Manualshelf

Operating Instruction

ManualsBrandsMYNXG Product ManualsElectronicsEdge FCR 3, Edge Computing Device
21222324252627282930
EDGE FCR 3 Operating Instruction
Rev. C, 2019-09-10 Release Page 21 of 64
© MYNXG Product GmbH, 2019. All rights reserved
2.8 MYNXG CTRL EDGE FCR 3 Security
Security is anchored inside the MYNXG CTRL via the Trusted Platform Module (TPM). The
TPM is a special designed and crypto logical hardened HW, able to store secrets.
The communication between the MYNXG controller and
the MYNXG Service and Transformation Layer is secured with TLS means,
in addition, the data are additionally encrypted with TLS means to protect the data
always,
the MYNXG communication with the sensors is protected through DTLS / TLS means.
Through the MYNXG public key infrastructure (PKI) the following functions are provided:
Provisioning of Certificates
Provisioning of permanently changing TLS secrets
Provisioning of permanently changing DTLS secrets
Secure SW Over The Air (OTA) downloads towards the gateway
Secure SW Over The Air (OTA) downloads to the sensor
IMPORTANT NOTICE
The EDGE FCR 3 is designed in line with the methods defined under ISO
27001. Security hardened boot sequence according to CC-EAL, and CC-
EAL based security analysis and counteractions. Every cloud or WAN /
LAN communications is encrypted at any time.
MYNXG development processes and the MYNXG products are designed in line with the
methods defined under ISO 27001, MYNXG is audited through the TÜV Rheinland. MYNXG
Digital Products and Digital Services are developed within a secured ISO 27001 compliant
development environment.
MYNXG has implemented and is provisioning the entire needed infrastructure including:
Certification Authority (CA) and PKI for the generation and distribution of secrets.
Production environment for Gateways and Sensors.
R&D environment to produce software and hardware in line with the ISO 27001.
The MYNXG architecture is compliant with the BSI recommended “Protection Profile for the
Gateway of a Smart Metering System”. The gateways are not security certified as they are
delivered but contain all functions and features for the security.