SlideShare a Scribd company logo

Datasheet_Embedded_Security_Shield

David Cozens
David Cozens
1 of 3
Download to read offline
Target Applications. Control systems in different vertical markets: ƒƒ Factory Automation – PLC, HMI, Motion Controller ƒƒ Process Automation – DCS, SCADA, Process controllers ƒƒ Energy production and distribution – RTU, Gateways, SCADA ƒƒ Building Automation – BAS, HMI ƒƒ Mobile Automation - ECU Embedded Security Shield Release 01.11.16 Scope Industrie 4.0 & IIoT SECURE CONNECTED REAL-TIMESMART A new era of Industrial production has started with Industrie 4.0. The proliferation of connected devices multiplies the risk of attacks on Cyber Physical Systems. In industrial Automation, many Industrial Control Systems integrate the CODESYS technology from 3S-Smart Software Solutions. The Embedded Security Shield extends Kaspersky’s Security System (KSS) for a complete integration into CODESYS and to secure the main communication channel, the CODESYS Gateway. © BE.services GmbH - All rights reserved. ICS Trusted Channel CODESYS Development System CODESYS COM RTS CODESYS CORE RTS Kaspersky Security System ESS Security Editor RTOS Authentication Secure Audit Secure Modes Configuration Trusted Channel Functionality ƒƒ Cyber-security of the ICS ƒƒ Protection of the CODESYS Gateway communication channel ƒƒ Configuration of security policies directly in CODESYS ƒƒ Trusted communication channel with the CODESYS Development System ƒƒ Execution of the CODESYS Runtime in a secure environment ƒƒ Extendable framework to secure customer specific software tools and communication channels Integration of the Embedded Security Shield in CODESYS
Configuration of the security modes Secure Audit Engagement model How to get? Product Manufacturer Part Number Sales Contact Embedded Security Shield Toolkit BE.services GmbH www.be-services.net 0230113 info@be-services.net Maintenance and Support package for ESS BE.services GmbH www.be-services.net 0230150 info@be-services.net © BE.services GmbH - All rights reserved. Software Package includes ƒƒ Embedded Software: -- Embedded Security Shield -- Kaspersky Security System (KSS) -- CODESYS Runtime extensions ƒƒ Development software: -- ESS Security Editor plug-in for CODESYS EMBEDDEDSECURITY SHIELD Embedded Security Shield3 The CODESYS Runtime System is divided into 2 domains: ƒƒ Communication ƒƒ Core All communication to the ICS is handeld through the Communication runtime. The Core runtime is isolated from any external commu- nications happening through the CODESYS Gateway (communication with CODESYS, network variables, OPC, OPC UA, PLCHandler, data server, etc…). All requests to the ICS come to the Communication Runtime. Their execution is checked by the Kaspersly Security System, a secure, mathematically proven, engine. KSS checks the requests with the existing security policies and allows or denies them. The verdict cache retains previous requests to speed up execution of known past requests. Security policies are defined and configured by the User’s Security Administrator using the ESS Security Editor provided as an additional plug-in in CODESYS. Secure communication for data exchange (security policies configuration, secure audit trail) between the ESS Security Editor and KSS is managed through specific trusted channel. Mechanism Domain 1 (e.g. com stack) IPC Request Command Request for Verdict Verdict delivery Verdict Cache Domain 2 (e.g. application) Microkernel(OSspecific) SecurityRuntime Security Policies Security Server Request (e.g. „stop“) 2 Features and benefits Made by experts ESS is based on Kaspersky Lab’s KSS  trusted and recognized specialist for cyber security Complete integration ESS provides the integration of KSS in CODESYS, both in the runtime and in the IDE  time and cost saving for the imple- mentation Performance Minimal delay caused by the security process  compatible with systems with hard real time behaviour Framework The system is a technology, adaptable to the existing firmware. Different/additional communication channels can be secured by the same means  complete security with a single technology Expertise for support and development BE.services can be contracted for development, extension or integration services  time and cost saving through 3rd party expertise
© BE.services GmbH - All rights reserved. Technical data General system information Runtime size Code 2.7 MB /  3.3 MB (without / with ESS) Data 0.8 MB / 1.0 MB (without / with ESS) Communication UDP / Serial / USB Trusted channel Supported CPUs X86, ARM, ARM Cortex, PowerPC Others on demand Supported operating systems Linux Others on demand Performance data Command Without ESS With ESS Application download (302 kB) 2.98 s 3.01 s File transfer (1.5 MB) 28.80 s 28.87 s OPC access (2000 variables of type byte) 4 ms 5 ms Test hardware: Xilinx Zynq ZC702 (ARM Cortex A9) Support Please contact info@be-services.net www.be-services.net Embedded Security Shield4 Evaluation Kit: Evaluate the Embedded Security Shield on the Xilinx Zynq ZC702. More information under: www.be-services.net/industrie-40/xilinx.html

