your key to iot - exceet connect - secure edge computing | it … · 2019. 12. 5. · exceet...
TRANSCRIPT
exceet connect is more than connectivity. It provides Trust as a Service. exceet connect enables secure, scalable solutions for Industrial IoT, which allows you to develop digital business models at short notice and then introduce them to the market in a timely manner. exceet connect is characterized by a multi-layer security. Deploy-ment with exceet connect can help you get started quickly and then scale on the same platform to any size. Our goal is it to help you and your team save time and costs, while minimizing your development and security risks, by providing a highly secure IoT Edge Computing Gateway embedded into a secure backend infrastructure that protects the whole life-cycle of the device.
Industrial IoT Edge Computing - YOUR KEY TO IOT
S E C U R E S O L U T I O N S
exceet connectSecure Device Management made simple
� Fog capabilites � Easiest Integration with
DevOps tools � State of the Art industrial
solution � Easy applications deployment
� Secure Element for hardware- based and tamper proof cryptography
� Usable from your IoT application via SDK
� Debian based � Highest update frequency � Secure Boot � Encrypted Filesystem � Signed Linux Kernel � Vulnerability Scanning (CVE)
SE
Secure OS
SE
Edge Computing
SE
Secure Element
� One PKI per customer � Certificate based mutual auth-
entication, simply delivered as a Service (zero conf)
� Passwordless Authentifica- tion via smartcard/yubikey
SE
Managed PKI
� Fast and reliable develop- ment & deployment of your applications
� Optimized Container for edge computing solutions
SE
Docker Orchestration
� Mender.io based � Secure OTA updates � Fallback Mechanism � Full Image updates
SE
Update capabilities
Form Faktor 3.5“ SBC
Base System
CPU NXP ARM Cortex-A9 i.MX6 Dual/quad-core up to 1.0 GHz processorRAM Capacity 2 GB of DDR3 onboard (optional: only 1 GB)Flash 8 GB of eMMC NAND Flash for OS (optional: only 4 GB)Secure Element NXP JavaCardReal Time Clock yes
EthernetChipset NXP i.MX6 integrated RGMII, USBSpeed 2 x 10/100/1000 Mbps
WatchDog Timer 1~6553s, power on/off 4s
I/O
SATA 1SATA Power 1USB 1 x USB OTG, 2 x USB Type A, additional internal USB pin headers
Serial Port 1 x RS-232 pin header, 1 x RS-484 CAN optionalGPIO 8-pin 3.3V TTL level GPIOs
SPI /I²C 1/2Expansion M.2 Socket 1 x M.2 Key B slot
PowerPower Supply Voltage 24 V
Power Type DC-inPower Consumption 5 - 7 W
EnvironmentOperating Temperature 0~50°C (Storage: -40 ~ 85°C)Operating Humidity 5 ~ 95% relative humidity, non-condensing
Mechanical Dimension (H x W x D) 165 mm x 115 mm x 33 mmCertifications CE/FCC Class B
Specifications
ServicesOS and Software Services exceet connect Security as a Service
secureOSSecure Boot High Assurance Boot (HABv4) booting only signed bootloader and kernelLinux based Long term support with updates (>10y), Based on Debian LinuxEncrypted Filesystem LUKS/dm-crypt with AES-XTS, read-only encrypted filesystem
Edge ComputingDocker container based virtualization platformDocker Registry managed infrastructure for hosting docker imagesDocker Swarm orchestration of multiple docker instances running on distributed systems
SecuritySecure Element NXP supplied Javacard crypto chipPublic Key Infrastructure dedicated PKI as a Service per customer Authentication hardware based public key authentication, also for custom applications in Docker
Updates
Full Image Updates using mender, kernel, and rootfs can be updated while keeping persistent dataSecureOS Updates update individual packages using standard OS tools, such as aptApplication Updates using our managed docker registry, individual docker applications can be updatedSecure Element using Global Platform standards, applets on the secure element can be updated
Configuration
Mobile App facilitate initial deployment of devices: easy, interactive, fastUpdate Dashboard Manage and monitor the current update and online status of devices
Zero Touch Deployment This ease-of-use feature automatically registers (enrolls) and distributes X.509 certificates and provisioning information over secure connections within a connected grid network.
Compliance IEC 62443 Manufacturer‘s declaration of compliance with IEC 62443-4-2 level 3, level 4 reachableISO 27001 Backend Services operated in ISO 27001 certified data center in GermanyAudits Regular Security and Cryptographic audits, >15y experience in regulated cryptographic services
Protocols
MQTT Message Queuing Telemetry Protocol for IoT applicationsOPC UA Machine to machine communication for industrial automationSSH Remote administration of devices, passwordless with public keys and certificatesMod - Bus RTU over RS-485, such as ASCII via Seriell or TCPProfi -Bus | Profi -Net Conformance Class - A and Conformance Class - BTLS Transport Layer Security at highest available levels, integrated with trust management and PKI
Vulnerability Analysis CVE Scanning Regular CVE Scanning with information and recommendation regarding relevant vulnerabilities 1x
About exceetCreate Digital Trust - exceet Secure Solutions builds trust in a digital world. As a member of exceet Group, we deliver secure, connected electronics solutions that drive our clients´ digital business models. We bundle hardware and software to create perfectly tuned end2end solutions that offer long-term investment security.
exceet Secure Solutions GmbHRethelstraße 4740237 Düsseldorf
Phone: +49 211 43 69 89 0Fax: +49 211 43 69 89 19E-Mail: [email protected] www.exceet-secure-solutions.de