Embedded network security

Recent, high profile network security issues, such as Heartbleed, have damaged the commercial reputation of some manufacturers. Similar issues have afflicted both open-source and proprietary software. Even large corporations have been exposed to major risk by downloading free security software or by not implementing basic life-cycle processes used as standard in other industries. The security of customer data is much more critical than other areas of software and should be handled in a way which demonstrates diligence and care.

HCC provides IPv4 and IPv6 developed with strong life-cycle evidence that can be used efficiently in any embedded environment. With support for an extensive range of embedded controllers, including most ARM Cortex based devices, it can be used to ensure a high-quality, secure device connection to the Internet of Things.

HCC's TLS/SSL is a highly optimised software module designed to provide secure network communications for embedded devices. The software is developed using a rigorous adherence to MISRA C:2004 and is available with a full MISRA compliance report as well as a full UML description. The importance of using a strong development process and source code control has been emphasised by a number of high-profile security problems caused by source code errors. Network security requires a high degree of quality and traditional methods of 'freestyle coding' and test do not provide sufficient guarantees of correctness.

Key Features/Benefits • SSL3.0, TLS1.0/1.1/1.2 • Full certificate management • All mandatory cipher suites supported: AES, DES, DSS, EDH, MD5, RSA, SHA

All algorithms are implemented as individual libraries and, where possible, we use crypto hardware support provided on specific microcontrollers. HCC's SSL/TLS implementation can be used as Client or Host and is designed especially for microcontrollers, ensuring a low memory footprint, typically around 20kB ROM / 8kB RAM. Typically it uses a standard sockets interface and will bring ease of integration to many embedded applications. HTTP or FTP Server support is provided for HTTPS and FTPS implementations or connection to any other secure client or server application. The software is fully specified using IBM DOORS. For protocol elements the requirements are mapped directly to their section in the relevant RFCs to create traceability. The UML software design has been derived directly from this specification and consists of Collaboration diagrams, Object Model Diagrams, Sequence Diagrams and Activity diagrams drilling all the way down to the C code level.