Recommended

Computer security aspects in
Computer security aspects inComputer security aspects in
Computer security aspects inVishnu Suresh
 
Cloud security
Cloud securityCloud security
Cloud securityPedro Alexander Romero Tortosa
 
Cisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco Service Provider
 
Top 5 reasons to purchase cisco asa 5500 series
Top 5 reasons to purchase cisco asa 5500 seriesTop 5 reasons to purchase cisco asa 5500 series
Top 5 reasons to purchase cisco asa 5500 seriesIT Tech
 
AOS - Physical Security Solutions
AOS - Physical Security SolutionsAOS - Physical Security Solutions
AOS - Physical Security SolutionsNGINX at F5
 
CyberoamBrochure
CyberoamBrochureCyberoamBrochure
CyberoamBrochureMaliha Ali
 
Brochure network security-en
Brochure network security-enBrochure network security-en
Brochure network security-ensandeep1721
 
Cloud computing security infrastructure
Cloud computing security infrastructureCloud computing security infrastructure
Cloud computing security infrastructureIntel IT Center
 

Recommended

Computer security aspects in
Computer security aspects inComputer security aspects in
Computer security aspects inVishnu Suresh
 
Cloud security
Cloud securityCloud security
Cloud securityPedro Alexander Romero Tortosa
 
Cisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco Service Provider
 
Top 5 reasons to purchase cisco asa 5500 series
Top 5 reasons to purchase cisco asa 5500 seriesTop 5 reasons to purchase cisco asa 5500 series
Top 5 reasons to purchase cisco asa 5500 seriesIT Tech
 
AOS - Physical Security Solutions
AOS - Physical Security SolutionsAOS - Physical Security Solutions
AOS - Physical Security SolutionsNGINX at F5
 
CyberoamBrochure
CyberoamBrochureCyberoamBrochure
CyberoamBrochureMaliha Ali
 
Brochure network security-en
Brochure network security-enBrochure network security-en
Brochure network security-ensandeep1721
 
Cloud computing security infrastructure
Cloud computing security infrastructureCloud computing security infrastructure
Cloud computing security infrastructureIntel IT Center
 
Cybercom Enhanced Security Platform
Cybercom Enhanced Security PlatformCybercom Enhanced Security Platform
Cybercom Enhanced Security Platformabelsonp
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Canada
 
Sem cis ise
Sem cis iseSem cis ise
Sem cis iseLino Quivén
 
What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?Priyanka Aash
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancementsNarenda Wicaksono
 
Implementing cisco network security
Implementing cisco network securityImplementing cisco network security
Implementing cisco network securityqosnetworking
 
Implementing cisco network security
Implementing cisco network securityImplementing cisco network security
Implementing cisco network securityqosnetworking
 
Cisco security trainings
Cisco security trainingsCisco security trainings
Cisco security trainingsqosnetworking
 
ISE_Pub
ISE_PubISE_Pub
ISE_PubWill Hatcher
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Cloud computing security plan for compliance
Cloud computing security plan for complianceCloud computing security plan for compliance
Cloud computing security plan for complianceIntel IT Center
 
Business Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéBusiness Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéMarketingArrowECS_CZ
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsPresentologics
 
Corero Protects Its Customers From 'Apache Killer' DoS Exploit
Corero Protects Its Customers From 'Apache Killer' DoS ExploitCorero Protects Its Customers From 'Apache Killer' DoS Exploit
Corero Protects Its Customers From 'Apache Killer' DoS Exploitflashnewsrelease
 
PresentaionAS
PresentaionASPresentaionAS
PresentaionASandreina sardina
 
Top 50 middle eastern brands
Top 50 middle eastern brandsTop 50 middle eastern brands
Top 50 middle eastern brandsmarketinguncle
 
exceRpt: A computational exRNA-seq analysis pipeline
exceRpt: A computational exRNA-seq analysis pipelineexceRpt: A computational exRNA-seq analysis pipeline
exceRpt: A computational exRNA-seq analysis pipelineexrna
 
