exceet connect is more than connectivity. It provides Trust as a Service. exceet connect enables secure, scalable solutions for Industrial IoT, which allows you to develop digital business models at short notice and then introduce them to the market in a timely manner. exceet connect is characterized by a multi-layer security. Deploy-ment with exceet connect can help you get started quickly and then scale on the same platform to any size. Our goal is it to help you and your team save time and costs, while minimizing your development and security risks, by providing a highly secure IoT Edge Computing Gateway embedded into a secure backend infrastructure that protects the whole life-cycle of the device.

Industrial IoT Edge Computing - YOUR KEY TO IOT

S E C U R E S O L U T I O N S

exceet connectSecure Device Management made simple

� Fog capabilites � Easiest Integration with

DevOps tools � State of the Art industrial

solution � Easy applications deployment

� Secure Element for hardware- based and tamper proof cryptography

� Usable from your IoT application via SDK

� Debian based � Highest update frequency � Secure Boot � Encrypted Filesystem � Signed Linux Kernel � Vulnerability Scanning (CVE)

SE

Secure OS

SE

Edge Computing

SE

Secure Element

� One PKI per customer � Certificate based mutual auth-

entication, simply delivered as a Service (zero conf)

� Passwordless Authentifica- tion via smartcard/yubikey

SE

Managed PKI

� Fast and reliable develop- ment & deployment of your applications

� Optimized Container for edge computing solutions

SE

Docker Orchestration

� Mender.io based � Secure OTA updates � Fallback Mechanism � Full Image updates

SE

Update capabilities

Form Faktor 3.5“ SBC

Base System

CPU NXP ARM Cortex-A9 i.MX6 Dual/quad-core up to 1.0 GHz processorRAM Capacity 2 GB of DDR3 onboard (optional: only 1 GB)Flash 8 GB of eMMC NAND Flash for OS (optional: only 4 GB)Secure Element NXP JavaCardReal Time Clock yes

EthernetChipset NXP i.MX6 integrated RGMII, USBSpeed 2 x 10/100/1000 Mbps

WatchDog Timer 1~6553s, power on/off 4s

I/O

SATA 1SATA Power 1USB 1 x USB OTG, 2 x USB Type A, additional internal USB pin headers

Serial Port 1 x RS-232 pin header, 1 x RS-484 CAN optionalGPIO 8-pin 3.3V TTL level GPIOs

SPI /I²C 1/2Expansion M.2 Socket 1 x M.2 Key B slot

PowerPower Supply Voltage 24 V

Power Type DC-inPower Consumption 5 - 7 W

EnvironmentOperating Temperature 0~50°C (Storage: -40 ~ 85°C)Operating Humidity 5 ~ 95% relative humidity, non-condensing

Mechanical Dimension (H x W x D) 165 mm x 115 mm x 33 mmCertifications CE/FCC Class B

Specifications

ServicesOS and Software Services exceet connect Security as a Service

secureOSSecure Boot High Assurance Boot (HABv4) booting only signed bootloader and kernelLinux based Long term support with updates (>10y), Based on Debian LinuxEncrypted Filesystem LUKS/dm-crypt with AES-XTS, read-only encrypted filesystem

Edge ComputingDocker container based virtualization platformDocker Registry managed infrastructure for hosting docker imagesDocker Swarm orchestration of multiple docker instances running on distributed systems

SecuritySecure Element NXP supplied Javacard crypto chipPublic Key Infrastructure dedicated PKI as a Service per customer Authentication hardware based public key authentication, also for custom applications in Docker

Updates

Full Image Updates using mender, kernel, and rootfs can be updated while keeping persistent dataSecureOS Updates update individual packages using standard OS tools, such as aptApplication Updates using our managed docker registry, individual docker applications can be updatedSecure Element using Global Platform standards, applets on the secure element can be updated

Configuration

Mobile App facilitate initial deployment of devices: easy, interactive, fastUpdate Dashboard Manage and monitor the current update and online status of devices

Zero Touch Deployment This ease-of-use feature automatically registers (enrolls) and distributes X.509 certificates and provisioning information over secure connections within a connected grid network.

Compliance IEC 62443 Manufacturer‘s declaration of compliance with IEC 62443-4-2 level 3, level 4 reachableISO 27001 Backend Services operated in ISO 27001 certified data center in GermanyAudits Regular Security and Cryptographic audits, >15y experience in regulated cryptographic services

Protocols

MQTT Message Queuing Telemetry Protocol for IoT applicationsOPC UA Machine to machine communication for industrial automationSSH Remote administration of devices, passwordless with public keys and certificatesMod - Bus RTU over RS-485, such as ASCII via Seriell or TCPProfi -Bus | Profi -Net Conformance Class - A and Conformance Class - BTLS Transport Layer Security at highest available levels, integrated with trust management and PKI

Vulnerability Analysis CVE Scanning Regular CVE Scanning with information and recommendation regarding relevant vulnerabilities 1x

About exceetCreate Digital Trust - exceet Secure Solutions builds trust in a digital world. As a member of exceet Group, we deliver secure, connected electronics solutions that drive our clients´ digital business models. We bundle hardware and software to create perfectly tuned end2end solutions that offer long-term investment security.

exceet Secure Solutions GmbHRethelstraße 4740237 Düsseldorf

Phone: +49 211 43 69 89 0Fax: +49 211 43 69 89 19E-Mail: info@exceet-secure-solutions.de www.exceet-secure-solutions.de