NCP engineering IIoT Security

NCP has developed software components for secure data communication for Industrial Internet of Things (IIoT) scenarios. Several components at different points throughout the infrastructure bring back control and secure data encryption.

• IIoT Remote Gateway for secure communication of plant, machinery or systems
• Central IIoT Gateway for secure connection to IIoT Remote Gateways
• Management System for administration, monitoring and integration into existing infrastructures

IIoT Remote Gateway can be installed and used directly on systems or machinery. It can also function as a (virtual) adapter and receive data from other devices (sensors, cameras, etc.) and encrypt the data if it is not encrypted already. The central IIoT gateway receives the encrypted data from the IIoT Remote Gateway and transmits it to other systems where big data and artificial intelligence come into play, e.g. for "Behavioural Analysis". Encrypted connections ensure that IIoT Remote Gateway and the central IIoT Gateway are linked securely. Additional connections can be set up, for example, to transmit video streams to the control room. System manufacturers or operators benefit from more than encrypted communication: they gain back control over the configuration of security parameters and can commission systems more easily. Thanks to its multi-client capability, the management system is predestined for cloud environments or IIoT infrastructure which links several production sites or divisions via a common platform. Administrators can only access the production sites they need to manage and cannot access external data or protected areas. And best of all ­– you can also use the NCP Management System for Remote Access VPN  in office networks. Encryption and authentication All connections between the end devices and the gateways are encrypted with advanced algorithms (for example using Suite B cryptography). For additional security, all machine certificates are managed in a Public Key Infrastructure (PKI). This ensures unique authentication for all end devices. During each connection, device certificates are checked for validity and trustworthiness (signed by a trusted Certification Authority [CA]) and whether the certificate has been blocked by an online or offline CA. Highlights

• centrally managed machine certificates
• advanced Suite B Cryptography; for state-of-the-art data encryption and transfer
• standards-compliant
• easy integration into existing infrastructures
• centralized management of all components
• platform ready
• strong authentication
• support for virtualization
• the management system also for classic remote access VPN