Security and Monitoring Inspiring confidence

When connected IoT devices get massively deployed, OEMs must bear in mind that these deployments are also potential botnet breeding grounds. Highest protection states are needed to secure devices from hostile takeovers. Hardware platforms with numerous integrated security features build the foundation for highest IoT security. Jon Moseley, key account manager at congatec tells us more

importance: protection against attacks. Devices have to be reliably protected against unauthorised access, misuse and manipulation of data and know-how. In most companies, security is more or less well catered for in standard servers and workstations. However, as embedded systems get increasingly connected, vast improvements have to be made here too. So how can a device be securely integrated into the net? Basically four aspects have to be considered: reliability, connectivity, manageability, and security.


Jon Moseley as key account manager at congatec


ith the vast possibilities that come with increasing internet bandwidth and the availability of cloud and virtualisation technologies that make services portable and scalable, real and virtual worlds are coalescing into the Internet of Things (IoT). This allows device manufacturers to offer various new services for their products or to individualise their product ranges solely by licensing software over the net. With more and more connected IoT devices and the consequent increase in data volumes, security requirements are on the rise too. In addition to operational safety, which ensures that devices and their embedded systems or gateways are safe for humans and the environment, a second safety aspect is gaining tremendous

Reliability is very much determined by the hardware. The design has to be durable. Compared to a classic office PC with its average eight-hour workday, an IoT application virtually works around the clock. IoT systems are designed to deliver 24/7 operation over a long number of years. Choosing the right components is therefore essential, so ceramic capacitators are preferable to electrolytic capacitors and industrial CPUs are the right choice for non- stop operation. Long-term availability and support over a period of seven years or more are imperative too. Security starts with the computer BIOS/UEFI, and it is only the embedded CPU board or module manufacturers who can make necessary firmware updates during the product’s lifetime.

Connectivity Connectivity, i.e. the ability to communicate via various methods, is principally enabled on most computing platforms, or at least the corresponding interfaces are available. An IoT-enabled platform has to facilitate easy and safe communication. This is where the software comes into play. An IoT- enabled platform has to provide secure encryption on all communication channels. Ideally, a combination of hard- and software is used. A TPM (Trusted Platform Module) can ensure that completely random numbers are generated. So if a platform already uses TPM, this is convenient for application developers as they do not need to delve too deeply into the details.

congatec IoT starter kit 24 March 2017

Manageability IoT-connected devices also need safe management methods. Remote access and maintenance need secure data connections, while clear device identification also has to be executed via this data path. Either a TPM

Components in Electronics

Four aspects have to taken into account in IoT applications: reliability, connectivity, manageability and security

can carry out the required authentication, or alternatively, technologies common to the telecommunications sector can be deployed. TR-069, for example, is a protocol for data exchange between the server of a communication provider and a connected terminal at the end-user side. This protocol is used for secure remote configuration of DSL routers. Mobile phones use OMA DM for initialisation, configuration, upgrades and error management. This protocol is also suitable for the IoT.


The functions of an IoT device are precisely defined, which means that software initiation can be protected via ‘whitelisting‘. This guarantees that only authorised software is run and malware cannot be initiated. To realise these quite diverse demands on IoT devices as quickly, easily and securely as possible, congatec has developed a starter kit that offers exactly these features and is based on Qseven computer modules with the latest Intel Atom processors (codename Apollo Lake). The kit further features ‘Intel Gateway Solutions for IoT’ with software from Wind River and McAfee. A perfectly tailored IoT communication API is another aid for integrating enhanced security measures, as it helps OEMs to rely on proven and tested communication paths and not to open unnecessary security pitfalls.

IoT gateway

One platform that is capable of meeting all these requirements is the flexible congatec IoT gateway platform for OEMs custom gateway designs. This platform is application ready and easily customisable for rapid field deployment. Latest versions of these gateways are being launched at embedded world 2017 and are equipped with Intel Atom processors and congatec’s new IoT API that standardises the IoT interface to the embedded hardware while

at the same time making it transparent, open and secure for OEM designs. The conga-IoT gateway platform offers

extreme levels of flexibility in terms of processing performance and software integration. In order to deliver optimal and rapid IoT gateway designs, congatec developed the platform to support scalable computing performance utilising Qseven modules for deployment in emerging IoT gateway and edge computing application scenarios, up to high availability fog computing systems. In regards to

congatec IoT gateway platfom

connectivity it is able to host up to eight wireless antennas that can be connected to three mini PCI Express slots and six internal USB based slots for wireless and wired connectivity modules. Customised system designs can be created upon request. OEMs utilising the gateway platform benefit from a pre-configured, pre-certified IoT gateway that can easily connect a wide range of heterogeneous sensors and systems to cloud-based services. Target uses include Industrial Internet of Things (IIoT) applications such as smart cities, smart agriculture, connected homes and vehicles, digital signage systems and other IoT applications.

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52