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...Rosewood group of Hotels & and Resorts: Branding to increase customer profita...
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...Ritvik Anand Vedantam
 
Building Your First Chatbot - A Beginner's guide
Building Your First Chatbot - A Beginner's guideBuilding Your First Chatbot - A Beginner's guide
Building Your First Chatbot - A Beginner's guideVinit Shahdeo
 
สรุป วิทยาศาสตร์ ว 23102
สรุป วิทยาศาสตร์ ว 23102สรุป วิทยาศาสตร์ ว 23102
สรุป วิทยาศาสตร์ ว 23102Foam Watiboonruang
 
Insights from Univenture 2015 by Nathan Lessons
Insights from Univenture 2015 by Nathan LessonsInsights from Univenture 2015 by Nathan Lessons
Insights from Univenture 2015 by Nathan LessonsCenter for Entrepreneurship (C4E), University of Cyprus
 

More Related Content

What's hot

Cybercom Enhanced Security Platform
Cybercom Enhanced Security PlatformCybercom Enhanced Security Platform
Cybercom Enhanced Security Platformabelsonp
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Canada
 
What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?Priyanka Aash
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancementsNarenda Wicaksono
 
Implementing cisco network security
Implementing cisco network securityImplementing cisco network security
Implementing cisco network securityqosnetworking
 
Implementing cisco network security
Implementing cisco network securityImplementing cisco network security
Implementing cisco network securityqosnetworking
 
Cisco security trainings
Cisco security trainingsCisco security trainings
Cisco security trainingsqosnetworking
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Cloud computing security plan for compliance
Cloud computing security plan for complianceCloud computing security plan for compliance
Cloud computing security plan for complianceIntel IT Center
 
Business Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéBusiness Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéMarketingArrowECS_CZ
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsPresentologics
 
Corero Protects Its Customers From 'Apache Killer' DoS Exploit
Corero Protects Its Customers From 'Apache Killer' DoS ExploitCorero Protects Its Customers From 'Apache Killer' DoS Exploit
Corero Protects Its Customers From 'Apache Killer' DoS Exploitflashnewsrelease
 

What's hot (15)

Cybercom Enhanced Security Platform
Cybercom Enhanced Security PlatformCybercom Enhanced Security Platform
Cybercom Enhanced Security Platform
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group Tagging
 
Sem cis ise
Sem cis iseSem cis ise
Sem cis ise
 
What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?What is needed in the next generation cloud trusted platform ?
What is needed in the next generation cloud trusted platform ?
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancements
 
Implementing cisco network security
Implementing cisco network securityImplementing cisco network security
Implementing cisco network security
 
Implementing cisco network security
Implementing cisco network securityImplementing cisco network security
Implementing cisco network security
 
Cisco security trainings
Cisco security trainingsCisco security trainings
Cisco security trainings
 
ISE_Pub
ISE_PubISE_Pub
ISE_Pub
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect Assets
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network Security
 
Cloud computing security plan for compliance
Cloud computing security plan for complianceCloud computing security plan for compliance
Cloud computing security plan for compliance
 
Business Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možnéBusiness Mobility - otevřete svou mysl k tomu, co je možné
Business Mobility - otevřete svou mysl k tomu, co je možné
 
Windows Server 2008 Security Enhancements
Windows Server 2008 Security EnhancementsWindows Server 2008 Security Enhancements
Windows Server 2008 Security Enhancements
 
Corero Protects Its Customers From 'Apache Killer' DoS Exploit
Corero Protects Its Customers From 'Apache Killer' DoS ExploitCorero Protects Its Customers From 'Apache Killer' DoS Exploit
Corero Protects Its Customers From 'Apache Killer' DoS Exploit
 

Viewers also liked

Top 50 middle eastern brands
Top 50 middle eastern brandsTop 50 middle eastern brands
Top 50 middle eastern brandsmarketinguncle
 
exceRpt: A computational exRNA-seq analysis pipeline
exceRpt: A computational exRNA-seq analysis pipelineexceRpt: A computational exRNA-seq analysis pipeline
exceRpt: A computational exRNA-seq analysis pipelineexrna
 
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...Rosewood group of Hotels & and Resorts: Branding to increase customer profita...
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...Ritvik Anand Vedantam
 
Building Your First Chatbot - A Beginner's guide
Building Your First Chatbot - A Beginner's guideBuilding Your First Chatbot - A Beginner's guide
Building Your First Chatbot - A Beginner's guideVinit Shahdeo
 
