Secure Software for the Internet of Things

RomSTL™

Embedded TLS Client/Server Overview

Embedded device security is always a concern when building a networked embedded device. Allegro’s RomSTL is a small, resource sensitive TLS client and server solution specifically written for use in embedded systems. RomSTL is standards based, hardware and software platform agnostic, and written from the ground up for efficient use of Allegro’s FIPS 140-2 cryptography. RomSTL supports the latest RFCs for TLS 1.2 as well as providing support for Suite B crypto algorithms. The full suite of Advanced Edition products support IPv6 and IPv4 operation to meet your embedded device development needs.

embedded ssl tls client server

RomSTL – Embedded TLS

RomSTL is a small, resource sensitive TLS client and server solution specifically engineered for rigors of embedded computing. Pre-integrated with the full suite of Allegro AE products, RomSTL makes it easy to enable TLS in your embedded designs quickly, easily, while reducing risk. RomSTL supports the latest RFC standards for TLS 1.0, TLS 1.1, and TLS 1.2 secure server and client sessions. The encryption protocols interoperate with any secure browser or server and include RSA, RC4, DES, 3DES, SHA, AES, and Suite B algorithms. Additionally, RomSTL is tightly integrated with RomCert, an embedded implementation of Online Certificate Status Protocol (OCSP) and Simple Certificate Enrollment Protocol (SCEP), that makes embedding security certificate management into resource sensitive embedded systems and consumer electronics fast, easy and reliable, while decreasing time to market. With the included libraries and certificate services your engineering team can easily build embedded devices that can participate in secure communications. RomSTL is delivered as standard ANSI-C source and built upon a highly portable and field proven abstraction layer enabling it to work with any RTOS or TCP/IP stack.

TLS and Embedded Systems

TLS Transport Layer Security) is used to create an authenticated and encrypted channel, often referred to as an encrypted tunnel, between two endpoints on an unsecured network. Open standards define peer negotiation for algorithm selection and public key exchange of secret session keys and X.509 certificates. Originally utilized by OEMS to provide secure communications when performing device management, TLS is now widely used on the Internet to secure all types of transactions and exchange of data.

The combination of ubiquitous network communications (wired or wireless) and the sheer growth of low power processor capabilities has created the perfect storm for embedded network enabled devices. Networked embedded systems are pervasive in all types of networks including: medical, energy, safety, smart grid, transportation, consumer, government applications and more. All have their own unique needs to manage and securely transport data over a network. The overwhelming choice for secure transport of data has been and will continue to be TLS.

TLS is a modernized version of SSL (Secure Socket Layer). SSL is still used by many systems, but SSL is no longer considered to provide adequate security. The SSL protocol should not be used in new secure systems designs, but RomSTL can be configured to support SSL to interact with legacy systems.

DTLS is a variant of TLS which uses UDP connections rather than TCP connections to exchange secure information. Open standards define peer negotiation for algorithm selection and public key exchange of secret session keys and X.509 certificates. For various reasons, the use of DTLS is finding a foothold in consumer based embedded applications. RomSTL supports DTLS client and server sessions as well as TLS client and server sessions.

Features

Benefits

Small code footprint

More resources available for application features

ANSI C Source Code Distribution

Broad processor architecture support eases porting and support

Processor, RTOS, and TCP/IP stack agnostic

Allegro’s products will work with new or existing hardware and software designs

Interface files for leading RTOS vendors provided

Minimizes porting effort, increase time to market

Shipping in millions of products worldwide

Field-proven reliability

Pre-integrated with RomPager Embedded Web Server

Save your development team time

GPL Free

No licensing or development issues related to GPL

RFC Compliant

Eliminates worries about compatibility

Support for hardware crypto acceleration

Allows development team to design with software or hardware assisted crypto

Supported RFCs

System Requirements

  • Processor Architecture – Works with any 16-bit, 32-bit or 64-bit processor
  • Operating System(OS) – Works with any OS vendor and will function without an OS if needed
  • TCP/IP Stack – Works with any vendor implementation
  • Filesystem – Works with any vendor implementation and will function without a filesystem if needed
  • Compiler – ANSI C

Allegro Software
1740 Massachusetts Avenue
Boxborough, MA 01719

Home | Resources | News/Events | Company | Contact | Legal

Copyright © 2018, Allegro Software Development Corporation
All Rights Reserved