Security and Connectivity for IoT Devices

Menu

RomCert™

Security and Connectivity for the IoT Edge

Automated Security Certificate Management for Embedded Systems

RomCert is a platform-independent implementation of the Online Certificate Status Protocol (OCSP) and the Simple Certificate Enrollment Protocol (SCEP) and makes embedding security certificate management into resource sensitive embedded systems and consumer electronics fast, easy and reliable while decreasing time to market.

embedded automated x509 certificate managment toolkit

RomCert

Billions of devices now have the capability to communicate on their own to retrieve the latest application data and firmware updates across the Internet. Each of these network-enabled devices (printers, health appliances, network routers and switches, and more) are now potential targets for malicious intent. The important and unprecedented need for secure communications has never been higher.

Public Key Infrastructure (PKI) and certificate-based authentication play an integral role in securing and administering networked devices and services on the Internet today. PKI is widely deployed and many wireless and wired technologies depend upon it, including WiMax, 802.11i, SSL, SSH, DTCP-IP, WiFi, 3G and more. As an example, in many cases, PKI and certificates ensure networks and services are being accessed by assigned users and devices, in addition, to properly administering privileges. In real-world situations, certificates need to be updated to maintain the integrity of security policies as roles and operating environments change. Manually updating certificates, especially on remote network devices is error-prone, inefficient and simply can not scale with the rapid growth of network-enabled embedded devices in our high-tech environments.

RomCert is specifically engineered for resource sensitive embedded devices such as consumer electronics, dedicated healthcare products, energy and Smart Grid devices, military applications, and enterprise network management and control products.

As with the Allegro EdgeAgent Suite, RomCert works with any hardware architecture, RTOS, and TCP/IP stack; and automates certificate management in your embedded design. Offered as an option for Allegro’s RomSTL TLS and RomSShell SSH embedded solutions, RomCert can communicate with most any Certificate Authority (CA) via HTTP to request certificates, renew certificates, and retrieve Certificate Revocation Lists (CRL) that have been issued.

Features

Benefits

Small code footprint

More resources available for application features

ANSI C Source Code Distribution

Broad processor architecture support, eases porting and support

Processor, RTOS and TCP/IP stack agnostic

Allegro’s products will work with new or existing hardware and software designs

Interface files for leading RTOS vendors provided

Minimizes porting effort, increase time to market

GPL Free

No licensing or development issues related with GPL

Communicates with CA via HTTP

Easy integration with designs already using HTTP

Pre-integrated with RomSTL embedded SSL/TLS

Decreased time to market as integration and testing with SSL/TLS is already complete

Supported RFCs

System Requirements

  • Processor Architecture – Works with any 16-bit, 32-bit or 64-bit processor
  • Operating System(OS) – Works with any OS vendor and will function without an OS if needed
  • TCP/IP Stack – Works with any vendor implementation
  • Filesystem – Works with any vendor implementation and will function without a filesystem if needed
  • Compiler – ANSI C

WHITEPAPERS

Best Practices for Managing IoT Related Risks

Allegro’s “Best Practices” document addresses the topic of IoT security related risks by taking a closer look at Critical Requirements and Functional Implementation.

ARTICLES

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Download Allegro’s Playbook

  • This field is for validation purposes and should be left unchanged.

Contact Us Today

  • This field is for validation purposes and should be left unchanged.