A lock in a dark environment. The lock is surrounded by blue PCB-like lines.
empowering communication

Security-Integration mit netX

The hardware requirements for embedded security for field devices have already been taken into account into the netX 90 chip architecture. Your device needs to authenticate itself within your system, so the firmware must have the appropriate integrity for this. The transmitted data should be encrypted to prevent unauthorized access and to offer protection against data manipulation. Role definitions ensure that only authorized users are allowed to access the device or to make changes to the device configuration and software.

All netX hardware and firmware mechanisms ensure integrity, authenticity, confidentiality and authorization and thus the availability of the device and the system.

Our firmware is optimally adapted to the netX 90 hardware for these security tasks and uses the built-in hardware accelerators to make your device compatible to standards such as IEC 62443.

Hardware ressources on-chip

Our netX 90 already includes an encryption accelerator unit that supports all current encryption methods as provided by Germany’s Federal Office for Information Security (BSI) and the IEC 62443, as well as by the real-time Ethernet protocol standards.


Cryptography

Algorithm
Standard
(NIST)

BSI

OPC UA
Secure
Comm
Secure
Boot
Symmetric CipherAES-128/192/256FIPS 197RecommendedRequiredX 
Asymmetric CipherRSA-1024/2048/3072/4096PKCS#1v2.2≥3000 bits from 2015 onwardsRequiredXX
ECC-224/250 ≥250 bits from 2015 onwards  Optional
Secure HashSH-1FIPS 180-4 RequiredX 
SHA-256/384/512Recommended from 2015 onwardsRequiredX
Random NumberTRNGNIST 800-22 RequiredX 


In addition, secure memory areas are reserved on the netX 90. This allows the integration of a secure flash file system into the firmware e.g. for key management. Therefore, all precautions for security implementations have already been taken care of. 

 

 

Our Secure Firmware Architecture

There are a number of hidden processes behind the addition of security features to our standard firmware, which we would be glad to explain to you in a dedicated training course or product workshop. It is important for you to be able to build your security architecture in terms of key management and lifecycle management as required for your use case. We support this with flexible handling of key generation and security handling.

Benefit from established secure boot mechanisms, certificate management and protocol-specific data encryption for various real-time Ethernet protocols

Your benefits
Flexible Firmware

You define your security architecture, we have the best fit firmware for you.

Reduce development efforts

Our expertise and the security measures will get you reliable and fast to your market.

Secure for all networks

The firmware concept is already prepared for all state-of-the-art Real-time Ethernet protocols.

Discover more!

Kleinster Multiprotokoll-SoC

 

Wir unterstützen Sie entlang des gesamten Lebenszyklus Ihrer netX-Integration. Vom Konzept über die Entwicklung bis zu fertigen zertifizierten Lösung. Außerdem können Sie sich bei uns auf eine langfristige Lieferfähigkeit verlassen.

Entwicklungs-Board