Certificate Management for IoT Devices
RomCert™ makes embedding security certificate management into resource sensitive IoT devices fast, easy and reliable while decreasing time to market.
Billions of devices now have the capability to communicate on their own to retrieve the latest application data and firmware updates across the Internet. Each of these network-enabled devices (printers, health appliances, network routers and switches, and more) are now potential targets for malicious intent. The important and unprecedented need for secure communications has never been higher.
Public Key Infrastructure (PKI) and certificate-based authentication play an integral role in securing and administering networked devices and services on the Internet today. PKI is widely deployed and many wireless and wired technologies depend upon it, including WiMax, 802.11i, SSL, SSH, DTCP-IP, WiFi, 5G and more. As an example, in many cases, PKI and certificates ensure networks and services are being accessed by assigned users and devices, in addition, to properly administering privileges. In real-world situations, certificates need to be updated to maintain the integrity of security policies as roles and operating environments change. Manually updating certificates, especially on remote network devices is error-prone, inefficient and simply can not scale with the rapid growth of network-enabled embedded devices in our high-tech environments.
RomCert™ is specifically engineered for resource sensitive embedded devices such as consumer electronics, dedicated healthcare products, energy and Smart Grid devices, military applications, and enterprise network management and control products.
As with the Allegro EdgeAgent Suite, RomCert™ works with any hardware architecture, RTOS, and TCP/IP stack; and automates certificate management in your embedded design. Offered as an option for Allegro’s RomSTL™ TLS and RomSShell™ SSH embedded solutions, RomCert™ can communicate with most any Certificate Authority (CA) via HTTP to request certificates, renew certificates, and retrieve Certificate Revocation Lists (CRL) that have been issued.
|Small code footprint||More resource available for application features|
|ANSI C Source Code Distribution||Broad processor architecture support eases porting and support|
|Processor, RTOS, and TCP/IP stack agnostic||Allegro’s products will work with new or existing hardware and software designs|
|Interface files for leading RTOS vendors provided||Minimizes porting effort, increase time to market|
|GPL Free||No licensing or development issues related to GPL|
|Communicates with CA via HTTP||Easy integration with designs already using HTTP|
|Pre-integrated with RomSTL™ embedded SSL/TLS||Decreased time to market as integration and testing with SSL/TLS is already complete|
- DRAFT – Cisco Systems’ Simple Certificate Enrollment Protocol(SCEP)
- RFC 2560 – X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP
- RFC 2616 – Hypertext Transfer Protocol — HTTP/1.1
- RFC 2617 – HTTP Authentication: Basic and Digest Access Authentication
- RFC 3280 – Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- Processor Architecture – Works with any 16-bit, 32-bit or 64-bit processor
- Operating System (OS) – Works with any OS vendor and will function without an OS if needed
- TCP/IP Stack – Works with any vendor implementation
- Filesystem – Works with any vendor implementation and will function without a filesystem if needed
- Compiler – ANSI C
Contact Us Today To Ensure Your IoT is Secure
Implementing IoT device security can be a challenge. Let us help you by sharing our proven framework for integrating a proactive security approach into your design. Click the button below to schedule a one-on-one web conference to discuss your security needs.