EMBEDDED SOFTWARE: Embedded network security
2 mins read
Recent, high profile network security issues, such as Heartbleed, have damaged the commercial reputation of some manufacturers. Similar issues have afflicted both open-source and proprietary software. Even large corporations have been exposed to major risk by downloading free security software or by not implementing basic life-cycle processes used as standard in other industries.
The security of customer data is much more critical than other areas of software and should be handled in a way which demonstrates diligence and care.
HCC provides IPv4 and IPv6 developed with strong life-cycle evidence that can be used efficiently in any embedded environment. With support for an extensive range of embedded controllers, including most ARM Cortex based devices, it can be used to ensure a high-quality, secure device connection to the Internet of Things.
HCC's TLS/SSL is a highly optimised software module designed to provide secure network communications for embedded devices. The software is developed using a rigorous adherence to MISRA C:2004 and is available with a full MISRA compliance report as well as a full UML description. The importance of using a strong development process and source code control has been emphasised by a number of high-profile security problems caused by source code errors. Network security requires a high degree of quality and traditional methods of 'freestyle coding' and test do not provide sufficient guarantees of correctness.
Key Features/Benefits
• SSL3.0, TLS1.0/1.1/1.2
• Full certificate management
• All mandatory cipher suites supported: AES, DES, DSS, EDH, MD5, RSA, SHA
All algorithms are implemented as individual libraries and, where possible, we use crypto hardware support provided on specific microcontrollers.
HCC's SSL/TLS implementation can be used as Client or Host and is designed especially for microcontrollers, ensuring a low memory footprint, typically around 20kB ROM / 8kB RAM. Typically it uses a standard sockets interface and will bring ease of integration to many embedded applications. HTTP or FTP Server support is provided for HTTPS and FTPS implementations or connection to any other secure client or server application.
The software is fully specified using IBM DOORS. For protocol elements the requirements are mapped directly to their section in the relevant RFCs to create traceability. The UML software design has been derived directly from this specification and consists of Collaboration diagrams, Object Model Diagrams, Sequence Diagrams and Activity diagrams drilling all the way down to the C code level.
HCC has been a highly respected and trusted developer of 'RTOS independent' embedded software components for nearly 15 years. HCC provides advanced communications solutions including IPv4, IPv6, SSL/TLS, USB Device & Host and supports an extensive range of class drivers, network integration and target controllers. A leading expert on flash storage and fail-safety, HCC has a number of advanced file systems that can deal with almost any storage media or performance requirement. All of HCC's software is developed using a framework making it highly portable and efficient. Projects are delivered with seamlessly integrated abstractions and drivers for a number of leading real-time operating systems including MQX, uC OS, FreeRTOS and many more.
Product range
Fail-safe File Systems for NAND/NOR
Flash Translation Layers
Smart-meter File System
eTaskSync Verifiable Scheduler
USB Device, Host & OTG Software
TCP/IPv4 & IPv6
Verifiable SSL/TLS
Fail-safe bootloaders
Standards and certifications
Products supplied with life-cycle evidence to support many standards used in medical, industrial and transport industries.
Specialist sectors / industries served
Consumer, Industrial, Communications, Medical, Transport
HCC-Embedded
24a Melville St
Edinburgh EH3 7NS
Scotland, UK
Tel: 07918 787 571
Email: david.brook@hcc-embedded.com