สรุป วิทยาศาสตร์ ว 23102
สรุป วิทยาศาสตร์ ว 23102สรุป วิทยาศาสตร์ ว 23102
สรุป วิทยาศาสตร์ ว 23102Foam Watiboonruang
 
Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016
Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016
Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016mbych
 
Rajasekhar -Having 2.6 years of Exp in to Cognos
Rajasekhar -Having 2.6 years of Exp in to Cognos Rajasekhar -Having 2.6 years of Exp in to Cognos
Rajasekhar -Having 2.6 years of Exp in to Cognos Raja sekhar
 
ppConscious Leaders v11.17
ppConscious Leaders v11.17ppConscious Leaders v11.17
ppConscious Leaders v11.17Greg Asbury
 
ABCD Profile Book 2016
ABCD Profile Book 2016ABCD Profile Book 2016
ABCD Profile Book 2016San Linn
 
Snack de Publicidad.
Snack de Publicidad.Snack de Publicidad.
Snack de Publicidad.Citibanamex
 
Diogo Rendeiro - Field notes on scaling product management - Productized16
Diogo Rendeiro - Field notes on scaling product management - Productized16Diogo Rendeiro - Field notes on scaling product management - Productized16
Diogo Rendeiro - Field notes on scaling product management - Productized16Productized
 
Additive Manufacturing, #hype or #reality?
Additive Manufacturing, #hype or #reality?Additive Manufacturing, #hype or #reality?
Additive Manufacturing, #hype or #reality?Andries Reymer
 
Making AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作る
Making AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作るMaking AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作る
Making AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作る玲 佐藤
 
Hoja de vida de Jose Leonardo Molina Gutierrez
Hoja de vida de Jose Leonardo Molina GutierrezHoja de vida de Jose Leonardo Molina Gutierrez
Hoja de vida de Jose Leonardo Molina GutierrezLeonardoG19
 

Viewers also liked (19)

PresentaionAS
PresentaionASPresentaionAS
PresentaionAS
 
Top 50 middle eastern brands
Top 50 middle eastern brandsTop 50 middle eastern brands
Top 50 middle eastern brands
 
exceRpt: A computational exRNA-seq analysis pipeline
exceRpt: A computational exRNA-seq analysis pipelineexceRpt: A computational exRNA-seq analysis pipeline
exceRpt: A computational exRNA-seq analysis pipeline
 
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...Rosewood group of Hotels & and Resorts: Branding to increase customer profita...
Rosewood group of Hotels & and Resorts: Branding to increase customer profita...
 
Building Your First Chatbot - A Beginner's guide
Building Your First Chatbot - A Beginner's guideBuilding Your First Chatbot - A Beginner's guide
Building Your First Chatbot - A Beginner's guide
 
สรุป วิทยาศาสตร์ ว 23102
สรุป วิทยาศาสตร์ ว 23102สรุป วิทยาศาสตร์ ว 23102
สรุป วิทยาศาสตร์ ว 23102
 
Insights from Univenture 2015 by Nathan Lessons
Insights from Univenture 2015 by Nathan LessonsInsights from Univenture 2015 by Nathan Lessons
Insights from Univenture 2015 by Nathan Lessons
 
Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016
Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016
Скидки и акции в гипермаркетах Магнит с 24 февраля по 08 марта 2016
 
Rajasekhar -Having 2.6 years of Exp in to Cognos
Rajasekhar -Having 2.6 years of Exp in to Cognos Rajasekhar -Having 2.6 years of Exp in to Cognos
Rajasekhar -Having 2.6 years of Exp in to Cognos
 
ppConscious Leaders v11.17
ppConscious Leaders v11.17ppConscious Leaders v11.17
ppConscious Leaders v11.17
 
ABCD Profile Book 2016
ABCD Profile Book 2016ABCD Profile Book 2016
ABCD Profile Book 2016
 
Snack de Publicidad.
Snack de Publicidad.Snack de Publicidad.
Snack de Publicidad.
 
About Lego Serious Play
About Lego Serious Play About Lego Serious Play
About Lego Serious Play
 
Diogo Rendeiro - Field notes on scaling product management - Productized16
Diogo Rendeiro - Field notes on scaling product management - Productized16Diogo Rendeiro - Field notes on scaling product management - Productized16
Diogo Rendeiro - Field notes on scaling product management - Productized16
 
Additive Manufacturing, #hype or #reality?
Additive Manufacturing, #hype or #reality?Additive Manufacturing, #hype or #reality?
Additive Manufacturing, #hype or #reality?
 
Making AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作る
Making AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作るMaking AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作る
Making AutoRun USB HID Device / 自動入力するHIDデバイスを安く簡単に作る
 
Hoja de vida de Jose Leonardo Molina Gutierrez
Hoja de vida de Jose Leonardo Molina GutierrezHoja de vida de Jose Leonardo Molina Gutierrez
Hoja de vida de Jose Leonardo Molina Gutierrez
 
The Conflict Fast Model - Agile2016
The Conflict Fast Model - Agile2016The Conflict Fast Model - Agile2016
The Conflict Fast Model - Agile2016
 
3D Printing: The presence - The Future
3D Printing: The presence - The Future3D Printing: The presence - The Future
3D Printing: The presence - The Future
 

Similar to Datasheet_Embedded_Security_Shield

Your CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and LicensedYour CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and Licensedteam-WIBU
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyNext Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyL. Duke Golden
 
Kl iot cebit_dg_200317_finalmktg
Kl iot cebit_dg_200317_finalmktgKl iot cebit_dg_200317_finalmktg
Kl iot cebit_dg_200317_finalmktgL. Duke Golden
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?William hendric
 
Symposium on Securing the IoT - Security is the future of IoT - mbed
Symposium on Securing the IoT - Security is the future of IoT - mbedSymposium on Securing the IoT - Security is the future of IoT - mbed
Symposium on Securing the IoT - Security is the future of IoT - mbedAustin Blackstone
 
2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...
2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...
2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...IEEEFINALSEMSTUDENTSPROJECTS
 
IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...
IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...
IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...IEEEGLOBALSOFTSTUDENTPROJECTS
 
The Future of Embedded and IoT Security: Kaspersky Operating System
The Future of Embedded and IoT Security: Kaspersky Operating SystemThe Future of Embedded and IoT Security: Kaspersky Operating System
The Future of Embedded and IoT Security: Kaspersky Operating SystemKaspersky Lab
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignAmazon Web Services
 
Confidential Computing overview
Confidential Computing overviewConfidential Computing overview
Confidential Computing overviewMark Argent
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiSHIVA101531
 
Secure and power the intelligent edge with Azure Sphere
Secure and power the intelligent edge with Azure SphereSecure and power the intelligent edge with Azure Sphere
Secure and power the intelligent edge with Azure SphereMicrosoft Tech Community
 
Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?Mirco Vanini
 

Similar to Datasheet_Embedded_Security_Shield (20)

Your CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and LicensedYour CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and Licensed
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyNext Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
 
Kl iot cebit_dg_200317_finalmktg
Kl iot cebit_dg_200317_finalmktgKl iot cebit_dg_200317_finalmktg
Kl iot cebit_dg_200317_finalmktg
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
152 ready eng
152 ready eng152 ready eng
152 ready eng
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?
 
Symposium on Securing the IoT - Security is the future of IoT - mbed
Symposium on Securing the IoT - Security is the future of IoT - mbedSymposium on Securing the IoT - Security is the future of IoT - mbed
Symposium on Securing the IoT - Security is the future of IoT - mbed
 
2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...
2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...
2014 IEEE JAVA NETWORKING PROJECT Secure and efficient data transmission for ...
 
IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...
IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...
IEEE 2014 JAVA NETWORKING PROJECTS Secure and efficient data transmission for...
 
The Future of Embedded and IoT Security: Kaspersky Operating System
The Future of Embedded and IoT Security: Kaspersky Operating SystemThe Future of Embedded and IoT Security: Kaspersky Operating System
The Future of Embedded and IoT Security: Kaspersky Operating System
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
Confidential Computing overview
Confidential Computing overviewConfidential Computing overview
Confidential Computing overview
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
MSC COM modules 2017
MSC COM modules 2017MSC COM modules 2017
MSC COM modules 2017
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resi
 
Secure and power the intelligent edge with Azure Sphere
Secure and power the intelligent edge with Azure SphereSecure and power the intelligent edge with Azure Sphere
Secure and power the intelligent edge with Azure Sphere
 
Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?Are you ready for Microsoft Azure Sphere?
Are you ready for Microsoft Azure Sphere?
 

