A lock in a dark environment. The lock is surrounded by blue PCB-like lines.
empowering communication
On this page you will find:
Home
Technology
netX: Firmware Overview
Security implementation with netX

Security implementation with netX

The hardware requirements for embedded security for field devices have already been taken into account into the netX 90 chip architecture. Your device needs to authenticate itself within your system, so the firmware must have the appropriate integrity for this. The transmitted data should be encrypted to prevent unauthorized access and to offer protection against data manipulation. Role definitions ensure that only authorized users are allowed to access the device or to make changes to the device configuration and software.

All netX hardware and firmware mechanisms ensure integrity, authenticity, confidentiality and authorization and thus the availability of the device and the system.

Our firmware is optimally adapted to the netX 90 hardware for these security tasks and uses the built-in hardware accelerators to make your device compatible to standards such as IEC 62443.

We've embedded content from YouTube here. As YouTube may collect personal data and track your viewing behaviour, we'll only load the video after you consent to their use of cookies and similar technologies as described in their privacy policy.

By opening this video, you agree our Privacy Policy

Hardware ressources on-chip

Our netX 90 already includes an encryption accelerator unit that supports all current encryption methods as provided by Germany’s Federal Office for Information Security (BSI) and the IEC 62443, as well as by the real-time Ethernet protocol standards.


Cryptography
Algorithm		Standard
(NIST)
BSI
OPC UA		Secure
Comm		Secure
Boot
Symmetric CipherAES-128/192/256FIPS 197RecommendedRequiredX 
Asymmetric CipherRSA-1024/2048/3072/4096PKCS#1v2.2≥3000 bits from 2015 onwardsRequiredXX
ECC-224/250 ≥250 bits from 2015 onwards  Optional
Secure HashSH-1FIPS 180-4 RequiredX 
SHA-256/384/512Recommended from 2015 onwardsRequiredX
Random NumberTRNGNIST 800-22 RequiredX 


In addition, secure memory areas are reserved on the netX 90. This allows the integration of a secure flash file system into the firmware e.g. for key management. Therefore, all precautions for security implementations have already been taken care of. 

 

 

A graphical representation of the Hilscher Secure Firmware Architecture

Our Secure Firmware Architecture

There are a number of hidden processes behind the addition of security features to our standard firmware, which we would be glad to explain to you in a dedicated training course or product workshop. It is important for you to be able to build your security architecture in terms of key management and lifecycle management as required for your use case. We support this with flexible handling of key generation and security handling.

Benefit from established secure boot mechanisms, certificate management and protocol-specific data encryption for various real-time Ethernet protocols

Your benefits

Flexible Firmware

You define your security architecture, we have the best fit firmware for you.

Reduce development efforts

Our expertise and the security measures will get you reliable and fast to your market.

Secure for all networks

The firmware concept is already prepared for all state-of-the-art Real-time Ethernet protocols.

Discover more!

Smallest multiprotocol SoC

netX 90

Active
More

Competent support from the proof-of-concept stage to certification

We provide support throughout the entire lifecycle of your netX integration. From the proof of concept to development, to the final certified solution. You can also rely on our long-term availability.

More

Development board

NXHX 90-JTAG

Active
More

Newsletter Form

Fieldset

Stay Up to Date

In our newsletter we inform you regularly about our latest products, solutions as well as participation in events such as exhibitions and conferences. In this way, we offer exciting insights into the world of Hilscher and automation technology. Sign up now!

Fieldset