Protection & Resilience

Defense & Internal Security

Reliable information security and cyber defense in a complex geopolitical environment.

The ongoing digitalisation and technological interconnection are presenting our society and economy with ever-changing challenges, particularly in terms of resilience. In addition to public authorities and organisations responsible for internal security, this also affects actors and institutions involved in national and alliance defense, as well as their supply chains.

Reliable When it Counts

Resilient IT in challenging internal and external security environments

The current shift in the geopolitical landscape towards a confrontational, multipolar order calls for decisive action, particularly when it comes to protecting IT systems, data and critical infrastructure in the security and defense sectors. These are increasingly becoming the target of hybrid threats originating from the cyber and information domains. The range of threat scenarios is diverse. They can severely impact the availability and reliability of administrative, command and control, and operational IT systems during routine operations or in crisis situations, particularly when it matters most.

The Current Security Situation in Figures

4,500

Daily cyber attacks on the Bundeswehr

They range from phishing attacks and malware infections to espionage attempts by advanced persistent threats.

2022

A turning point in defense policy

On 27 February 2022, the Federal Government responded to the new challenges facing national and alliance defense

1,500

Number of participants in Cyber Marvel 2

Participants from 27 countries are practising virtual attacks against networks and infrastructure in Asia in 36 Red and Blue teams

Well-Positioned in Cyberspace

IT security and cyber resilience are among the key strategic factors in the security and defense sector – on land, at sea, in the air, in space and, in particular, in cyberspace. Defense forces, government agencies and the security-related industry are strengthening their IT structures through decentralisation and systematic redundancy, through automated detection and defense mechanisms, and through the consistent implementation of zero-trust architectures.

Dual-use as a game-changer
At the same time, civil-military cooperation in cyberspace is gaining in importance. The exchange of situational awareness, threat intelligence and best practices enhances responsiveness – both nationally and internationally. Civilian innovations and technologies contribute to security and defence capabilities just as military developments are incorporated into civilian applications. The strategic use of dual-use technologies in the cyber and security context therefore requires close alignment between civilian and defense-oriented security requirements and objectives.

TÜVIT supports customers in tapping into this dual-use potential and building bridges between civilian and defense-related norms and standards.

Spotlights & Fokus Topics

Simulate cyber-attack scenarios

Vulnerability scans and assessments identify points of entry into the IT infrastructures of defense forces or networked systems. Penetration tests simulate the resilience of technical systems, whereas red teaming involves realistic attacks targeting all aspects of an organisation’s security.

Find out more

Minimum IT standards for all operations

We develop information security concepts (InfoSichhK) based on the IT-Grundschutz methodology, provide advice on implementation, or carry out audits. In doing so, we take into account the defense- and alliance-specific characteristics of information networks, as well as the requirements of ZDv A-960/1.

Find out more

Dedicated high-security components

TÜVIT is a testing body accredited by DAkkS in accordance with ISO/IEC 17025:2005 for IT security components (hardware/software) under the Common Criteria (CC) and EUCC. These standards form the methodological and criteria-specific basis for testing and potential approval of components for classified operations by the BSI.

About Common Criteria (CC)

Nautische Schiffsausrüstung auf einen. modernen Schiff

Navy: Cyber resilience of on-board syste

In the shipping industry, NIS-2 and IACS UR E26 and E27 form the key legal and classification framework for cybersecurity requirements. UR E27 is conceptually based on IEC 62443 and sets out in detail its principles for the IT and OT security of maritime on-board systems and their supply chains.

About IEC 62443

Cyber: QKD Testing & Verification

Quantum key distribution (QKD) provides the highest level of security for modern communication links. We test and verify QKD systems end-to-end, from optical transmission to interfaces and key management, and provide robust evidence of the integration, operation and scalability of secure quantum communication.

About QKD

Artificial Intelligence (AI)

AI, when used in the context of operational command or autonomous defene systems, requires a risk assessment that takes into account international law, security policy and ethical considerations. AI is also increasingly being used in logistics and predictive maintenance. We support companies on their journey towards robust, trustworthy AI.

Find out more

Sidekicks - Services offered by our sister companies for the security and defense sector

Long-term Storage

ALTER I HTV enables component manufacturers to preserve and store electronic components, assemblies, displays and wafers for up to 50 years, as well as to manage documentation and monitor stock levels in real time as part of an active obsolescence management programme.

Find out more

Drones & UAS

ALTER became the first state-designated conformity assessment body under Regulation (EU) 2019/945 in 2022 and has since successfully carried out various EU type examinations. As an accredited certification body (EN 17065:2012) and laboratory (EN 17025:2005), ALTER is a strong global partner to the manufacturing industry.

Find out more

Electronic Devices & Equipment

ALTER offers a wide range of industries comprehensive expertise and state-of-the-art laboratory facilities for testing services relating to electronic and electromechanical devices and components, whose demanding operating environments necessitate high standards of quality, reliability and safety.

Find out more

Cyber defense for over 30 years

Defenders by Nature - Inspired by Knowledge

We defend what matters. It’s in our nature. For over three decades, we have been protecting IT systems and data in critical application and infrastructure areas. Our mission is to strengthen technological resilience and defend mission-critical capabilities against sophisticated hybrid threats. We understand the specific requirements of national security interests and translate them into standardised protection profiles.

As an independent testing institute and accredited laboratory, we identify vulnerabilities and assess the maturity of security measures and functions, as well as their implementation at component, system and organisational levels. Independently and transparently. For technological sovereignty. For operationally ready IT systems. For trust in a connected world.

Would you like to find out more about TÜVIT’s core competencies and key service areas?

About the skills profile

You Can Meet us at These Events

25 June 2026 in Berlin, Germany

Defense Technology Exhibition (WTA)

A platform for industry professionals focusing on the latest developments and technologies in the security and defense industry.

About the event

10–11 March 2026 in Brussels, Belgium

EDF Info Days 2026

The annual flagship event offers valuable insights into the calls for proposals for the 2026 EDF, provides the latest programme updates and fosters collaboration through international networking and pitching opportunities

About the event

Flagship Projects @TÜVIT

Resilient Development & Manufacturing

Security analyses and tests for selected IT infrastructure components of a German-based supplier of machine parts for a European air defense system.

Software Security

Evaluation of the cargo management software for an air transport system in accordance with the ITSEC standard, the predecessor to the Common Criteria (CC), for an international aircraft manufacturing group.