IEC 62443 gateways
An integrated hardware and software solution secure by design and compliant with IEC 62443-4-1 and IEC 62443-4-2 standards
Eurotech has recently achieved IEC 62443-4-2 and IEC 62443-4-1 Security Level 2 certification on its integrated hardware and software solution based on the IIoT Edge Gateway ReliaGATE 10-14, the operating system Everyware Linux and its IoT Edge Framework, ESF (Everyware Software Framework). This enables secure products and services compliant with best-in-class cybersecurity standards, like our IEC 62443 gateways.
Adding to and building upon ISO 27001 and other security related standards like PSA Certified Level 1, the compliance with IEC 62443 is a further confirmation of Eurotech’s capability to satisfy the strictest cybersecurity requirements.
Compliance with both the product-related and process-related standards confirms Eurotech’s commitment towards a “cybersecurity by design” approach.
What is IEC 62443?
IEC 62443 is a series of internationally recognized standards that specify the process and product requirements for the secure development of Industrial Automation and Control Systems (IACS). It therefore addresses Industry 4.0 operators, system integrators and product manufacturers and their compliance to cybersecurity best practices.
In particular, the IEC 62443-4-1 (process related) and IEC 62443-4-2 (product related) standards highlight the importance of choosing vendors that provide hardened hardware components built with a “security by design” approach, ensuring that security best practices are followed throughout the entire product lifecycle, from PoC to full production to decommissioning phases.
The IEC 62443-4-1 certification specifies process requirements for the secure development of products. These certifications ensure the highest levels of cybersecurity throughout the whole product and application lifecycle. This certificate confirms that Eurotech’s integrated solution follows a “cybersecurity by design” approach, embedding security best practices in its DNA and ensuring safety at every stage of the product lifecycle management, including vulnerability response assessments.
The IEC 62443-4-2 standard is particularly important for Eurotech, as it addresses the security of the components (hardware and software) that have to be integrated into industrial automation and control systems. An important concept highlighted in this standard is the one of “hardening”, which implies that devices and software must integrate specific security features to ensure a further level of protection against cyber-attacks.
Why Eurotech’s gateways are compliant with IEC 62443-4-1 and IEC 62443-4-2?
The ReliaGATE 10-14 is an Industrial IoT Edge Gateway with sophisticated security features like Secure Boot, Anti Tampering and TPM 2.0 and already PSA Certified Level 1. To be compliant with the IEC 62443 standard – and with IEC 62443-4-2 in particular – it has been provided with specific device hardening features to furtherly enhance security.
Integrated with Eurotech’s IoT Edge Framework ESF – also PSA Certified Level 1 and integrating advanced security features such as device identity management, encrypted configuration and storage and secure OTA updates for all software components on a device – it enables industrial-grade gateway solutions compliant with IEC 62443-4-2 standard.
To achieve this particular component-related certification, it was necessary to first achieve compliance with IEC 62443-4-1. This confirms that Eurotech’s integrated solution follows the “cybersecurity by design” approach highlighted in the IEC standard, embedding cybersecurity best practices in its DNA and ensuring safety at every stage of the product lifecycle.
Eurotech’s IEC 62443 gateway: the ReliaGATE 10-14
Given the focus on end-to-end security for the deployment of IoT services, the ReliaGATE-10-14 is an edge gateways designed to meet the new cybersecurity standards set by IEC 62443-4-1/2 including an anti-tamper mechanism to detect and report unauthorized access to the device, secure boot and the TPM 2.0 for secure storage and device identification.
Cybersecurity features: Edge gateway level
- Secure and measured boot process
- TPM 2.0
- Device identity anchored to the device for secure attestation
Leading Edge computing and IoT connectivity with a safe IoT Edge Framework
Security mechanisms are an integral component of the Everyware Software Framework (ESF), Eurotech’s IoT Edge Framework for IoT gateways. ESF ensures that strict Java and OSGi security policies are enforced at runtime and verifies that only software signed by the approved authorities is installed and enabled. Moreover, ESF maintains a list of security guidelines to be followed when hardening an IoT device.
Cybersecurity features: edge software level
- Unique device identity and credentials
- Signed ESF/application code
- Encrypted configuration and storage
- TPM 2.0 identify and storage support
Eurotech’s ReliaGATE 10-14 and Everyware Software Framework have been PSA Certified, ensuring standards-based security compliance for IoT deployments
This certification highlights Eurotech’s commitment towards providing IoT building blocks compliant with the latest cybersecurity requirements and regulations. We are very proud of having achieved the PSA Certified Level 1 and being able to offer trusted IoT solutions with a designed-in security approach.
PSA Certified Level 1 is an important milestone of the Eurotech IoT security roadmap and another step that helped us achieve IEC 62443-4-1 and IEC 62443-4-2 certifications.
Secure IoT begins with Zero-Touch Provisioning at scale
What’s the largest roadblock to realizing the promise of the Internet of Things? For many organizations, the obstacle delaying widespread deployments is the strategy for onboarding the necessary edge resources for a lifetime of secure operation. In this white paper presents the solution offered by Infineon Technologies, GlobalSign, Eurotech and Microsoft to address the complex task of the onboarding of edge devices to the cloud application infrastructure.