Kontron launches SEC-Line Platform for secure embedded computing environments
Embedded computing is morphing into edge computing, where systems deployed in the real world are always connected. In turn, this is demanding closer procurement processes between IT and OT for edge computing. Why? While smart devices are exposed to logical and physical attacks, they need to be continuously monitored, secured and maintained without adversely impacting on operational efficiency or business agility.
This is a tall order as such deployments can involve hundreds of computers: a challenge which has called for smart new innovation on the part of the embedded computing industry. Kontron has been quick to respond, totally recognizing that meeting such a challenge required a whole new set of sophisticated, easy to use, management tools for smart device embedded computers.
Please read on to find out what we’ve been working on recently…now that it’s available we believe you will be as excited as we are.
From the get go we recognized that IT needs to keep full control, without becoming overburdened and while remaining responsive to OT’s requirements.
To maximize overall business agility and competitive edge this meant ensuring operational applications would run securely inside virtual machines: the only way to offer payload insulation and consolidation. Therefore, the virtual machines must only connect through generic network connections, protected by the embedded firewall and router layer. The complexity of multi-network management and low level hardware code also needed to be handled by the firmware itself, independently of the operational payloads. This way, the embedded software could stay simple and achieve the high security levels necessary as well as operational efficiency and business agility.
We’ve engineered a brand new platform that provides the glue for joining together the physical and virtual worlds.
It’s a centrally administered on-premise IT solution for ensuring easy, rapid implementation and securing of multiple devices. Hardware enforced secure firmware and a remote management console neatly combine with Kontron embedded computers, making them easy to monitor, manage, maintain and update.
Effectively, we have enabled a trusted computing environment, allowing embedded computer hardware to function as secured servers by embedding firewall / router functions that can be remotely managed as easily as core network resources. This keeps IT in control and highly responsive to OT requests for adding or changing device software on the Edge network. Their smart devices and things can be easily vetted and rapidly deployed ‘en masse’ as required - subject to their meting pre-defined operating criteria.
Now IT can obtain and manage all firmware, network and software updates – all from a single point.
At the click of a URL, Kontron SEC-Line Open Platform puts everything at IT’s fingertips with a ready-to-go toolset for the embedded machine or device concerned, including all the BIOS, BSP, OS, Security and IP Protection.
Our new platform solution comprises two major sets of tools: a firmware based on an augmented version of OpenWRT™ and OpCenter, its remote management console. Combined with Kontron computers already qualified for demanding industry segments, the SEC-Line platform turns them into secured server routers ready for modern connected computing infrastructures - compatible with any IOT solution or application stack selected by the customer.
All the data needed to manage and maintain all the computers in the fleet is stored in OpCenter. From its console, remote computers firmware can be updated, and their multiple network and security settings captured and stored. Those settings can later be applied after device replacement at a simple click of a button. OpCenter can also import information from higher level asset management platforms, avoiding manual data entry for device creation. It can also export all the fleet data to other corporate tools in various formats.
Users can monitor remote systems and command updates of their firmware, while restoring their network and cybersecurity settings. Secure and reliable operation is enforced via encrypted channels protocols designed to operate on very intermittent connections often found in mobile operations (trains, airplanes, etc.)
OpCenter allows straightforward management of all the critical data needed by computers in the fleet, allowing easy rebuild or replacement of a unit.
Running as a standalone VM inside any infrastructure server, it maintains:
- Deployed systems information
- Computers Settings files
- Encrypted images for security updates
- *Software stacks images to initially provision VMs
- *LoRa devices keys and deployment information
In these extraordinary and challenging times it’s tougher than ever to maintain continuous operational edge systems availability while still protecting your corporate IT from exposure to cyber threat. Just how safe and secure are you feeling right now?
For more information on Kontron’s Secure Embedded Computing Solutions visit https://www.kontron.com/products/solutions/security/sec-line.html