At duagon, we supply products with security features for transport, medical and industrial application. Our structured development processes, our understanding of security features and extensive experience in embedded systems development, allow us to deliver our security products with all the necessary security requirements already fulfilled.
At duagon, our customers have the advantage of having everything they need for their secure application supplied by a single supplier. By having secure hardware products and software features all under one roof, our customers have one single point of contact working with them from the very beginning of their project, through to continued support once the system is running.
With the rise of IoT and interconnectivity, systems have become fast and efficient – but also vulnerable. The importance of cyber security needs to be taken seriously, as the damage caused by cybercrime has increased significantly over the past few years. duagon offers cyber secure products and feature service packages that focus on ensuring a secure, interference-free operation of your application.
Functional Safety is already well established in mission-critical applications. True safety however cannot be achieved without adequate security measures. With a rapidly growing focus and increased investments, cyber security is essential in making any system or application future-proof.
The increasing number of devices and device connectivity has led to a sharp rise in newly discovered vulnerabilities. As more vulnerabilities are constantly being discovered, existing devices are also more likely to contain these vulnerabilities, which increases their susceptibility to hackers. The consequences of a hacker attack can be devastating and cause, among others, a loss of sensitive data, system disruption and downtime, and can even cause reputational damage. Mission-critical applications in particular, such as the medical or railway industries, should strive to minimize such risks.
A security strategy is needed, to protect systems from outside threats. duagon’s cyber security services focuses on protecting computer boards and systems (in general on-board units (OBU), vehicle control units (VCU), etc.) from outside interference and hackers who could damage or destroy the software, steal sensitive electronic data or disrupt services. duagon provides means to protect systems against harm that may be done via network access, malicious data, and code injection.
Train control systems for vital and non-vital functions: Interfaces are continuously exchanging control, monitoring and status data to ensure overall operation and safety. Any malicious interference with this data exchange and onboard computer systems, could result in a complete loss of control and safety.
The development of computer systems for the control and operation of modern trains has led to a vast improvement in rail reliability and efficiency, both trackside and onboard. Through train networking and connectivity, more and more trains can be maintained remotely, and passengers are offered high-performance internet, infotainment and convenient real-time information access. However, with Train Control Networks (TCN) and Ethernet based technologies (ECN) being used to control modern railway systems, these systems could become a gateway to cyber security attacks. Hackers might try to gain control of the train or limit normal operation by a number of typical cyber-attack strategies.
duagon platforms are used as the basis of various elements in the vital and non-vital network as shown above. With the cyber security feature set and software packages provided by duagon, our customers are able to implement fully secure solutions: to prevent, detect or eliminate intrusions into the rail network.
duagon INTRUSION DETECTION SOLUTIONS
duagon’s cyber security Intrusion Detection Devices (IDD) for MVB and real time Ethernet (TRDP, PROFINET, CIP and other typical ECN protocols, are based on duagon’s extensive experience in ECN/TCN networks. As the leading global expert for ECT/TCN communication on board trains, our solutions are created based on experience and knowledge gathered over thousands of successful rail projects using MVB/WTB, CAN, ETB, TRDP, CIP, PROFINET, IPTCom, and more
Our intrusion detection devices can trace violations of IT security according IEC 62443 (and in future TS 50701). The device can help achieve the required security levels as defined in current safety standards. The devices can be used to prepare rolling stock to comply with national regulations (e.g. like the EU NIS directive).
DUAGON CYBER SECURITY: FEATURE PACKAGES
The duagon standard range of cyber security products and services is structured to match the risk exposure of your device. Train builder specific feature packages are also available.
Our security solutions consist of state-of-the-art product security features combined with the necessary services to ensure the security of your product throughout its lifecycle. For this purpose, different feature packages are available, ranging from simple configuration guides to sophisticated solutions with protected booting of signed SW images, digital key and certificate management, penetration testing, vulnerability monitoring, and more.
- Secure Boot
- Centralized User Authentication (no local password storage)
- Code Signing and Integrity Checking (Authentication/PKI)
- Customer-specific service packages
- Vulnerability Watch & Security Updates
- Protected Boot Chain
- Memory/Mass Storage/Communication Encryption
D153E PC/104 Ethernet Interface
The D153E is a multi-purpose dual Ethernet Controller Interface with embedded processing power, designed for PC/104 host systems.
D517 Secure Gateway
The D517 is a secure Ethernet-to-Ethernet gateway. The integrated firewall implements a design-time configurable IP packet filter.
MC50M DIN-Rail Computer with Intel Atom Processor for Rolling Stock
Modular Computer for Rail-IT and Digital Rail Systems with Intel CPU for a Standard DIN Rail Mount
At duagon we have a wide range of standard products ready for use, and our products can be customized for use in a specific application environment. Our sales team is here to provide more specific information about our standard hardware range, our software technology, the required standards and certifications, and, together with our team of engineers, developing the optimal solution to your specific application requirements.