The manufacturer wants to develop an IoT Gateway allowing machine and process data to be accessed from and shared with a cloud solution. As this gateway is connected to the complete OT environment, the protection of the data is of upmost importance.
We decided to develop this gateway with a secure-by-design approach with the goal to reach highest levels of security according to IEC 62443. Since the gateway does not need to execute existing code or applications that are OS dependent, we decided to design the firmware of the gateway based on KOS, a secure-by-design OS targeting embedded devices and fitting perfectly in this application.
KOS is a commercial OS developed by Kaspersky and used in the telecommunications, connected cars and factory automation industries.
Since the gateway communicates mainly through OPC UA with the cloud and the automation systems in the field and runs local machine learning algorithms, we decide to base the system on a strong x86 CPU with an additional GPU.
KOS allows securing communication by controlling communication to and from the device. Additional security features like a secure boot, secure update, secure audit, secure storage, trusted channel are part of the package.
The system runs as expected on KOS. Prototypes of the device are available and the product release is scheduled for 2021. The firmware being portable, the solution will be available as a product family on different hardware architecture with different performance, memory, GPU performance for a complete offer.
Note that BE.services is official technical and commercial partner for KasperskyOS for Industrial Automation products, worldwide.
Should you have any question on the technology, please contact us: