services. The goal is to produce context-independent results to enable direct transfer to other Manufacturing-X contexts. This will provide companies with practical guidance on creating their digital ecosystems securely from the outset.

Contact:

Tobias Steinhäußer | PR & Marketing | Fraunhofer AISEC
Lichtenbergstraße 11 | 85748 Garching near Munich, Germany | Phone +49 89 3229986-170 | presse@aisec.fraunhofer.de

The essentials

Semiconductor-X E2E Security at a Glance
  • Objective: A secure data room for semiconductor manufacturing and supply chains
  • Partners: Intel, Infineon, Siemens, SAP, Bosch, Fraunhofer AISEC, Fraunhofer IOSB
  • Project period: through the fall of 2026
  • Funding: Federal Ministry for Economic Affairs and Energy (BMWE)
The Role of Fraunhofer AISEC und IOSB
  • Development of a security road map for secure industrial data rooms
  • Security concepts for operators, members and gateways
  • Identification of outstanding security vulnerabilities and recommendations for action
  • Coordination with other data room initiatives
About the X Projects
  • Origins in Gaia-X: connected, sovereign data and cloud infrastructures
  • Manufacturing-X Initiative: Digitalization of industrial value chains and transfer of results to various industries
  • Examples: Catena-X (automotive industry), Aerospace-X (aerospace industry), Chem-X (chemical industry), Semiconductor-X (semiconductor industry)
Glossary
  • Gaia-X: A European project for the creation of a secure, sovereign and open digital infrastructure.
  • Data Space: An organizational and technical platform on which multiple companies exchange data securely with distributed control and data ownership based on shared rules.
  • Gateway: A secure software component at the company perimeter that controls data access, policy enforcement and logging in the data space.