Secure Data-in-Motion with TLS v1.3 for IoT Applications
RomSTL™ is standards-based, hardware and software platform agnostic, and written from the ground up for efficient use of Allegro’s FIPS 140-2 cryptography.
Secure Data in Motion with TLS v1.3
Embedded device security is always a concern when building a networked embedded device. Allegro’s RomSTL™ is a small, resource sensitive TLS client and server solution specifically written for use in IoT applications. RomSTL™ is standards-based, hardware and software platform agnostic, and written from the ground up for efficient use of Allegro’s FIPS 140-2 validated cryptography. RomSTL™ supports the latest RFCs for TLS v1.3 as well as providing support for Suite B algorithms. The full suite of Allegro EdgeAgent products support IPv6 and IPv4 operation to meet your embedded device development needs.
RomSTL™ – Embedded TLS
RomSTL™ is a small, resource sensitive TLS client and server solution specifically engineered for rigors of embedded computing. Pre-integrated with Allegro’ Secure IoT Suite, RomSTL™ makes it easy to enable TLS in your embedded designs quickly, easily, while reducing risk. RomSTL™ supports the latest RFC standards for TLS v1.1, TLS v1.2, and TLS v1.3 secure server and client sessions. The encryption protocols interoperate with any secure browser or server and include RSA, RC4, DES, 3DES, SHA, AES, and Suite B algorithms. Additionally, RomSTL™ is tightly integrated with RomCert™, an embedded implementation of Online Certificate Status Protocol (OCSP) and Simple Certificate Enrollment Protocol (SCEP), that makes embedding security certificate management into resource sensitive embedded systems and consumer electronics fast, easy and reliable, while decreasing time to market. With the included libraries and certificate services, your engineering team can easily build embedded devices that can participate in secure communications. RomSTL™ is delivered as standard ANSI-C source and built upon a highly portable and field proven abstraction layer enabling it to work with any RTOS or TCP/IP stack.
TLS and Embedded Systems
TLS Transport Layer Security) is used to create an authenticated and encrypted channel, often referred to as an encrypted tunnel, between two endpoints on an unsecured network. Open standards define peer negotiation for algorithm selection and public key exchange of secret session keys and X.509 certificates. Originally utilized by OEMS to provide secure communications when performing device management, TLS is now widely used on the Internet to secure all types of transactions and exchange of data.
The combination of ubiquitous network communications (wired or wireless) and the sheer growth of low power processor capabilities has created the perfect storm for embedded network enabled devices. Networked embedded systems are pervasive in all types of networks including: medical, energy, safety, smart grid, transportation, consumer, government applications and more. All have their own unique needs to manage and securely transport data over a network. The overwhelming choice for secure transport of data has been and will continue to be TLS.
TLS is a modernized version of SSL (Secure Socket Layer). SSL is still used by many systems, but SSL is no longer considered to provide adequate security. The SSL protocol should not be used in new secure systems designs, but RomSTL™ can be configured to support SSL to interact with legacy systems.
DTLS is a variant of TLS which uses UDP connections rather than TCP connections to exchange secure information. Open standards define peer negotiation for algorithm selection and public key exchange of secret session keys and X.509 certificates. For various reasons, the use of DTLS is finding a foothold in consumer based embedded applications. RomSTL™ supports DTLS client and server sessions as well as TLS client and server sessions.
|Small code footprint||More resource available for application features|
|ANSI C Source Code Distribution||Broad processor architecture support eases porting and support|
|Processor, RTOS, and TCP/IP stack agnostic||Allegro’s products will work with new or existing hardware and software designs|
|Interface files for leading RTOS vendors provided||Minimizes porting effort, increase time to market|
|Shipping in millions of products worldwide||Field-proven reliability|
|Pre-integrated with RomPager® Embedded Web Server||Save your development team time|
|GPL Free||No licensing or development issues related to GPL|
|RFC Compliant||Eliminates worries about compatibility|
|Support for hardware crypto acceleration||Allows development team to design with software or hardware assisted crypto|
- RFC 2246 – The TLS Protocol Version 1.0
- RFC 3268 – Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)
- RFC 4279 – Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
- RFC 4346 – The Transport Layer Security (TLS) Protocol Version 1.1
- RFC 4347 – Datagram Transport Layer Security
- RFC 4366 – Transport Layer Security (TLS) Extensions
- RFC 8446 – The Transport Layer Security (TLS) Protocol Version 1.2
- Processor Architecture – Works with any 16-bit, 32-bit or 64-bit processor
- Operating System (OS) – Works with any OS vendor and will function without an OS if needed
- TCP/IP Stack – Works with any vendor implementation
- Filesystem – Works with any vendor implementation and will function without a filesystem if needed
- Compiler – ANSI C
Contact Us Today To Ensure Your IoT is Secure
Implementing IoT device security can be a challenge. Let us help you by sharing our proven framework for integrating a proactive security approach into your design. Click the button below to schedule a one-on-one web conference to discuss your security needs.