Security

IOTATOI_LogoThe communication imbedded within the UMS1 is secure within both the hardware (physical layer) and software (virtual layer) of the solution. Security is initially based on a proprietary command data structure. Knowledge of the command protocol is not required to enable or expand the solution.  Communication is in the range of 900MHz with 50 selectable channels. Additionally, unique RFID identifiers can be established between each sensor and the UMS1 increasing the innate security of the solution. The placement of additional sensors expands this dedicated identifier to the new sensor and alignment to the designated server. This structure also enables an innate level of security as any unauthorized viewing of the data would need to have knowledge of the data origin and purpose in order to be able to discern its meaning.

The middleware security contains the following high level security capabilities:

  • Edge database connectivity via web socket tunnel-customer database to ThingWorx platform.  This sets up a secure “hole” within the customer’s firewall accessed through a proxy server.
  • 128 encryption within web socket tunnel
  • Out of the box Encryption Key Step, if needed, this is similar to using RSA feed
  • Custom authentication applications can be built as needed
  • Industry standard application authentication

To append additional communication security software frequency jumping can be enabled to ensure communication is never on the same channel at the same time. Additionally, a DES algorithm can be appended which encrypts the proprietary command data before transmission over the air. The receiver unit of a DES encrypted command would need a pre-programmed key to decrypt the command which can be selected by the client.

The primary hardware security is enabled at the processor level. To access the information imbedded within the processor the programming interface inside the chip would need to be disabled.  To accomplish this, the chip would need to be physically removed, erasing the chip, which prevents a copy of the actual firmware programmed on the u-processor chip from being accessed by unauthorized personnel.

 

Company Site