Datasheet_Embedded_Security_Shield

  • 1. Target Applications. Control systems in different vertical markets: ƒƒ Factory Automation – PLC, HMI, Motion Controller ƒƒ Process Automation – DCS, SCADA, Process controllers ƒƒ Energy production and distribution – RTU, Gateways, SCADA ƒƒ Building Automation – BAS, HMI ƒƒ Mobile Automation - ECU Embedded Security Shield Release 01.11.16 Scope Industrie 4.0 & IIoT SECURE CONNECTED REAL-TIMESMART A new era of Industrial production has started with Industrie 4.0. The proliferation of connected devices multiplies the risk of attacks on Cyber Physical Systems. In industrial Automation, many Industrial Control Systems integrate the CODESYS technology from 3S-Smart Software Solutions. The Embedded Security Shield extends Kaspersky’s Security System (KSS) for a complete integration into CODESYS and to secure the main communication channel, the CODESYS Gateway. © BE.services GmbH - All rights reserved. ICS Trusted Channel CODESYS Development System CODESYS COM RTS CODESYS CORE RTS Kaspersky Security System ESS Security Editor RTOS Authentication Secure Audit Secure Modes Configuration Trusted Channel Functionality ƒƒ Cyber-security of the ICS ƒƒ Protection of the CODESYS Gateway communication channel ƒƒ Configuration of security policies directly in CODESYS ƒƒ Trusted communication channel with the CODESYS Development System ƒƒ Execution of the CODESYS Runtime in a secure environment ƒƒ Extendable framework to secure customer specific software tools and communication channels Integration of the Embedded Security Shield in CODESYS
  • 2. Configuration of the security modes Secure Audit Engagement model How to get? Product Manufacturer Part Number Sales Contact Embedded Security Shield Toolkit BE.services GmbH www.be-services.net 0230113 info@be-services.net Maintenance and Support package for ESS BE.services GmbH www.be-services.net 0230150 info@be-services.net © BE.services GmbH - All rights reserved. Software Package includes ƒƒ Embedded Software: -- Embedded Security Shield -- Kaspersky Security System (KSS) -- CODESYS Runtime extensions ƒƒ Development software: -- ESS Security Editor plug-in for CODESYS EMBEDDEDSECURITY SHIELD Embedded Security Shield3 The CODESYS Runtime System is divided into 2 domains: ƒƒ Communication ƒƒ Core All communication to the ICS is handeld through the Communication runtime. The Core runtime is isolated from any external commu- nications happening through the CODESYS Gateway (communication with CODESYS, network variables, OPC, OPC UA, PLCHandler, data server, etc…). All requests to the ICS come to the Communication Runtime. Their execution is checked by the Kaspersly Security System, a secure, mathematically proven, engine. KSS checks the requests with the existing security policies and allows or denies them. The verdict cache retains previous requests to speed up execution of known past requests. Security policies are defined and configured by the User’s Security Administrator using the ESS Security Editor provided as an additional plug-in in CODESYS. Secure communication for data exchange (security policies configuration, secure audit trail) between the ESS Security Editor and KSS is managed through specific trusted channel. Mechanism Domain 1 (e.g. com stack) IPC Request Command Request for Verdict Verdict delivery Verdict Cache Domain 2 (e.g. application) Microkernel(OSspecific) SecurityRuntime Security Policies Security Server Request (e.g. „stop“) 2 Features and benefits Made by experts ESS is based on Kaspersky Lab’s KSS  trusted and recognized specialist for cyber security Complete integration ESS provides the integration of KSS in CODESYS, both in the runtime and in the IDE  time and cost saving for the imple- mentation Performance Minimal delay caused by the security process  compatible with systems with hard real time behaviour Framework The system is a technology, adaptable to the existing firmware. Different/additional communication channels can be secured by the same means  complete security with a single technology Expertise for support and development BE.services can be contracted for development, extension or integration services  time and cost saving through 3rd party expertise
  • 3. © BE.services GmbH - All rights reserved. Technical data General system information Runtime size Code 2.7 MB /  3.3 MB (without / with ESS) Data 0.8 MB / 1.0 MB (without / with ESS) Communication UDP / Serial / USB Trusted channel Supported CPUs X86, ARM, ARM Cortex, PowerPC Others on demand Supported operating systems Linux Others on demand Performance data Command Without ESS With ESS Application download (302 kB) 2.98 s 3.01 s File transfer (1.5 MB) 28.80 s 28.87 s OPC access (2000 variables of type byte) 4 ms 5 ms Test hardware: Xilinx Zynq ZC702 (ARM Cortex A9) Support Please contact info@be-services.net www.be-services.net Embedded Security Shield4 Evaluation Kit: Evaluate the Embedded Security Shield on the Xilinx Zynq ZC702. More information under: www.be-services.net/industrie-40/xilinx.html