Author: Luca Varisco
September 20, 2022

IEC 62443 gateways: an integrated hardware and software solution

 

Eurotech has recently achieved IEC 62443-4-2 and IEC 62443-4-1 Security Level 2 certification on its integrated hardware and software solution based on the IIoT Edge Gateway ReliaGATE 10-14, the operating system Everyware Linux and its IoT Edge Framework, ESF (Everyware Software Framework). This enables secure products and services compliant with best-in-class cybersecurity standards, like our IEC 62443 gateways.
Adding to and building upon ISO 27001 and other security related standards like PSA Certified Level 1, the compliance with IEC 62443 is a further confirmation of Eurotech’s capability to satisfy the strictest cybersecurity requirements.
Compliance with both the product-related and process-related standards confirms Eurotech’s commitment towards a “cybersecurity by design” approach.

 

What is IEC 62443?

 

IEC 62443 is a series of internationally recognized standards that specify the process and product requirements for the secure development of Industrial Automation and Control Systems (IACS). It therefore addresses Industry 4.0 operators, system integrators and product manufacturers and their compliance to cybersecurity best practices.
In particular, the IEC 62443-4-1 (process related) and IEC 62443-4-2 (product related) standards highlight the importance of choosing vendors that provide hardened hardware components built with a “security by design” approach, ensuring that security best practices are followed throughout the entire product lifecycle, from PoC to full production to decommissioning phases.

 

IEC 62443-4-1

 

The IEC 62443-4-1 certification specifies process requirements for the secure development of products. These certifications ensure the highest levels of cybersecurity throughout the whole product and application lifecycle. This certificate confirms that Eurotech’s integrated solution follows a “cybersecurity by design” approach, embedding security best practices in its DNA and ensuring safety at every stage of the product lifecycle management, including vulnerability response assessments.

 

IEC 62443-4-2

 

The IEC 62443-4-2 standard is particularly important for Eurotech, as it addresses the security of the components (hardware and software) that have to be integrated into industrial automation and control systems. An important concept highlighted in this standard is the one of “hardening”, which implies that devices and software must integrate specific security features to ensure a further level of protection against cyber-attacks.

 

Why Eurotech’s gateways are compliant with IEC 62443-4-1 and IEC 62443-4-2?

 

The ReliaGATE 10-14 is an Industrial IoT Edge Gateway with sophisticated security features like Secure Boot, Anti Tampering and TPM 2.0 and already PSA Certified Level 1. To be compliant with the IEC 62443 standard – and with IEC 62443-4-2 in particular – it has been provided with specific device hardening features to furtherly enhance security.
Integrated with Eurotech’s IoT Edge Framework ESF – also PSA Certified Level 1 and integrating advanced security features such as device identity management, encrypted configuration and storage and secure OTA updates for all software components on a device – it enables industrial-grade gateway solutions compliant with IEC 62443-4-2 standard.
To achieve this particular component-related certification, it was necessary to first achieve compliance with IEC 62443-4-1. This confirms that Eurotech’s integrated solution follows the “cybersecurity by design” approach highlighted in the IEC standard, embedding cybersecurity best practices in its DNA and ensuring safety at every stage of the product lifecycle.

Integrated hardware and software
Integrated hardware and software
The strength of our solution lies in the integration of premium hardware and software, providing our customers with IEC 62443 gateways to securely and reliably connect their valuable assets and products in mission-critical applications
Cybersecurity
Cybersecurity by design
Our solution is designed with cybersecurity best practices embedded in its DNA: operators can rely on a safe and protected environment throughout the whole product lifecycle
Cybersecurity
End-to-end cybersecurity
Sophisticated cybersecurity features from Edge to Cloud: from embedded devices and edge gateways to edge software, to communication protocols and Cloud IoT integration platforms

Eurotech’s IEC 62443 gateways: the ReliaGATE 10-14 and DynaGATE 10-14

ReliaGATE 10-14

Given the focus on end-to-end security for the deployment of IoT services, the ReliaGATE-10-14 is an edge gateways designed to meet the new cybersecurity standards set by IEC 62443-4-1/2 including an anti-tamper mechanism to detect and report unauthorized access to the device, secure boot and the TPM 2.0 for secure storage and device identification.

Download the IEC 62443-4-2 and IEC 62443-4-2 certificate for ReliaGATE 10-14

 

Cybersecurity features: Edge gateway level

 

  • Secure and measured boot process
  • Anti-tamper
  • TPM 2.0
  • Device identity anchored to the device for secure attestation
DynaGATE 10-14

The DynaGATE 10-14 is an edge gateway for Public Transport and Road Vehicles that enables a fast transition to ITxPT both in existing and new deployments. It expands the traditional rugged edge gateway concept with accelerated AI and computer vision capabilities, enabling the most demanding Edge and in-vehicle computing applications in a device certified for Road Transportation deployment.

Learn more: Eurotech announces the first IEC 62443-4-2 security certified edge AI gateway for road transportation and fleet management and its new high-accuracy, AI-based automatic passenger counter

 

Cybersecurity features: Edge gateway level

 

  • Secure and measured boot process
  • Anti-tamper
  • TPM 2.0
  • Device identity anchored to the device for secure attestation

Leading Edge computing and IoT connectivity with a safe IoT Edge Framework

IoT Edge Framework

Security mechanisms are an integral component of the Everyware Software Framework (ESF), Eurotech’s IoT Edge Framework for IoT gateways. ESF ensures that strict Java and OSGi security policies are enforced at runtime and verifies that only software signed by the approved authorities is installed and enabled. Moreover, ESF maintains a list of security guidelines to be followed when hardening an IoT device.

 

Cybersecurity features: edge software level

 

  • Unique device identity and credentials
  • Signed ESF/application code
  • Encrypted configuration and storage
  • TPM 2.0 identify and storage support
  • System integrity and trusted execution
  • Secure management (audit and OTA updates for all software components on the device)

Learn more about Eurotech’s cybersecurity by design approach

Integrated hardware and software

Eurotech’s ReliaGATE 10-14 and Everyware Software Framework have been PSA Certified, ensuring standards-based security compliance for IoT deployments

 

This certification highlights Eurotech’s commitment towards providing IoT building blocks compliant with the latest cybersecurity requirements and regulations. We are very proud of having achieved the PSA Certified Level 1 and being able to offer trusted IoT solutions with a designed-in security approach.

PSA Certified Level 1 is an important milestone of the Eurotech IoT security roadmap and another step that helped us achieve IEC 62443-4-1 and IEC 62443-4-2 certifications.

 

Learn More

Zero-touch provisioning white paper

Secure IoT begins with Zero-Touch Provisioning at scale

 

What’s the largest roadblock to realizing the promise of the Internet of Things? For many organizations, the obstacle delaying widespread deployments is the strategy for onboarding the necessary edge resources for a lifetime of secure operation. In this white paper presents the solution offered by Infineon Technologies, GlobalSign, Eurotech and Microsoft to address the complex task of the onboarding of edge devices to the cloud application infrastructure.

 

Learn More