Related Links

Sectigo®, a provider of automated digital identity management, embedded security, and web security solutions, and Green Hills Software, the pioneer in high-assurance operating systems, have announced a global reseller agreement.

The agreement enables Green Hills Software to offer Sectigo's Icon LabsTM Embedded Firewall, integrated and optimised for use with Green Hills Software’s INTEGRITY® real-time operating system (RTOS) and its embedded high-performance TCP/IP v4/v6 host and router networking stack.

Internet-connected platform

The pairing strengthens Green Hills Software’s internet-connected platform solutions with the expanded networking security required in connected systems responsible for critical functions for automotive, industrial, medical, transportation and mil/aero industries.

Most cyberattacks on embedded systems remain undetected until it is too late. Early detection is critical as it maximises the safety of products while helping to prevent the loss of IP, disruption of services, and attacks proliferating to other portions of the system or network,” explained Alan Grau, VP of IoT/Embedded Solutions, Sectigo. “Green Hills Software’s integration of our embedded firewall with their proven and mature INTEGRITY RTOS will provide customers worldwide with a powerful combination of experience and security technology that sounds the alarm, then stops the attack.”

Critical embedded systems

The INTEGRITY RTOS microkernel architecture is designed for critical embedded systems

The INTEGRITY RTOS microkernel architecture is designed for critical embedded systems demanding proven separation, security, and real-time determinism. The operating system’s separation architecture helps manufacturers safely and securely partition software running at different levels of criticality.

For critical functions, INTEGRITY assures secure and real-time execution by means of impenetrable partitions that deliver freedom-from-interference and guaranteed system resources. The Sectigo Icon Labs Embedded Firewall enjoys widespread global adoption, combining numerous powerful and configurable features to detect and contain cyberattacks.

Disabling static filtering

Configurable filtering policies — Uses configured filtering rules to control the filtering engine. The rules provide complete control over the type of filtering performed and the specific criteria used to filter packets. Rules can be configured for:

  • Static filtering rules for IP address, MAC address, port number, and protocol number
  • Block list and allow list filtering modes
  • DPI filtering rules for message type, message contents, and message source
  • Threshold-based filtering criteria
  • Independently enabling and disabling static filtering, dynamic filtering, DPI filtering, and threshold-based filtering

Replay attack protection

EDSA Compliance support — Serves as an important building block for achieving EDSA compliance for embedded devices, providing support for many capabilities mandated by EDSA-311:

  • Protocol fuzzing and replay attack protection
  • Data flooding protection
  • Denial of service protection
  • Notification of attacks
  • Disabling of unused ports

Logging and alerting — Maintains a log of security events and policy violations, enabling command audits and forensic investigation to determine the source of an attack.

Enabling remote management

Management system integration — Incorporates an agent that enables remote management from an enterprise security manager system, or to other Security Information and Event Management (SIEM) systems. This integration provides:

  • Centralised management of security policies
  • Situational awareness and device status monitoring
  • Event management and log file analysis

Intrusion detection and prevention — Blocks all unused ports and protocols, limiting the attack surface hackers can exploit. Logging packets that violate configured filtering rules enables detection of unusual traffic patterns, traffic from unknown IP addresses, and other suspicious behaviour.

Additional cybersecurity capability

Green Hills is pleased to be adding this additional cybersecurity capability to our portfolio of industry-leading foundational security offerings,” said Dan Mender, VP of Business Development, Green Hills Software.

Protecting critical internet-connected solutions is paramount for our customers, and Sectigo’s Icon Labs Embedded Firewall capability extends our customers’ ability to design purpose-built secure solutions in automotive, industrial, medical, transportation and mil/aero markets.” Green Hills Software’s internet-connected platforms are integrated and optimised with Sectigo’s embedded firewall and are available.

Download PDF version Download PDF version

Related videos

Upgraded feature for Xesar - Now with smartphone as well!

Upgraded feature for Xesar - Now with smartphone as well!
Enhancing government security with proactive threat detection from Wavestore

Enhancing government security with proactive threat detection from Wavestore
Join the biggest hour for Earth

Join the biggest hour for Earth

In case you missed it

What are the new security applications in colleges and universities?
What are the new security applications in colleges and universities?

College campuses are meant to be places of learning, growth, and community. Fostering such an environment requires the deployment of policies and technologies that ensure safety an...

Real-time security analytics by Winston-Salem Police Department with Verkada
Real-time security analytics by Winston-Salem Police Department with Verkada

The Winston-Salem Police Department (WSPD), internationally accredited by the Commission on Accreditation for Law Enforcement Agencies (CALEA), is dedicated to proactive, data-driv...

Oil sector cybersecurity - overcoming challenges with Honeywell's csHAZOP
Oil sector cybersecurity - overcoming challenges with Honeywell's csHAZOP

A major European oil and gas company that acquires, explores, produces and supplies chemical and petroleum products had a cybersecurity challenge. Company leadership wanted a b...

Featured white papers
Security practices for hotels

Security practices for hotels

Download
Access control system planning phase 2

Access control system planning phase 2

Download
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
SIA Identity and Biometrics Symposium

SIA Identity and Biometrics Symposium

Download
Artificial intelligence

Artificial intelligence

Download
Quick poll
Which feature is most important in a video surveillance system?
More corporate news
SmartWater Technology collaborates with The Survey Association to tackle surveying equipment theft

SmartWater Technology collaborates with The Survey Association to tackle surveying equipment theft
Safeture allies with Safehotels hotel security certification

Safeture allies with Safehotels hotel security certification
Evolv releases insights based on the survey conducted by The Harris Poll regarding touchless security screening

Evolv releases insights based on the survey conducted by The Harris Poll regarding touchless security screening
Featured products
HID Signo™ Biometric Reader 25B - Multi-technology, mobile ready, fingerprint reader

HID Signo™ Biometric Reader 25B - Multi-technology, mobile ready, fingerprint reader
Anviz 8MP AI-Powered Mini Dome Network Camera with 360° Clarity

Anviz 8MP AI-Powered Mini Dome Network Camera with 360° Clarity
Verkada Monitored Alarm System

Verkada Monitored Alarm System