Security implementation with netX
The hardware requirements for embedded security for field devices have already been taken into account into the netX 90 chip architecture. Your device needs to authenticate itself within your system, so the firmware must have the appropriate integrity for this. The transmitted data should be encrypted to prevent unauthorized access and to offer protection against data manipulation. Role definitions ensure that only authorized users are allowed to access the device or to make changes to the device configuration and software.
All netX hardware and firmware mechanisms ensure integrity, authenticity, confidentiality and authorization and thus the availability of the device and the system.
Our firmware is optimally adapted to the netX 90 hardware for these security tasks and uses the built-in hardware accelerators to make your device compatible to standards such as IEC 62443.
Our netX 90 already includes an encryption accelerator unit that supports all current encryption methods as provided by Germany’s Federal Office for Information Security (BSI) and the IEC 62443, as well as by the real-time Ethernet protocol standards.
Cryptography | Algorithm | Standard (NIST) | BSI | OPC UA | Secure Comm | Secure Boot |
Symmetric Cipher | AES-128/192/256 | FIPS 197 | Recommended | Required | X | |
Asymmetric Cipher | RSA-1024/2048/3072/4096 | PKCS#1v2.2 | ≥3000 bits from 2015 onwards | Required | X | X |
ECC-224/250 | | ≥250 bits from 2015 onwards | | | Optional |
Secure Hash | SH-1 | FIPS 180-4 | | Required | X | |
SHA-256/384/512 | Recommended from 2015 onwards | Required | X |
Random Number | TRNG | NIST 800-22 | | Required | X | |
In addition, secure memory areas are reserved on the netX 90. This allows the integration of a secure flash file system into the firmware e.g. for key management. Therefore, all precautions for security implementations have already been taken care of.
Flexible Firmware
You define your security architecture, we have the best fit firmware for you.
Reduce development efforts
Our expertise and the security measures will get you reliable and fast to your market.
Secure for all networks
The firmware concept is already prepared for all state-of-the-art Real-time Ethernet protocols.
Smallest multiprotocol SoC
We provide support throughout the entire lifecycle of your netX integration. From the proof of concept to development, to the final certified solution. You can also rely on our long-term availability.