Our netX 90 already includes an encryption accelerator unit that supports all current encryption methods as provided by Germany’s Federal Office for Information Security (BSI) and the IEC 62443, as well as by the real-time Ethernet protocol standards.
Cryptography | Algorithm | Standard (NIST) | BSI | OPC UA | Secure Comm | Secure Boot |
Symmetric Cipher | AES-128/192/256 | FIPS 197 | Recommended | Required | X | |
Asymmetric Cipher | RSA-1024/2048/3072/4096 | PKCS#1v2.2 | ≥3000 bits from 2015 onwards | Required | X | X |
ECC-224/250 | ≥250 bits from 2015 onwards | Optional | ||||
Secure Hash | SH-1 | FIPS 180-4 | Required | X | ||
SHA-256/384/512 | Recommended from 2015 onwards | Required | X | |||
Random Number | TRNG | NIST 800-22 | Required | X |
In addition, secure memory areas are reserved on the netX 90. This allows the integration of a secure flash file system into the firmware e.g. for key management. Therefore, all precautions for security implementations have already been taken care of.